2010-09-11 23:22:28 -06:00
|
|
|
#include <stdlib.h>
|
2010-09-16 12:21:16 -06:00
|
|
|
#include <ctype.h>
|
2010-09-07 14:24:37 -06:00
|
|
|
#include "common.h"
|
2010-09-03 17:05:42 -06:00
|
|
|
|
|
|
|
|
int
|
|
|
|
|
main(int argc, char *argv[])
|
|
|
|
|
{
|
2011-03-14 17:13:25 -06:00
|
|
|
char team[TEAM_MAX] = {0};
|
|
|
|
|
char token[TOKEN_MAX] = {0};
|
2010-09-07 14:24:37 -06:00
|
|
|
|
2010-09-13 12:23:39 -06:00
|
|
|
if (-1 == cgi_init(argv)) {
|
2010-09-03 17:05:42 -06:00
|
|
|
return 0;
|
|
|
|
|
}
|
2012-10-31 16:01:36 -06:00
|
|
|
ctf_chdir();
|
2010-09-03 17:05:42 -06:00
|
|
|
|
|
|
|
|
/* Read in team and token */
|
|
|
|
|
while (1) {
|
|
|
|
|
size_t len;
|
|
|
|
|
char key[20];
|
|
|
|
|
|
|
|
|
|
len = cgi_item(key, sizeof(key));
|
|
|
|
|
if (0 == len) break;
|
2010-09-11 22:57:46 -06:00
|
|
|
switch (key[0]) {
|
|
|
|
|
case 't':
|
|
|
|
|
cgi_item(team, sizeof(team));
|
|
|
|
|
break;
|
|
|
|
|
case 'k':
|
|
|
|
|
cgi_item(token, sizeof(token));
|
|
|
|
|
break;
|
2010-09-03 17:05:42 -06:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-09-11 22:57:46 -06:00
|
|
|
/* Any weird characters in token name? */
|
2010-09-03 17:05:42 -06:00
|
|
|
{
|
2010-09-11 22:57:46 -06:00
|
|
|
char *p;
|
2010-09-03 17:05:42 -06:00
|
|
|
|
2010-10-22 17:09:00 -06:00
|
|
|
if ('\0' == token[0]) {
|
2011-03-14 17:13:25 -06:00
|
|
|
cgi_result(409, "Must supply token", "<p>Your request did not contain a k= parameter.</p>");
|
2010-10-22 17:09:00 -06:00
|
|
|
}
|
2010-09-11 22:57:46 -06:00
|
|
|
for (p = token; *p; p += 1) {
|
|
|
|
|
if ((! isalnum(*p)) &&
|
|
|
|
|
(*p != '-') &&
|
|
|
|
|
(*p != ':')) {
|
2011-03-14 17:13:25 -06:00
|
|
|
cgi_result(409, "Not a token", "<p>This token has untokenlike characteristics.</p>");
|
2010-09-03 17:05:42 -06:00
|
|
|
}
|
|
|
|
|
}
|
2010-09-11 22:57:46 -06:00
|
|
|
}
|
2010-09-03 17:05:42 -06:00
|
|
|
|
2010-09-11 22:57:46 -06:00
|
|
|
/* Award points */
|
|
|
|
|
{
|
2011-03-14 17:13:25 -06:00
|
|
|
char *p = token;
|
|
|
|
|
char *q;
|
|
|
|
|
char category[40];
|
|
|
|
|
char points_s[40];
|
|
|
|
|
int points;
|
2012-05-30 18:04:24 -06:00
|
|
|
int ret;
|
2010-09-03 17:05:42 -06:00
|
|
|
|
2010-09-11 22:57:46 -06:00
|
|
|
/* Pull category name out of the token */
|
2011-03-14 17:13:25 -06:00
|
|
|
for (q = category; *p && (*p != ':'); p += 1) {
|
|
|
|
|
*(q++) = *p;
|
2010-09-03 17:05:42 -06:00
|
|
|
}
|
2011-03-14 17:13:25 -06:00
|
|
|
*q = '\0';
|
|
|
|
|
if (p) p += 1;
|
|
|
|
|
|
2012-05-30 18:04:24 -06:00
|
|
|
/* Now we can check to see if it's valid */
|
2012-05-30 18:10:04 -06:00
|
|
|
if ((! anchored_search(package_path("%s/tokens.txt", category), token, 0)) &&
|
|
|
|
|
(! anchored_search(state_path("tokens.db"), token, 0))) {
|
2012-05-30 18:04:24 -06:00
|
|
|
cgi_result(409, "No such token", "<p>This token has not been issued.</p>");
|
|
|
|
|
}
|
|
|
|
|
|
2011-03-14 17:13:25 -06:00
|
|
|
/* Pull point value out of the token (if it has one) */
|
|
|
|
|
for (q = points_s; *p && (*p != ':'); p += 1) {
|
|
|
|
|
*(q++) = *p;
|
|
|
|
|
}
|
|
|
|
|
*q = '\0';
|
|
|
|
|
points = atoi(points_s);
|
|
|
|
|
if (0 == points) points = 1;
|
2010-09-03 17:05:42 -06:00
|
|
|
|
2012-05-30 18:04:24 -06:00
|
|
|
ret = award_points(team, category, points, token);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
cgi_fail(ret);
|
2010-09-14 18:04:33 -06:00
|
|
|
}
|
2010-09-03 17:05:42 -06:00
|
|
|
}
|
|
|
|
|
|
2011-03-14 17:13:25 -06:00
|
|
|
cgi_page("Point awarded", "<p>Congratulations.</p>");
|
2010-09-03 17:05:42 -06:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
