Menu
▾
▴
[qmailadmin-cvs] qmailadmin ChangeLog,1.15.2.28,1.15.2.29 alias.c,1.4.2.9,1.4.2.10 auth.c,1.3.2.2,1.3.2.3 autorespond.c,1.3.2.1,1.3.2.2 cgi.c,1.2,1.2.2.1 command.c,1.2.2.2,1.2.2.3 forward.c,1.2.2.2,1.2.2.3 mailinglist.c,1.5,1.5.2.1 printh.c,1.1.2.1,1.1.2.2 qmailadmin.c,1.6.2.2,1.6.2.3 template.c,1.7.2.3,1.7.2.4 user.c,1.11.2.3,1.11.2.4 util.c,1.4.2.1,1.4.2.2
|
From: Tom C. <tom...@us...> - 2004-11-14 18:06:08
|
Update of /cvsroot/qmailadmin/qmailadmin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv19361 Modified Files: Tag: stable-1_2 ChangeLog alias.c auth.c autorespond.c cgi.c command.c forward.c mailinglist.c printh.c qmailadmin.c template.c user.c util.c Log Message: Major update to code and html files to properly escape strings for HTML display and as paramters to cgi scripts. See ChangeLog for details. Index: forward.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/forward.c,v retrieving revision 1.2.2.2 retrieving revision 1.2.2.3 diff -u -d -r1.2.2.2 -r1.2.2.3 --- forward.c 24 Apr 2004 01:06:40 -0000 1.2.2.2 +++ forward.c 14 Nov 2004 18:05:54 -0000 1.2.2.3 @@ -36,7 +36,7 @@ int show_forwards(char *user, char *dom, time_t mytime, char *dir) { if (AdminType != DOMAIN_ADMIN) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -44,7 +44,7 @@ count_forwards(); if(CurForwards == 0 && CurBlackholes == 0) { - sprintf(StatusMessage,"%s", get_html_text("232")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("232")); show_menu(Username, Domain, Mytime); vclose(); exit(0); Index: mailinglist.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/mailinglist.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -d -r1.5 -r1.5.2.1 --- mailinglist.c 4 Dec 2003 15:22:33 -0000 1.5 +++ mailinglist.c 14 Nov 2004 18:05:54 -0000 1.5.2.1 @@ -47,7 +47,7 @@ int show_mailing_lists(char *user, char *dom, time_t mytime) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -55,7 +55,7 @@ /* see if there's anything to display */ count_mailinglists(); if ( CurMailingLists == 0 ) { - sprintf(StatusMessage,"%s", get_html_text("231")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("231")); show_menu(); vclose(); exit(0); @@ -77,7 +77,7 @@ int i,j; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -87,29 +87,29 @@ } if ( (mydir = opendir(".")) == NULL ) { - fprintf(actout,"<tr><td>%s %d</tr><td>", get_html_text("143"), 1); + printf ("<tr><td>%s %d</tr><td>", get_html_text("143"), 1); return(0); } /* First display the title row */ - fprintf(actout, "<tr bgcolor=\"#cccccc\">"); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("072")); + printf ("<tr bgcolor=\"#cccccc\">"); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("072")); #ifdef EZMLMIDX - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("071")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("071")); #endif - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("081")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("083")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("084")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("085")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("081")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("083")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("084")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("085")); #ifdef EZMLMIDX - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("086")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("087")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("088")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("237")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("238")); - fprintf(actout, "<th align=center><font size=2>%s</font></th>", get_html_text("239")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("086")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("087")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("088")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("237")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("238")); + printf ("<th align=center><font size=2>%s</font></th>", get_html_text("239")); #endif - fprintf(actout, "</tr>\n"); + printf ("</tr>\n"); sort_init(); @@ -118,9 +118,9 @@ if ( strncmp(".qmail-", mydirent->d_name, 7) == 0 ) { if ( (fs=fopen(mydirent->d_name,"r"))==NULL) { #ifdef EZMLMIDX - fprintf(actout, "<tr><td colspan=12>%s %s</td></tr>\n", get_html_text("144"), mydirent->d_name); + printf ("<tr><td colspan=12>%s %s</td></tr>\n", get_html_text("144"), mydirent->d_name); #else - fprintf(actout, "<tr><td colspan=5>%s %s</td></tr>\n", get_html_text("144"), mydirent->d_name); + printf ("<tr><td colspan=5>%s %s</td></tr>\n", get_html_text("144"), mydirent->d_name); #endif continue; } @@ -139,13 +139,13 @@ /* convert ':' in addr to '.' */ str_replace (addr, ':', '.'); - fprintf(actout,"<tr>"); + printf ("<tr>"); qmail_button(addr, "delmailinglist", user, dom, mytime, "trash.png"); #ifdef EZMLMIDX qmail_button(addr, "modmailinglist", user, dom, mytime, "modify.png"); #endif - fprintf(actout,"<td align=left>%s</td>\n", addr); + printh ("<td align=left>%H</td>\n", addr); qmail_button(addr, "addlistuser", user, dom, mytime, "delete.png"); qmail_button(addr, "dellistuser", user, dom, mytime, "delete.png"); @@ -159,7 +159,7 @@ /* Is it a digest list? */ if ( (fs=fopen(testfn,"r"))==NULL) { /* not a digest list */ - fprintf (actout, "<TD COLSPAN=3> </TD>"); + printf ("<TD COLSPAN=3> </TD>"); } else { qmail_button(addr, "addlistdig", user, dom, mytime, "delete.png"); qmail_button(addr, "dellistdig", user, dom, mytime, "delete.png"); @@ -167,7 +167,7 @@ fclose(fs); } #endif - fprintf(actout, "</tr>\n"); + printf ("</tr>\n"); } sort_cleanup(); } @@ -194,7 +194,7 @@ int listcount; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -204,7 +204,7 @@ } if ( (mydir = opendir(".")) == NULL ) { - fprintf(actout,"%s %d<BR>\n", get_html_text("143"), 1); + printf ("%s %d<BR>\n", get_html_text("143"), 1); return(0); } @@ -214,7 +214,7 @@ while( (mydirent=readdir(mydir)) != NULL ) { if ( strncmp(".qmail-", mydirent->d_name, 7) == 0 ) { if ( (fs=fopen(mydirent->d_name,"r"))==NULL) { - fprintf(actout,"%s %s<br>\n", + printf ("%s %s<br>\n", get_html_text("144"), mydirent->d_name); continue; } @@ -234,24 +234,24 @@ return 0; } - fprintf(actout,"<hr><table width=100%% cellpadding=1 cellspacing=0 border=0"); - fprintf(actout," align=center bgcolor=\"#000000\"><tr><td>"); - fprintf(actout,"<table width=100%% cellpadding=0 cellspacing=0 border=0 bgcolor=\"#e6e6e6\">"); - fprintf(actout,"<tr><th bgcolor=\"#000000\" colspan=2>"); - fprintf(actout,"<font color=\"#ffffff\">%s</font></th>\n", + printf ("<hr><table width=100%% cellpadding=1 cellspacing=0 border=0"); + printf (" align=center bgcolor=\"#000000\"><tr><td>"); + printf ("<table width=100%% cellpadding=0 cellspacing=0 border=0 bgcolor=\"#e6e6e6\">"); + printf ("<tr><th bgcolor=\"#000000\" colspan=2>"); + printf ("<font color=\"#ffffff\">%s</font></th>\n", get_html_text("095")); sort_dosort(); - fprintf(actout, "<INPUT NAME=number_of_mailinglist TYPE=hidden VALUE=%d>\n", listcount); + printf ("<INPUT NAME=number_of_mailinglist TYPE=hidden VALUE=%d>\n", listcount); for (i = 0; i < listcount; ++i) { addr = sort_get_entry(i); str_replace (addr, ':', '.'); - fprintf(actout,"<TR><TD ALIGN=RIGHT><INPUT NAME=\"subscribe%d\" TYPE=checkbox VALUE=%s></TD>", i, addr); - fprintf(actout,"<TD align=LEFT>%s@%s</TD></TR>", addr, Domain); + printh ("<TR><TD ALIGN=RIGHT><INPUT NAME=\"subscribe%d\" TYPE=checkbox VALUE=\"%H\"></TD>", i, addr); + printh ("<TD align=LEFT>%H@%H</TD></TR>", addr, Domain); } - fprintf(actout,"</table></td></tr></table>\n"); + printf ("</table></td></tr></table>\n"); sort_cleanup(); } @@ -259,7 +259,7 @@ int addmailinglist(void) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -267,7 +267,7 @@ count_mailinglists(); load_limits(); if ( MaxMailingLists != -1 && CurMailingLists >= MaxMailingLists ) { - fprintf(actout, "%s %d\n", get_html_text("184"), + printf ("%s %d\n", get_html_text("184"), MaxMailingLists); show_menu(); vclose(); @@ -288,7 +288,7 @@ int delmailinglist(void) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -303,14 +303,14 @@ struct dirent *mydirent; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } if ( (mydir = opendir(".")) == NULL ) { - fprintf(actout,"%s %d<BR>\n", get_html_text("143"), 1); - fprintf(actout,"</table>"); + printf ("%s %d<BR>\n", get_html_text("143"), 1); + printf ("</table>"); return 0; } @@ -344,7 +344,7 @@ vdelfiles(TmpBuf2); count_mailinglists(); - sprintf(StatusMessage, "%s %s\n", get_html_text("186"), ActionUser); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("186"), ActionUser); if ( CurMailingLists == 0 ) { show_menu(); } else { @@ -413,13 +413,13 @@ char listopt[] = "A D hIj L N pQRST "; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } if ( fixup_local_name(ActionUser) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("188"), ActionUser); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("188"), ActionUser); addmailinglist(); vclose(); exit(0); @@ -593,7 +593,7 @@ count_mailinglists(); load_limits(); if ( MaxMailingLists != -1 && CurMailingLists >= MaxMailingLists ) { - fprintf(actout, "%s %d\n", get_html_text("184"), + printf ("%s %d\n", get_html_text("184"), MaxMailingLists); show_menu(); vclose(); @@ -601,7 +601,7 @@ } if ( check_local_user(ActionUser) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("175"), ActionUser); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("175"), ActionUser); addmailinglist(); vclose(); exit(0); @@ -609,7 +609,7 @@ ezmlm_make(1); - sprintf(StatusMessage, "%s %s@%s\n", get_html_text("187"), + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H@%H\n", get_html_text("187"), ActionUser, Domain); show_mailing_lists(Username, Domain, Mytime); } @@ -624,7 +624,7 @@ char *addr; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -672,16 +672,16 @@ /* strcpy(TmpBuf2, "084"); */ } strcpy(TmpBuf2, "072"); - fprintf(actout,"<TABLE border=0 width=\"100%%\">\n"); - fprintf(actout," <TR>\n"); - fprintf(actout," <TH align=left COLSPAN=4><B>%s</B> %d<BR><BR></TH>\n", get_html_text(TmpBuf), subuser_count); - fprintf(actout," </TR>\n"); - fprintf(actout," <TR align=center bgcolor=%s>\n", get_color_text("002")); - fprintf(actout," <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf2)); - fprintf(actout," <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf1)); - fprintf(actout," <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf2)); - fprintf(actout," <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf1)); - fprintf(actout," </TR>\n"); + printf ("<TABLE border=0 width=\"100%%\">\n"); + printf (" <TR>\n"); + printf (" <TH align=left COLSPAN=4><B>%s</B> %d<BR><BR></TH>\n", get_html_text(TmpBuf), subuser_count); + printf (" </TR>\n"); + printf (" <TR align=center bgcolor=%s>\n", get_color_text("002")); + printf (" <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf2)); + printf (" <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf1)); + printf (" <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf2)); + printf (" <TH align=center><b><font size=2>%s</font></b></TH>\n", get_html_text(TmpBuf1)); + printf (" </TR>\n"); if(mod == 1) { strcpy(TmpBuf, "dellistmodnow"); @@ -691,28 +691,28 @@ strcpy(TmpBuf, "dellistusernow"); } for(z = 0; addr = sort_get_entry(z); ++z) { - fprintf(actout," <TR align=center>"); - fprintf(actout," <TD align=right><A href=\"%s/com/%s?modu=%s&newu=%s&dom=%s&user=%s&time=%d\"><IMG src=\"%s/trash.png\" border=0></A></TD>\n", + printf (" <TR align=center>"); + printh (" <TD align=right><A href=\"%s/com/%s?modu=%C&newu=%C&dom=%C&user=%C&time=%d\"><IMG src=\"%s/trash.png\" border=0></A></TD>\n", CGIPATH, TmpBuf, ActionUser, addr, Domain, Username, Mytime, IMAGEURL); - fprintf(actout," <TD align=left>%s</TD>\n", addr); + printh (" <TD align=left>%H</TD>\n", addr); ++z; if(addr = sort_get_entry(z)) { - fprintf(actout," <TD align=right><A href=\"%s/com/%s?modu=%s&newu=%s&dom=%s&user=%s&time=%d\"><IMG src=\"%s/trash.png\" border=0></A></TD>\n", + printh (" <TD align=right><A href=\"%s/com/%s?modu=%C&newu=%C&dom=%C&user=%C&time=%d\"><IMG src=\"%s/trash.png\" border=0></A></TD>\n", CGIPATH, TmpBuf, ActionUser, addr, Domain, Username, Mytime, IMAGEURL); - fprintf(actout," <TD align=left>%s</TD>\n", addr); + printh (" <TD align=left>%H</TD>\n", addr); } else { - fprintf(actout," <TD COLSPAN=2> </TD>"); + printf (" <TD COLSPAN=2> </TD>"); } - fprintf(actout," </TR>"); + printf (" </TR>"); } sort_cleanup(); - fprintf(actout,"</TABLE>"); + printf ("</TABLE>"); fclose(fs); close(handles[0]); wait(&pid); - sprintf(StatusMessage, "%s\n", get_html_text("190")); - fprintf(actout, get_html_text("END_LIST_NAMES")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("190")); + /* printf (get_html_text("END_LIST_NAMES")); */ } } @@ -726,7 +726,7 @@ int show_list_group(char *template) { if (AdminType != DOMAIN_ADMIN) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -747,7 +747,7 @@ addlistgroup (char *template) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -766,7 +766,7 @@ int pid; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -774,7 +774,7 @@ lowerit(ActionUser); if ( check_email_addr(Newu) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("148"), Newu); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("148"), Newu); if (mod == 1) { addlistmod(); } else if (mod == 2) { @@ -801,15 +801,15 @@ } else wait(&pid); if(mod == 1 ) { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("194"), ActionUser, Domain); send_template( "add_listmod.html" ); } else if(mod == 2) { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("240"), ActionUser, Domain); send_template( "add_listdig.html" ); } else { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("193"), ActionUser, Domain); send_template( "add_listuser.html" ); } @@ -826,7 +826,7 @@ dellistgroup(char *template) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -844,7 +844,7 @@ int pid; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -866,13 +866,13 @@ } else wait(&pid); if(mod == 1) { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, get_html_text("197"), + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("197"), ActionUser, Domain); } else if(mod == 2) { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, get_html_text("242"), + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("242"), ActionUser, Domain); } else { - sprintf(StatusMessage, "%s %s %s@%s\n", Newu, get_html_text("203"), + snprinth (StatusMessage, sizeof(StatusMessage), "%H %s %H@%H\n", Newu, get_html_text("203"), ActionUser, Domain); } show_mailing_lists(Username, Domain, Mytime); @@ -893,8 +893,8 @@ FILE *fs; if ( (mydir = opendir(".")) == NULL ) { - fprintf(actout,"%s %d<BR>\n", get_html_text("143"), 1); - fprintf(actout,"</table>"); + printf ("%s %d<BR>\n", get_html_text("143"), 1); + printf ("</table>"); return(0); } @@ -903,7 +903,7 @@ while( (mydirent=readdir(mydir)) != NULL ) { if ( strncmp(".qmail-", mydirent->d_name, 7) == 0 ) { if ( (fs=fopen(mydirent->d_name,"r"))==NULL) { - fprintf(actout, get_html_text("144"), + printf (get_html_text("144"), mydirent->d_name); continue; } @@ -925,7 +925,7 @@ FILE *fs; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -982,21 +982,21 @@ { ezmlm_make(0); - sprintf(StatusMessage, "%s %s@%s\n", get_html_text("226"), + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H@%H\n", get_html_text("226"), ActionUser, Domain); show_mailing_lists(Username, Domain, Mytime); } build_list_value(char *param, char *color, char *opt1, char *desc1, char *opt2, char *desc2, int checked) { - fprintf(actout, "<tr bgcolor=%s>\n", get_color_text(color)); - fprintf(actout, " <td>\n"); - fprintf(actout, " <input type=radio name=%s value=%s%s></td>\n", param, opt1, checked ? "" : " CHECKED"); - fprintf(actout, " <td>%s</td>\n", get_html_text(desc1)); - fprintf(actout, " <td>\n"); - fprintf(actout, " <input type=radio name=%s value=%s%s></td>\n", param, opt2, checked ? " CHECKED" : ""); - fprintf(actout, " <td>%s</td>\n", get_html_text(desc2)); - fprintf(actout, "</tr>\n"); + printf ("<tr bgcolor=%s>\n", get_color_text(color)); + printf (" <td>\n"); + printf (" <input type=radio name=%s value=%s%s></td>\n", param, opt1, checked ? "" : " CHECKED"); + printf (" <td>%s</td>\n", get_html_text(desc1)); + printf (" <td>\n"); + printf (" <input type=radio name=%s value=%s%s></td>\n", param, opt2, checked ? " CHECKED" : ""); + printf (" <td>%s</td>\n", get_html_text(desc2)); + printf ("</tr>\n"); } build_option_str (char *type, char *param, char *options, char *description) @@ -1011,7 +1011,7 @@ } /* selected is now true if all options for this radio button are true */ - fprintf(actout, "<INPUT TYPE=%s NAME=\"%s\" VALUE=\"%s\"%s> %s\n", + printh ("<INPUT TYPE=%s NAME=\"%H\" VALUE=\"%H\"%s> %s\n", type, param, options, selected ? " CHECKED" : "", description); } @@ -1223,95 +1223,95 @@ */ if (*dotqmail_name) { /* modifying an existing list */ - strcpy (listname, dotqmail_name); + snprinth (listname, sizeof(listname), "%H", dotqmail_name); str_replace (listname, ':', '.'); } else { sprintf (listname, "<I>%s</I>", get_html_text("261")); } /* Posting Messages */ - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("262")); + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("262")); build_option_str ("RADIO", "opt1", "MU", get_html_text("263")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("RADIO", "opt1", "Mu", get_html_text("264")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("RADIO", "opt1", "mu", get_html_text("265")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("RADIO", "opt1", "mUo", get_html_text("266")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("RADIO", "opt1", "mUO", get_html_text("267")); - fprintf(actout, "</P>\n"); + printf ("</P>\n"); /* List Options */ - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("268")); + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("268")); /* this next option isn't necessary since we use the edit box to * set/delete the prefix sprintf (TmpBuf, get_html_text("269"), listname); build_option_str ("CHECKBOX", "opt3", "f", TmpBuf); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); */ - fprintf(actout, "<TABLE><TR><TD ROWSPAN=3 VALIGN=TOP>%s</TD>", + printf ("<TABLE><TR><TD ROWSPAN=3 VALIGN=TOP>%s</TD>", get_html_text("310")); - fprintf(actout, "<TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s</TD></TR>\n", + printf ("<TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s</TD></TR>\n", REPLYTO_SENDER, (replyto == REPLYTO_SENDER) ? " CHECKED" : "", get_html_text("311")); - fprintf(actout, "<TR><TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s</TD></TR>\n", + printf ("<TR><TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s</TD></TR>\n", REPLYTO_LIST, (replyto == REPLYTO_LIST) ? " CHECKED" : "", get_html_text("312")); - fprintf(actout, "<TR><TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s ", + printf ("<TR><TD><INPUT TYPE=RADIO NAME=\"replyto\" VALUE=\"%d\"%s>%s ", REPLYTO_ADDRESS, (replyto == REPLYTO_ADDRESS) ? " CHECKED" : "", get_html_text("313")); - fprintf(actout, "<INPUT TYPE=TEXT NAME=\"replyaddr\" VALUE=\"%s\" SIZE=30></TD></TR>\n", + printh ("<INPUT TYPE=TEXT NAME=\"replyaddr\" VALUE=\"%H\" SIZE=30></TD></TR>\n", replyto_addr); - fprintf(actout, "</TABLE><BR>\n"); + printf ("</TABLE><BR>\n"); build_option_str ("CHECKBOX", "opt4", "t", get_html_text("270")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("CHECKBOX", "opt5", "d", get_html_text("271")); sprintf (TmpBuf, get_html_text("272"), listname); - fprintf(actout, "<SMALL>(%s)</SMALL>", TmpBuf); - fprintf(actout, "<BR>\n"); + printf ("<SMALL>(%s)</SMALL>", TmpBuf); + printf ("<BR>\n"); sprintf (TmpBuf, get_html_text("273"), listname); build_option_str ("CHECKBOX", "opt6", "q", TmpBuf); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); sprintf (TmpBuf, get_html_text("274"), listname, listname, listname); - fprintf(actout, " <SMALL>(%s)</SMALL></P>", TmpBuf); + printf (" <SMALL>(%s)</SMALL></P>", TmpBuf); /* Remote Administration */ - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("275")); + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("275")); build_option_str ("CHECKBOX", "opt7", "r", get_html_text("276")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); build_option_str ("CHECKBOX", "opt8", "P", get_html_text("277")); - fprintf(actout, "<SMALL>(%s)</SMALL><BR>", get_html_text("278")); - fprintf(actout, "<TABLE><TR><TD ROWSPAN=2 VALIGN=TOP>%s</TD>", + printf ("<SMALL>(%s)</SMALL><BR>", get_html_text("278")); + printf ("<TABLE><TR><TD ROWSPAN=2 VALIGN=TOP>%s</TD>", get_html_text("279")); - fprintf(actout, "<TD>"); + printf ("<TD>"); build_option_str ("CHECKBOX", "opt9", "l", get_html_text("280")); - fprintf(actout, "</TD>\n</TR><TR>\n<TD>"); + printf ("</TD>\n</TR><TR>\n<TD>"); build_option_str ("CHECKBOX", "opt10", "n", get_html_text("281")); - fprintf(actout, "<SMALL>(%s)</SMALL>.</TD>\n", get_html_text("282")); - fprintf(actout, "</TR></TABLE>\n</P>\n"); + printf ("<SMALL>(%s)</SMALL>.</TD>\n", get_html_text("282")); + printf ("</TR></TABLE>\n</P>\n"); - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("283")); - fprintf(actout, "%s<BR>\n ", get_html_text("284")); + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("283")); + printf ("%s<BR>\n ", get_html_text("284")); build_option_str ("CHECKBOX", "opt11", "H", get_html_text("285")); - fprintf(actout, "<BR>\n "); + printf ("<BR>\n "); build_option_str ("CHECKBOX", "opt12", "s", get_html_text("286")); - fprintf(actout, "<BR>\n%s<BR>\n ", get_html_text("287")); + printf ("<BR>\n%s<BR>\n ", get_html_text("287")); build_option_str ("CHECKBOX", "opt13", "J", get_html_text("285")); - fprintf(actout, "<BR>\n"); - fprintf(actout, "<SMALL>%s</SMALL>\n</P>\n", get_html_text("288")); + printf ("<BR>\n"); + printf ("<SMALL>%s</SMALL>\n</P>\n", get_html_text("288")); - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("289")); + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("289")); build_option_str ("CHECKBOX", "opt14", "a", get_html_text("290")); - fprintf(actout, "<BR>\n"); + printf ("<BR>\n"); /* note that if user doesn't have ezmlm-cgi installed, it might be a good idea to default to having option i off. */ build_option_str ("CHECKBOX", "opt15", "i", get_html_text("291")); - fprintf(actout, "<BR>\n%s\n<SELECT NAME=\"opt15\">", get_html_text("292")); - fprintf(actout, "<OPTION VALUE=\"BG\"%s>%s\n", + printf ("<BR>\n%s\n<SELECT NAME=\"opt15\">", get_html_text("292")); + printf ("<OPTION VALUE=\"BG\"%s>%s\n", checkopt['B'] && checkopt['G'] ? " SELECTED" : "", get_html_text("293")); - fprintf(actout, "<OPTION VALUE=\"Bg\"%s>%s\n", + printf ("<OPTION VALUE=\"Bg\"%s>%s\n", checkopt['B'] && checkopt['g'] ? " SELECTED" : "", get_html_text("294")); - fprintf(actout, "<OPTION VALUE=\"b\"%s>%s\n", + printf ("<OPTION VALUE=\"b\"%s>%s\n", checkopt['b'] ? " SELECTED" : "", get_html_text("295")); - fprintf(actout, "</SELECT>.</P>\n"); + printf ("</SELECT>.</P>\n"); /***********************/ /* begin MySQL options */ @@ -1333,15 +1333,15 @@ fclose(fs); } #ifdef ENABLE_MYSQL - fprintf(actout, "<P><B><U>%s</U></B><BR>\n", get_html_text("099")); - fprintf(actout, "<input type=checkbox name=\"sqlsupport\" value=\"-6\"%s> %s", + printf ("<P><B><U>%s</U></B><BR>\n", get_html_text("099")); + printf ("<input type=checkbox name=\"sqlsupport\" value=\"-6\"%s> %s", checked ? " CHECKED" : "", get_html_text("053")); /* parse dir/sql file for SQL settings */ - fprintf(actout, " <table cellpadding=0 cellspacing=2 border=0>\n"); + printf (" <table cellpadding=0 cellspacing=2 border=0>\n"); #else if (checked) - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sqlsupport VALUE=\"-6\">\n"); + printf ("<INPUT TYPE=HIDDEN NAME=sqlsupport VALUE=\"-6\">\n"); #endif /* get hostname */ @@ -1355,12 +1355,12 @@ } #ifdef ENABLE_MYSQL - fprintf(actout, " <tr>\n"); - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("054")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text name=sql1 value=\"%s\"></td>\n", checked1); + printf (" <tr>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("054")); + printf (" </td><td>\n"); + printh (" <input type=text name=sql1 value=\"%H\"></td>\n", checked1); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql1 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql1 VALUE=\"%H\">\n", checked1); #endif /* get port */ @@ -1373,12 +1373,12 @@ } } #ifdef ENABLE_MYSQL - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("055")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text size=7 name=sql2 value=\"%s\"></td>\n", checked1); - fprintf(actout, " </tr>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("055")); + printf (" </td><td>\n"); + printh (" <input type=text size=7 name=sql2 value=\"%H\"></td>\n", checked1); + printf (" </tr>\n"); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql2 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql2 VALUE=\"%H\">\n", checked1); #endif /* get user */ @@ -1391,12 +1391,12 @@ } } #ifdef ENABLE_MYSQL - fprintf(actout, " <tr>\n"); - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("056")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text name=sql3 value=\"%s\"></td>\n", checked1); + printf (" <tr>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("056")); + printf (" </td><td>\n"); + printh (" <input type=text name=sql3 value=\"%H\"></td>\n", checked1); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql3 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql3 VALUE=\"%H\">\n", checked1); #endif /* get password */ @@ -1409,12 +1409,12 @@ } } #ifdef ENABLE_MYSQL - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("057")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text name=sql4 value=\"%s\"></td>\n", checked1); - fprintf(actout, " </tr>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("057")); + printf (" </td><td>\n"); + printh (" <input type=text name=sql4 value=\"%H\"></td>\n", checked1); + printf (" </tr>\n"); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql4 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql4 VALUE=\"%H\">\n", checked1); #endif /* get database name */ @@ -1427,12 +1427,12 @@ } } #ifdef ENABLE_MYSQL - fprintf(actout, " <tr>\n"); - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("058")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text name=sql5 value=\"%s\"></td>\n", checked1); + printf (" <tr>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("058")); + printf (" </td><td>\n"); + printh (" <input type=text name=sql5 value=\"%H\"></td>\n", checked1); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql5 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql5 VALUE=\"%H\">\n", checked1); #endif /* get table name */ @@ -1445,13 +1445,13 @@ } } #ifdef ENABLE_MYSQL - fprintf(actout, " <td ALIGN=RIGHT>%s:\n", get_html_text("059")); - fprintf(actout, " </td><td>\n"); - fprintf(actout, " <input type=text name=\"sql6\" value=\"%s\"></td>\n", checked1); - fprintf(actout, " </tr>\n"); - fprintf(actout, " </table>\n"); + printf (" <td ALIGN=RIGHT>%s:\n", get_html_text("059")); + printf (" </td><td>\n"); + printh (" <input type=text name=\"sql6\" value=\"%H\"></td>\n", checked1); + printf (" </tr>\n"); + printf (" </table>\n"); #else - fprintf(actout, "<INPUT TYPE=HIDDEN NAME=sql6 VALUE=\"%s\">\n", checked1); + printh ("<INPUT TYPE=HIDDEN NAME=sql6 VALUE=\"%H\">\n", checked1); #endif } Index: autorespond.