login.c

eybuild-x86-arm920t-2.6.7.tar 很好的嵌入式WEB开发环境

#include <stdio.h>
#include <string.h>

#include <eblib.h>
#include "login.h"

/*
diskpatch check
*/
int enter_check(void * ppage, char * pname, int type)
{
    /* user logout */
    if (!strcmp(G("srcpage"), "logout.csp"))
        return FALSE;
        
    /* cache control */
    header("Pragma: no-cache\n");					/* for HTTP/1.0 */
    header("Cache-Control: no-cache; no-store\n");	/* for HTTP/1.1 */
    header("Expires: Thu, 19 Nov 1981 08:52:00 GMT\n"); 

    /* haven't login */
    if (isblankstr(getsession("username")) && 
        strcmp("/review/login.csp", pname) && 
        strcmp("/authcode.csp", pname))
    {
        forward("/review/login.csp", TRUE);
    }

    return FALSE;
}	


/*
auth user
*/
int auth_user 
    (
    char *      pname,      /* user account */
    char *      pswd,       /* password or session ID */
    char *      sex,        /* user account */
    char *      mail,       /* password or session ID */
    char *      errmsg      /* to return errmsg */
    )
{
    FILE *		fp;
    char        buf[32] = "";
    
    /* base64 decode passward */
    pswd = base64_decode(buf, pswd, 32);
    
    /* miss name or sid */
    if (isblankstr(pname) || isblankstr(pswd))
    {
        sprintf(errmsg, "Please login");
        return ERROR;
    }

    /* invalid authcode */
    if (stricmp(G("authcode"), getsession("authcode")))
    {
        sprintf(errmsg, "Authcode error");
        return ERROR;
    }

    if (NULL == (fp=fopen(USR_COUNT, "rb")))
    {
        /* user db not exit try create */
        if ( NULL == (fp=fopen(USR_COUNT, "wb+")))
        {
            sprintf(errmsg, "Can't open user database: %s\n", USR_COUNT); 
            return ERROR;
        }
        else
        {
        	fprintf(fp, "%s",
            "#\n"
            "# user		passwd	   sex		email				session_id\n"
            "# --------	-------	  -------	-------				-------\n"
            "user		user	   male		user@eybuild.com	456321\n"
            "root		root	   female	root@eybuild.com    234567\n"
            "admin		admin	   male		admin@eybuild.com   789456\n"
            );
            
            fseek(fp, 0, SEEK_SET);
        }
    }
        
    /* match user in database */
    while(!feof(fp))
    {
        char	linebuf[256] = "";
        char	username[256] = "";
        char	password[256] = "";
        char *	pstr;
        int		ret = 0;
        
        /* read db */
        if (NULL == (pstr=fgets(linebuf, sizeof(linebuf), fp)))
            break;

        pstr += strspn(pstr, "\t\x20\n\r");	// jump over space
        if ('\0' == *pstr || '#' == *pstr)	// jump over blank line or commont
            continue;

        /* extract user info */
        ret = sscanf(linebuf, "%s%s%s%s", 
            username, password, sex, mail);
        if (4 != ret)
        {
        	sprintf(errmsg, "database format error");
            fclose(fp);
            return ERROR;
        }
        
        /* check user account */
        if (!strcmp(username, pname) && !strcmp(password, pswd))
        {
            fclose(fp);
            return OK;
        }
    }
    
    /* mismatch */
    sprintf(errmsg, "No such user or password: %s", pname);

    fclose(fp);
    return ERROR;
}