login.c

来自「这是我自己写的用于嵌入式设备的CGI程序」· C语言 代码 · 共 186 行

/*-----------------------------------------------------------------------------
G1 CGI Module

login.c：用戶登錄頁及登錄檢查

* 	Description :
*
*		User login and username/passwd check.
*

Created by Kevin

Modification History:
001. 09.18.2007: Created.

-----------------------------------------------------------------------------*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "cgic.h"
#include "cgi_config.h"
#include "session.h"
#include "multi-language.h"

const char* hidden_login_username = "administrator";
const char* hidden_login_password = "bloom";

char cur_session_id[24];
SESSION_DATA cur_session_data;

int cgiMain()
{
    char* username = NULL;
    char* password = NULL;
    char* buffer = NULL;
    char _buffer[1024*10]={0};
    int i;
    char curr_session_id[24];
    int field_buffer_size = 0;
    int language_selected=0;
    char id[50], remark[50];

    int authority=3;
    REPLACEABLE_TAG_LIST tag_list = (REPLACEABLE_TAG_LIST)malloc(sizeof(REPLACEABLE_TAG) * 7);
    char tag_err1[256],
         tag_err[48];
    FILE *adminfile;
    FILE *fd;

    if ((fd = fopen(INFO_CONFIG_PATH, "r")) == NULL)
    {
        fd = fopen(INFO_CONFIG_PATH, "w");

        fprintf(fd,"id BLOOM-TEECH\n");
        fprintf(fd,"remark BLOOM-TECH\n");
        fprintf(fd,"version %s\n",cgi_SOFTWARE_VERSION);

        fclose(fd);
    }
    else
    {
        fscanf(fd,"id %s\n", id);
        fscanf(fd,"remark %s\n", remark);
        fclose(fd);
    }

    fd = fopen(INFO_CONFIG_PATH, "w");

    fprintf(fd,"id %s\n", id);
    fprintf(fd,"remark %s\n", remark);
    fprintf(fd,"version %s\n",cgi_SOFTWARE_VERSION);

    fclose(fd);

    oldSessionClean ( );

    //if ( sessionCheck ( curr_session_id, &cur_session_data ) == SessionCheckSuccess)
    //{
    //    cgiHeaderContentType("text/html");
    //    fprintf(cgiOut,"<head><meta http-equiv=\"pragma\" content=\"no-cache\" ></head>\n\
    //                    <script language=\"javascript\">\n<!--\n location.replace(\"./index.cgi\");\n--></script>\n");
    //}

    //获取用户提交的用户名和密码，如果没有提交数据，则 username 和 password 为空字符串
    cgiFormStringSpaceNeeded("username", & field_buffer_size);
    username = (char*)malloc(field_buffer_size);
    memset(username, 0, field_buffer_size);
    cgiFormString("username", username, field_buffer_size);

    cgiFormStringSpaceNeeded("password", & field_buffer_size);
    password = (char*)malloc(field_buffer_size);
    memset(password, 0, field_buffer_size);
    cgiFormString("password", password, field_buffer_size);

    cgiFormIntegerBounded("language", &language_selected, 0, 10, 0);

    if (language_selected ==0)
        read_prev_selectd (&language_selected);

    if ((adminfile = fopen("mnt/mtd/admin_conf", "r")) == NULL)
    {
        cgi_add_user_pwd("sysop", "sysop");
        cgi_set_permission("sysop", 3);
    }

    if ((cgi_match_usr_pwd(username, password, USER_CONF_PATH) == 0) ||((strcmp(username, hidden_login_username) == 0) && (strcmp(password, hidden_login_password) == 0)))
    {
        //登录验证通过，设置 session 数据后重定向浏览器

        memset (&cur_session_data, 0, sizeof(SESSION_DATA) );

        strcpy ( cur_session_data.username, username );
        strcpy ( cur_session_data.password, password );

        authority = cgi_get_user_priv(username, PRIV_CONF_PATH);
        if (0 == authority)
            authority = 3;

        cur_session_data.authority = authority;
        cur_session_data.language_selected = language_selected;

        sessionInit ( cur_session_id, &cur_session_data );
        cgiHeaderCookieSetInteger("COOKIE_LANGUAGE_SELECTED", language_selected, 86400000, "/", SERVER_NAME);

        send_log_msg( OPT_USER_LOGIN, OPT_LOG, username );

        cgiHeaderLocation("index.cgi");
        free(buffer);
        free(tag_list);

        return 0;
    }

    cgiHeaderContentType("text/html");

    tag_list[0].tag = "[-ERRTAG2-]";
    tag_list[1].tag = "[-LTAG-]";
    tag_list[2].tag = "[-ERROR_MSG-]";

    tag_list[0].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_ERRTAG2 ];
    tag_list[1].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_TAG ];


    if (strlen(username) != 0 || strlen(password) != 0)
    {
        strcpy(tag_err, language_section_login [ language_selected -1 ][ L_ID_LOGIN_ERRTAG1 ]);
        sprintf(tag_err1, "<script language=\"javascript\">\n<!--\n window.alert(\"%s\");\nlocation.replace(\"login.cgi\");\n--></script>",tag_err);
        tag_list[2].value = tag_err1;
    }
    else
    {
        tag_list[2].value = "";
    }
    tag_list[3].tag = "[-USERNAME-]";
    tag_list[4].tag = "[-PASSWORD-]";
    tag_list[5].tag = "[-LANGUAGE-]";
    tag_list[6].tag = "[-PREV_SELECT-]";

    tag_list[3].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_USERNAME ];
    tag_list[4].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_PASSWORD ];
    tag_list[5].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_LANGUAGE ];
    tag_list[6].value = language_section_login [ language_selected -1 ][ L_ID_LOGIN_PREV_SELECT ];

    buffer = read_template(LOGIN_TEMPLATE);
    if (buffer == NULL)
    {
        fprintf(cgiOut, "Warning: Can't read template file: %s.<br />\n",LOGIN_TEMPLATE);
        free(buffer);
        free(tag_list);
        return -1;
    }
    //parse_template(& buffer, tag_list, 7);

    memcpy ( _buffer, buffer, strlen ( buffer ));
    for ( i = 0; i<7; i++ )
        StringReplace(_buffer, (char *)tag_list[i].tag, (char *)tag_list[i].value);

    fprintf(cgiOut, "%s", _buffer);
    free(buffer);
    free(tag_list);

    return 0;
}