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/autorespond.c,v retrieving revision 1.3.2.1 retrieving revision 1.3.2.2 diff -u -d -r1.3.2.1 -r1.3.2.2 --- autorespond.c 2 Feb 2004 00:39:47 -0000 1.3.2.1 +++ autorespond.c 14 Nov 2004 18:05:54 -0000 1.3.2.2 @@ -42,7 +42,7 @@ count_autoresponders(); if(CurAutoResponders == 0) { - sprintf(StatusMessage,"%s", get_html_text("233")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("233")); show_menu(Username, Domain, Mytime); } else { send_template( "show_autorespond.html" ); @@ -69,23 +69,23 @@ sort_dosort(); for (i = 0; addr = sort_get_entry(i); ++i) { - fprintf(actout, "<tr>"); + printf ("<tr>"); - fprintf(actout, "<td align=\"center\">"); - fprintf(actout, "<a href=\"%s/com/delautorespond?user=%s&dom=%s&time=%d&modu=%s\">", - CGIPATH,user,dom,mytime,addr); - fprintf(actout, "<img src=\"%s/trash.png\" border=\"0\"></a>", IMAGEURL); - fprintf(actout, "</td>"); + printf ("<td align=\"center\">"); + printh ("<a href=\"%s/com/delautorespond?user=%C&dom=%C&time=%d&modu=%C\">", + CGIPATH, user, dom, mytime, addr); + printf ("<img src=\"%s/trash.png\" border=\"0\"></a>", IMAGEURL); + printf ("</td>"); - fprintf(actout, "<td align=\"center\">"); - fprintf(actout, "<a href=\"%s/com/modautorespond?user=%s&dom=%s&time=%d&modu=%s\">", - CGIPATH,user,dom,mytime,addr); - fprintf(actout, "<img src=\"%s/modify.png\" border=\"0\"></a>", IMAGEURL); - fprintf(actout, "</td>"); + printf ("<td align=\"center\">"); + printh ("<a href=\"%s/com/modautorespond?user=%C&dom=%C&time=%d&modu=%C\">", + CGIPATH, user, dom, mytime, addr); + printf ("<img src=\"%s/modify.png\" border=\"0\"></a>", IMAGEURL); + printf ("</td>"); - fprintf(actout, "<td align=\"left\">%s@%s</td>", addr, Domain); + printh ("<td align=\"left\">%H@%H</td>", addr, Domain); - fprintf(actout, "</tr>\n"); + printf ("</tr>\n"); } sort_cleanup(); } @@ -94,7 +94,7 @@ { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -102,7 +102,7 @@ count_autoresponders(); load_limits(); if ( MaxAutoResponders != -1 && CurAutoResponders >= MaxAutoResponders ) { - fprintf(actout, "%s %d\n", get_html_text("158"), MaxAutoResponders); + printf ("%s %d\n", get_html_text("158"), MaxAutoResponders); show_menu(); vclose(); exit(0); @@ -119,7 +119,7 @@ struct vqpasswd *vpw; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -127,55 +127,34 @@ count_autoresponders(); load_limits(); if ( MaxAutoResponders != -1 && CurAutoResponders >= MaxAutoResponders ) { - fprintf(actout, "%s %d\n", get_html_text("158"), MaxAutoResponders); + printf ("%s %d\n", get_html_text("158"), MaxAutoResponders); show_menu(); vclose(); exit(0); } - if ( fixup_local_name(ActionUser) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("174"), ActionUser); - addautorespond(); - vclose(); - exit(0); - } - - if ( check_local_user(ActionUser) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("175"), ActionUser); - addautorespond(); - vclose(); - exit(0); - } - - if ( strlen(ActionUser) == 0 ) { - sprintf(StatusMessage, "%s\n", get_html_text("176")); - addautorespond(); - vclose(); - exit(0); - } - - if ( strlen(Newu)>0 && check_email_addr(Newu) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("177"), Newu); - addautorespond(); - vclose(); - exit(0); - } - - if (strlen(Alias) <= 1) { - sprintf(StatusMessage, "%s %s\n", get_html_text("178"), ActionUser); - addautorespond(); - vclose(); - exit(0); - } + *StatusMessage = '\0'; + + if ( fixup_local_name(ActionUser) ) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("174"), ActionUser); + else if ( check_local_user(ActionUser) ) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("175"), ActionUser); + else if ( strlen(ActionUser) == 0 ) + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("176")); + else if ( strlen(Newu)>0 && check_email_addr(Newu) ) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("177"), Newu); + else if (strlen(Alias) <= 1) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("178"), ActionUser); + else if (strlen(Message) <= 1) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("179"), ActionUser); - if (strlen(Message) <= 1) { - sprintf(StatusMessage, "%s %s\n", get_html_text("179"), ActionUser); + /* if there was an error, go back to the add screen */ + if (*StatusMessage != '\0') { addautorespond(); vclose(); exit(0); } - /* * Make the autoresponder directory */ @@ -209,15 +188,15 @@ /* * Report success */ - sprintf(StatusMessage, "%s %s@%s\n", get_html_text("180"), - ActionUser, Domain); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H@%H\n", + get_html_text("180"), ActionUser, Domain); show_autoresponders(Username, Domain, Mytime); } delautorespond() { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -230,7 +209,7 @@ int pid; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -250,7 +229,7 @@ /* delete the autoresponder directory */ sprintf(TmpBuf, "%s/%s", RealDir, TmpBuf2); vdelfiles(TmpBuf); - sprintf(StatusMessage, "%s %s\n", get_html_text("182"), ActionUser); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("182"), ActionUser); count_autoresponders(); @@ -264,7 +243,7 @@ modautorespond() { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -280,40 +259,29 @@ struct vqpasswd *vpw; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); - vclose(); - exit(0); - } - - if ( fixup_local_name(ActionUser) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("174"), ActionUser); - modautorespond(); - vclose(); - exit(0); - } - - if ( strlen(Newu)>0 && check_email_addr(Newu) ) { - sprintf(StatusMessage, "%s %s\n", get_html_text("177"), Newu); - modautorespond(); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } - if (strlen(Alias) <= 1) { - sprintf(StatusMessage, "%s %s\n", get_html_text("178"), ActionUser); - modautorespond(); - vclose(); - exit(0); - } + *StatusMessage = '\0'; + + if ( fixup_local_name(ActionUser) ) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("174"), ActionUser); + else if ( strlen(Newu)>0 && check_email_addr(Newu) ) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("177"), Newu); + else if (strlen(Alias) <= 1) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("178"), ActionUser); + else if (strlen(Message) <= 1) + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("179"), ActionUser); - if (strlen(Message) <= 1) { - sprintf(StatusMessage, "%s %s\n", get_html_text("179"), ActionUser); + /* exit on errors */ + if (*StatusMessage != '\0') { modautorespond(); vclose(); exit(0); } - /* * Make the autoresponder directory */ @@ -347,8 +315,8 @@ /* * Report success */ - sprintf(StatusMessage, "%s %s@%s\n", get_html_text("183"), - ActionUser, Domain); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H@%H\n", + get_html_text("183"), ActionUser, Domain); show_autoresponders(Username, Domain, Mytime); } Index: cgi.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/cgi.c,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -u -d -r1.2 -r1.2.2.1 --- cgi.c 10 Oct 2003 16:36:24 -0000 1.2 +++ cgi.c 14 Nov 2004 18:05:54 -0000 1.2.2.1 @@ -33,11 +33,15 @@ { int count; int i,j; - + char *qs; + int qslen = 0; + + qs = getenv("QUERY_STRING"); + if (qs != NULL) qslen = strlen (qs); count = atoi( safe_getenv("CONTENT_LENGTH")); - TmpCGI = malloc(count+1); - memset(TmpCGI,0,count+1); + TmpCGI = malloc(count+qslen+2); + memset(TmpCGI,0,count+qslen+2); i = 0; do { @@ -45,8 +49,17 @@ if ( j >= 0 ) i += j; else break; } while (j > 0 && i < count ); + + /* append query string to end */ + if (qslen > 0) { + sprintf (&TmpCGI[i], "&%s", qs); + } + } +/* source is encoded cgi parameters, name is "fieldname=" + * copies value of fieldname into dest + */ int GetValue(source,dest,name,dest_max) char *source; char *dest; @@ -55,11 +68,14 @@ { int i,j,k; - memset(dest,0,dest_max); - for(i=0; strstart(&source[i],name)!=&source[i] && source[i]!=0; ++i); + for (i = 0; source[i] != '\0'; i++) { + if ((i == 0) || (source[i-1] == '&')) { + if (strstart (&source[i], name) != NULL) break; + } + } - if( source[i] != 0 ) { + if( source[i] != '\0' ) { i+=strlen(name); } else { return( -1 ); @@ -88,5 +104,8 @@ dest[k] = 0; --k; } + + /* uncomment next line to dump cgi values to error log */ +// fprintf (stderr, "%s%s\n", name, dest); return(0); } Index: alias.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/alias.c,v retrieving revision 1.4.2.9 retrieving revision 1.4.2.10 diff -u -d -r1.4.2.9 -r1.4.2.10 --- alias.c 23 Oct 2004 20:49:56 -0000 1.4.2.9 +++ alias.c 14 Nov 2004 18:05:54 -0000 1.4.2.10 @@ -37,6 +37,7 @@ #include "config.h" #include "qmailadmin.h" #include "qmailadminx.h" +#include "printh.h" char* dotqmail_alias_command(char* command); int bkscandir(const char *dirname, @@ -47,7 +48,7 @@ int show_aliases(void) { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage, "%s", get_html_text("142")); + snprintf(StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -110,7 +111,7 @@ struct stat sbuf; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf(StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -168,9 +169,8 @@ then qmailadmin could use the single set of valias_ functions above. */ if ( (mydir = opendir(".")) == NULL ) { - fprintf(actout,"<tr><td colspan=\"4\">"); - fprintf(actout,"%s %d", get_html_text("143"), 1); - fprintf(actout,"</td></tr>"); + printf ("<tr><td colspan=\"4\">"); + printf ("%s %d</td></tr>", get_html_text("143"), 1); return(0); } @@ -188,9 +188,9 @@ } if ( (fs=fopen(mydirent->d_name,"r"))==NULL) { - fprintf(actout,"<tr><td colspan=4>"); - fprintf(actout,"%s %s", get_html_text("144"), mydirent->d_name); - fprintf(actout,"</td></tr>\n"); + printf ("<tr><td colspan=4>"); + printf ("%s %s", get_html_text("144"), mydirent->d_name); + printf ("</td></tr>\n"); continue; } @@ -253,24 +253,24 @@ * This is a big assumption, and may cause problems at some point. */ - fprintf(actout, "<tr>\n"); + printf ("<tr>\n"); qmail_button (this_alias, "deldotqmail", user, dom, mytime, "trash.png"); if (*curalias->alias_command == '#') - fprintf(actout, "<td> </td>"); /* don't allow modify on blackhole */ + printf ("<td> </td>"); /* don't allow modify on blackhole */ else qmail_button (this_alias, "moddotqmail", user, dom, mytime, "modify.png"); - fprintf(actout, "<td align=left>%s</td>\n", this_alias); - fprintf(actout, "<td align=left>"); + printh ("<td align=left>%H</td>\n", this_alias); + printf ("<td align=left>"); stop=0; if (*curalias->alias_command == '#') { /* this is a blackhole account */ - fprintf (actout, "<I>%s</I>", get_html_text("303")); + printf ("<I>%s</I>", get_html_text("303")); stop = 1; } - while (!stop) { - strcpy(alias_user, curalias->alias_command); + while (!stop) { + strcpy (alias_user, curalias->alias_command); /* get the domain alone from alias_user */ for(alias_domain = alias_user; *alias_domain != '\0' && *alias_domain != '@' && *alias_domain != ' '; @@ -283,7 +283,7 @@ if (!check_local_user(alias_user)) { /* make it red so it jumps out -- this is no longer a valid forward */ - sprintf(alias_user, "<font color=\"red\">%s</font>", + snprintf(alias_user, sizeof(alias_user), "<font color=\"red\">%s</font>", curalias->alias_command); } } @@ -295,11 +295,11 @@ /* exit if we run out of alias lines, or go to a new alias name */ if ((curalias == NULL) || (strcmp (this_alias, curalias->alias_name) != 