X-Git-Url: http://git.plutz.net/?p=cgilite;a=blobdiff_plain;f=cgi.sh;fp=cgi.sh;h=0000000000000000000000000000000000000000;hp=f79d41635746e19ce821700ec9fe80a8956913a0;hb=3fdb8e7e2ed8fcf3129de33147d1dd3b4a204b21;hpb=c287482dc24988cabd48a085e6d752d12b489550 diff --git a/cgi.sh b/cgi.sh deleted file mode 100755 index f79d416..0000000 --- a/cgi.sh +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/zsh - -# Copyright 2014 - 2016 Paul Hänsch -# -# This file is part of shcgi. -# -# shcgi is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# shcgi is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with shcgi. If not, see . - -unset _GET _POST _REF _COOKIE -declare -A _GET -declare -A _POST -declare -A _REF -declare -A _COOKIE - -[ -z "$HTTP_REFERER" ] && HTTP_REFERER="./" - -# parse HTTP GET string -debug "== CGI DATA: GET ==" -printf '%s\n' "$QUERY_STRING" |tr '&' '\n' |while read query; do - key="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\1:')" - val="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\2:')" - _GET[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")" - debug "_GET[$key] => $val" -done - -if [ "$REQUEST_METHOD" = POST -a "${HTTP_CONTENT_LENGTH:=$CONTENT_LENGTH}" -gt 0 ]; then - # parse HTTP POST string - debug "== CGI DATA: POST ==" - head -c "$HTTP_CONTENT_LENGTH" \ - | sed -un 's;&;\n;g; p; q' \ - | while read query; do - key="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\1:')" - val="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\2:')" - value="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g;')")" - n='' - if [ -n "${_POST[$key$n]+x}" ]; then - n=0 - while [ -n "${_POST[$key$n]+x}" ]; do n=$(($n + 1)); done - fi - _POST[$key$n]="$value" - debug "_POST[$key$n] => $value" - done -fi - -cgi_refdata() { # Parse GET data from referer - debug "== CGI DATA: REFERER ==" - printf '%s\n' "${HTTP_REFERER#*\?}" |tr '&' '\n' |while read query; do - key="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\1:')" - val="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\2:')" - _REF[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")" - debug "_REF[$key] => $val" - done -} - -cgi_cookie() { # Parse GET data from referer - debug "== CGI DATA: COOKIE ==" - printf '%s\n' "$HTTP_COOKIE" |tr ';' '\n' |while read query; do - key="$(printf %s "$query" |sed -r 's:^ *([\.a-zA-Z0-9_-]+)=(.*)$:\1:')" - val="$(printf %s "$query" |sed -r 's:^ *([\.a-zA-Z0-9_-]+)=(.*)$:\2:')" - _COOKIE[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")" - debug "_COOKIE[$key] => $val" - done -} - -htmlsafe(){ - # escape HTML code from string - - printf %s "$*" \ - | sed 's;&;\&\;;g; - s;<;\<\;;g; - s;>;\>\;;g; - s;";\"\;;g; - s;/;\/\;;g; - s;'\'';\'\;;g;' -} - -urlsafe(){ - # Code every character in URL escape hex format - # except alphanumeric ascii - - printf %s "$*" \ - | hexdump -v -e '/1 ",%02X"' \ - | tr , % \ - | sed 's;%30;0;g; s;%31;1;g; s;%32;2;g; s;%33;3;g; s;%34;4;g; s;%35;5;g; - s;%36;6;g; s;%37;7;g; s;%38;8;g; s;%39;9;g; - s;%41;A;g; s;%42;B;g; s;%43;C;g; s;%44;D;g; s;%45;E;g; s;%46;F;g; - s;%47;G;g; s;%48;H;g; s;%49;I;g; s;%4A;J;g; s;%4B;K;g; s;%4C;L;g; - s;%4D;M;g; s;%4E;N;g; s;%4F;O;g; s;%50;P;g; s;%51;Q;g; s;%52;R;g; - s;%53;S;g; s;%54;T;g; s;%55;U;g; s;%56;V;g; s;%57;W;g; s;%58;X;g; - s;%59;Y;g; s;%5A;Z;g; - s;%61;a;g; s;%62;b;g; s;%63;c;g; s;%64;d;g; s;%65;e;g; s;%66;f;g; - s;%67;g;g; s;%68;h;g; s;%69;i;g; s;%6A;j;g; s;%6B;k;g; s;%6C;l;g; - s;%6D;m;g; s;%6E;n;g; s;%6F;o;g; s;%70;p;g; s;%71;q;g; s;%72;r;g; - s;%73;s;g; s;%74;t;g; s;%75;u;g; s;%76;v;g; s;%77;w;g; s;%78;x;g; - s;%79;y;g; s;%7A;z;g; s;%2D;-;g; s;%2E;.;g; s;%2F;/;g; s;%5F;_;g' -} - -attribsafe(){ - # Code every character in HTML escape hex format - # except alphanumerig ascii - - printf %s "$*" \ - | iconv -f utf-8 -t utf32le \ - | hexdump -v -e '/4 "&#x%02X;"' \ - | sed 's;0\;;0;g; s;1\;;1;g; s;2\;;2;g; s;3\;;3;g; s;4\;;4;g; s;5\;;5;g; - s;6\;;6;g; s;7\;;7;g; s;8\;;8;g; s;9\;;9;g; - s;A\;;A;g; s;B\;;B;g; s;C\;;C;g; s;D\;;D;g; s;E\;;E;g; s;F\;;F;g; - s;G\;;G;g; s;H\;;H;g; s;I\;;I;g; s;J\;;J;g; s;K\;;K;g; s;L\;;L;g; - s;M\;;M;g; s;N\;;N;g; s;O\;;O;g; s;P\;;P;g; s;Q\;;Q;g; s;R\;;R;g; - s;S\;;S;g; s;T\;;T;g; s;U\;;U;g; s;V\;;V;g; s;W\;;W;g; s;X\;;X;g; - s;Y\;;Y;g; s;Z\;;Z;g; - s;a\;;a;g; s;b\;;b;g; s;c\;;c;g; s;d\;;d;g; s;e\;;e;g; s;f\;;f;g; - s;g\;;g;g; s;h\;;h;g; s;i\;;i;g; s;j\;;j;g; s;k\;;k;g; s;l\;;l;g; - s;m\;;m;g; s;n\;;n;g; s;o\;;o;g; s;p\;;p;g; s;q\;;q;g; s;r\;;r;g; - s;s\;;s;g; s;t\;;t;g; s;u\;;u;g; s;v\;;v;g; s;w\;;w;g; s;x\;;x;g; - s;y\;;y;g; s;z\;;z;g;' -} - -redirect(){ - printf 'Status: 303 See Other\r\nLocation: %s\r\n\r\n' "$*" - exit 0 -} - -set_cookie(){ - case "$1" in - session|0) expire='';; - ''|default) expire="$(LANG=C date -d "+ 1 week" +'%a, %d %b %Y %T %Z')";; - *) expire="$(LANG=C date -d "$1" +'%a, %d %b %Y %T %Z' 2>&-)";; - esac - cookie="$2" - - printf 'Set-Cookie: %s' "$cookie" - [ -n "$expire" ] && printf '; Expires=%s' "$expire" - [ $# -ge 3 ] && shift 2 && printf '; %s' "$@" - printf '\r\n' -}