+#!/bin/sh
+
+UNAME_VALID='
+ # Remove trailing CR, which may have been added by browser
+ s;\r$;;;
+ # Collapse white spaces
+ s;[\r\t\n ]+; ;;
+ # Remove starting and trailing white spaces
+ s;^ ;;; s; $;;;
+ # Usernames starting with & # ? @ + will be invalid
+ /^[&#?@+]/d;
+ # Usernames containing a / will be invalid
+ /\//d;
+ # Usernames must be between 3 and 24 characters
+ /...+/!d; /.{25}/d;
+ # Usernames may not span multiple lines
+ q;'
+username(){
+ { [ $# -eq 0 ] && cat || printf %s "$*"; } \
+ | sed -E ':X; $!{N;bX;}'"$UNAME_VALID"
+}
+
+nickname="$(COOKIE nick |username)"
+if [ ! "$nickname" ]; then
+ nickname='?Guest'
+elif [ ! -d "$_DATA/@$nickname" ]; then
+ nickname="?$nickname"
+else
+ userclient="$(COOKIE user_client)"
+ secuid="$(cat "$_DATA/@$nickname/secuid")"
+ clientid="${userclient%%-*}"
+ clientid="${clientid}-$(printf '%s%s' "${clientid}" "${secuid}" |sha256sum)"
+ clientid="${clientid%% *}"
+ if [ "$clientid" = "$userclient" ]; then
+ nickname=" $nickname"
+ SET_COOKIE +"$((86400 * 365))" "user_client=${clientid}" HttpOnly
+ SET_COOKIE +"$((86400 * 365))" "nick=$(URL "${nickname}")"
+ else
+ nickname='?Guest'
+ fi
+fi
+
+case $(POST action) in
+ nick)
+ nick="$(POST nickname |username)"
+ if [ ! -d "$_DATA/@$nick" ]; then
+ SET_COOKIE +1209600 "nick=$(POST nickname |URL)"
+ REDIRECT "$(URL "/$LOCATION")"
+ else
+ # ToDo: Return Error Message
+ REDIRECT "$(URL "/$LOCATION")?settings#nick"
+ fi
+ ;;
+ register)
+ regnick="$(POST regnick |username)"
+ userdir="$_DATA/@${regnick}"
+ if [ "$regnick" ] && mkdir "$userdir"; then
+ secuid="$(randomid)"; clientid="$(randomid)"
+ printf %s\\n "$secuid" >"${userdir}/secuid"
+ clientid="${clientid}-$(printf '%s%s' "${clientid}" "${secuid}" |sha256sum |cut -d\ -f1)"
+ SET_COOKIE +"$((86400 * 365))" "user_client=${clientid}" HttpOnly
+ SET_COOKIE +"$((86400 * 365))" "nick=$(URL "${regnick}")"
+ REDIRECT "$(URL "/$LOCATION")"
+ else
+ # ToDo: Return Error Message
+ REDIRECT "$(URL "/$LOCATION")?settings#register"
+ fi
+ ;;
+esac