From 9b62da2cc5552e018fe8c48360c770446a9a6b55 Mon Sep 17 00:00:00 2001
From: paul <paul@plutz.net>
Date: Fri, 31 Jul 2015 10:32:16 +0000
Subject: [PATCH] introduced cookie array, extended urlsave function,
 IMPORTANT: removed " from array keys

svn path=/trunk/; revision=8
---
 action.sh |  2 +-
 cgi.sh    | 49 ++++++++++++++++++++++++++++++++++++-------------
 index.cgi |  2 +-
 page.sh   |  2 +-
 4 files changed, 39 insertions(+), 16 deletions(-)

diff --git a/action.sh b/action.sh
index f8faf1f..caf214c 100755
--- a/action.sh
+++ b/action.sh
@@ -17,7 +17,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with Serve0.  If not, see <http://www.gnu.org/licenses/>. 
 
-ACTION="$(printf %s "$_GET[\"action\"]" |egrep '^[a-zA-Z0-9_-]+$')"
+ACTION="$(printf %s "${_GET[action]}" |egrep '^[a-zA-Z0-9_-]+$')"
 ACTION="${_EXEC}/actions/${ACTION}.sh"
 
 if [ -x "$ACTION" ]; then
diff --git a/cgi.sh b/cgi.sh
index 9994219..3ad0e8b 100755
--- a/cgi.sh
+++ b/cgi.sh
@@ -20,15 +20,16 @@
 declare -A _GET
 declare -A _POST
 declare -A _REF
+declare -A _COOKIE
 
 [ -z "$HTTP_REFERER" ] && HTTP_REFERER="./"
 
 cgi_get() {  # parse HTTP GET string
   debug "== CGI DATA: GET =="
   printf '%s\n' "$QUERY_STRING" |tr '&' '\n' |while read query; do
-    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\1:')"
-    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\2:')"
-    _GET["$key"]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")"
+    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\1:')"
+    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\2:')"
+    _GET[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")"
     debug "_GET[$key] => $val"
   done
 }
@@ -36,15 +37,15 @@ cgi_get() {  # parse HTTP GET string
 cgi_post() {  # parse HTTP POST string
   debug "== CGI DATA: POST =="
   sed -u 1q |tr '&' '\n' |while read query; do
-    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\1:')"
-    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\2:')"
+    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\1:')"
+    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\2:')"
     value="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g;')")"
-    if [ -n "$_POST[\"$key\"]" ]; then
+    if [ -n "${_POST[$key]}" ]; then
       n=0
-      while [ -n "$_POST[\"$key$n\"]" ]; do n=$(($n + 1)); done
-      _POST["$key$n"]="$value"
+      while [ -n "${_POST[$key$n]}" ]; do n=$(($n + 1)); done
+      _POST[$key$n]="$value"
     else
-      _POST["$key"]="$value"
+      _POST[$key]="$value"
     fi
     debug "_POST[$key] => $value"
   done
@@ -53,13 +54,35 @@ cgi_post() {  # parse HTTP POST string
 cgi_refdata() { # Parse GET data from referer
   debug "== CGI DATA: REFERER =="
   printf '%s\n' "$HTTP_REFERER" |cut -d'?' -f2- |tr '&' '\n' |while read query; do
-    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\1:')"
-    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]*)=(.*)$:\2:')"
-    _REF["$key"]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")"
+    key="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\1:')"
+    val="$(printf %s "$query" |sed -r 's:^([a-zA-Z0-9_-]+)=(.*)$:\2:')"
+    _REF[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")"
     debug "_REF[$key] => $val"
   done
 }
 
+cgi_cookie() { # Parse GET data from referer
+  debug "== CGI DATA: COOKIE =="
+  printf '%s\n' "$HTTP_COOKIE" |tr ';' '\n' |while read query; do
+    key="$(printf %s "$query" |sed -r 's:^ *([a-zA-Z0-9_-]+)=(.*)$:\1:')"
+    val="$(printf %s "$query" |sed -r 's:^ *([a-zA-Z0-9_-]+)=(.*)$:\2:')"
+    _COOKIE[$key]="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g')")"
+    debug "_COOKIE[$key] => $val"
+  done
+}
+
 urlsave(){
-  printf %s "$*" |sed 's:%:\%25:g;s:\?:\%3F:g;s:&:\%26:g;s:'\'':\%27:g;s: :\%20:g;s:!:\%21:g;s:(:\%28:g;s:):\%29:g;s:":\%22:g;'
+  printf %s "$*" \
+  | sed 's; ;%20;g;
+         s;!;%21;g;
+         s;";%22;g;
+         s;%;%25;g;
+         s;&;%26;g;
+         s;(;%28;g;
+         s;);%29;g;
+         s;:;%3a;g
+         s;<;%3c;g;
+         s;>;%3e;g;
+         s;'\'';%27;g;
+         s;\?;%3f;g;'
 }
diff --git a/index.cgi b/index.cgi
index af99fe1..b407fc1 100755
--- a/index.cgi
+++ b/index.cgi
@@ -74,7 +74,7 @@ cgi_get
 
 [ -x "$_EXEC/constants.sh" ] && . "$_EXEC/constants.sh"
 
-if [ -n "$_GET[\"action\"]" ]; then
+if [ -n "${_GET[action]}" ]; then
   . "$_EXEC/shcgi/action.sh"
 else
   . "$_EXEC/shcgi/page.sh"
diff --git a/page.sh b/page.sh
index d4e38ce..ef9df2e 100755
--- a/page.sh
+++ b/page.sh
@@ -19,7 +19,7 @@
 
 printf "Content-Type: text/html;charset=utf-8\n\n"
 
-PAGE="$(printf %s "$_GET[\"p\"]" |egrep '^[a-zA-Z0-9_-]+$')"
+PAGE="$(printf %s "${_GET[p]}" |egrep '^[a-zA-Z0-9_-]+$')"
 PAGE="${_EXEC}/pages/${PAGE}.sh"
 [ -x "$PAGE" ] || PAGE="${_EXEC}/pages/error.sh"
 
-- 
2.39.2