0)) { stop = 1; - fprintf (actout, "%s", alias_user); + printf ("%s", alias_user); break; } - fprintf (actout, "%s, ", alias_user); + printf ("%s, ", alias_user); break; } } @@ -307,26 +307,26 @@ while ((curalias != NULL) && (strcmp (this_alias, curalias->alias_name) == 0)) { curalias = get_alias_entry(); } - fprintf(actout, "</td>\n</tr>\n"); + printf ("</td>\n</tr>\n"); } if (AdminType == DOMAIN_ADMIN) { - fprintf(actout, "<tr><td align=\"right\" colspan=\"4\">"); - fprintf(actout, "[ "); + printf ("<tr><td align=\"right\" colspan=\"4\">"); + printf ("[ "); if(page > 1 ) { - fprintf(actout, "<a href=\"%s/com/showforwards?user=%s&dom=%s&time=%d&page=%d\">%s</a>", + printh ("<a href=\"%s/com/showforwards?user=%C&dom=%C&time=%d&page=%d\">%s</a>", CGIPATH,user,dom,mytime,page - 1,get_html_text("135")); - fprintf(actout, " | "); + printf (" | "); } - fprintf(actout, "<a href=\"%s/com/showforwards?user=%s&dom=%s&time=%d&page=%d\">%s</a>", + printh ("<a href=\"%s/com/showforwards?user=%C&dom=%C&time=%d&page=%d\">%s</a>", CGIPATH,user,dom,mytime,page,get_html_text("136")); - fprintf(actout, " | "); + printf (" | "); if (moreusers) { - fprintf(actout, "<a href=\"%s/com/showforwards?user=%s&dom=%s&time=%d&page=%d\">%s</a>", + printh ("<a href=\"%s/com/showforwards?user=%C&dom=%C&time=%d&page=%d\">%s</a>", CGIPATH,user,dom,mytime,page+1,get_html_text("137")); - fprintf(actout, " ]"); + printf (" ]"); } - fprintf(actout, "</td></tr>"); + printf ("</td></tr>"); } } @@ -344,13 +344,13 @@ int j; if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } - fprintf(actout, "<tr>"); - fprintf(actout, "<td align=\"center\" valign=\"top\"><b>%s</b></td>", user); + printf ("<tr>"); + printh ("<td align=\"center\" valign=\"top\"><b>%H</b></td>", user); alias_line = valias_select (user, Domain); while (alias_line != NULL) { @@ -367,7 +367,7 @@ while (curalias != NULL) { alias_line = curalias->alias_command; alias_name_from_command = dotqmail_alias_command (alias_line); - strcpy(alias_user, alias_name_from_command); + strcpy (alias_user, alias_name_from_command); /* get the domain alone from alias_user */ alias_domain = alias_user; for(;*alias_domain != '\0' && *alias_domain != '@' @@ -379,42 +379,36 @@ for(j=0; TmpBuf3[j]!=0 && TmpBuf3[j]!='@';j++); TmpBuf3[j]=0; if (check_local_user(TmpBuf3)) { - strcpy(alias_user, TmpBuf3); + strcpy (alias_user, TmpBuf3); } else { /* make it red so it jumps out -- this is no longer a valid forward */ - sprintf(alias_user, "<font color=\"red\">%s</font>", + snprintf (alias_user, sizeof(alias_user), "<font color=\"red\">%s</font>", alias_name_from_command); } } - fprintf(actout, "<td align=\"center\" valign=\"top\">%s</td>\n", alias_user); - fprintf(actout, "<td align=\"center\" valign=\"top\">\n"); - fprintf(actout, "<form method=\"post\" name=\"moddotqmail\" action=\"%s/com/moddotqmailnow\">\n", CGIPATH); - fprintf(actout, "<input type=\"hidden\" name=\"user\" value=\"%s\">\n", - Username); - fprintf(actout, "<input type=\"hidden\" name=\"dom\" value=\"%s\">\n", - Domain); - fprintf(actout, "<input type=\"hidden\" name=\"time\" value=\"%i\">\n", - Mytime); - fprintf(actout, "<input type=\"hidden\" name=\"modu\" value=\"%s\">\n", - user); - fprintf(actout, "<input type=\"hidden\" name=\"linedata\" value=\"%s\">\n", - alias_line); - fprintf(actout, "<input type=\"hidden\" name=\"action\" value=\"delentry\">\n"); - fprintf(actout, "<input type=\"image\" border=\"0\" src=\"%s/delete.png\">\n", - IMAGEURL); - fprintf(actout, "</form>\n"); + printf ("<td align=\"center\" valign=\"top\">%s</td>\n", alias_user); + printf ("<td align=\"center\" valign=\"top\">\n"); + printf ("<form method=\"post\" name=\"moddotqmail\" action=\"%s/com/moddotqmailnow\">\n", CGIPATH); + printh ("<input type=\"hidden\" name=\"user\" value=\"%H\">\n", Username); + printh ("<input type=\"hidden\" name=\"dom\" value=\"%H\">\n", Domain); + printf ("<input type=\"hidden\" name=\"time\" value=\"%i\">\n", Mytime); + printh ("<input type=\"hidden\" name=\"modu\" value=\"%H\">\n", user); + printh ("<input type=\"hidden\" name=\"linedata\" value=\"%H\">\n", alias_line); + printf ("<input type=\"hidden\" name=\"action\" value=\"delentry\">\n"); + printf ("<input type=\"image\" border=\"0\" src=\"%s/delete.png\">\n", IMAGEURL); + printf ("</form>\n"); - fprintf(actout, "</td>\n"); - fprintf(actout, "</tr>\n"); - fprintf(actout, "<tr>\n"); - fprintf(actout, "<td align=\"left\"> </td>\n"); + printf ("</td>\n"); + printf ("</tr>\n"); + printf ("<tr>\n"); + printf ("<td align=\"left\"> </td>\n"); curalias = get_alias_entry(); } /* finish up the last line (all empty) */ - fprintf(actout, "<td align=\"left\"> </td>"); - fprintf(actout, "<td align=\"left\"> </td>"); - fprintf(actout, "</tr>"); + printf ("<td align=\"left\"> </td>"); + printf ("<td align=\"left\"> </td>"); + printf ("</tr>"); } int onevalidonly(char *user) { @@ -436,7 +430,7 @@ moddotqmail() { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -448,26 +442,26 @@ struct vqpasswd *pw; if ( strcmp(ActionUser,"default")==0) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } if (strcmp(Action,"delentry")==0) { if (onevalidonly(ActionUser) ) { - sprintf(StatusMessage, "%s\n", get_html_text("149")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("149")); moddotqmail(); vclose(); exit(0); } if (dotqmail_del_line(ActionUser,LineData) ) { - sprintf(StatusMessage, "%s %d\n", get_html_text("150"), 1); + snprintf (StatusMessage, sizeof(StatusMessage), "%s %d\n", get_html_text("150"), 1); moddotqmail(); vclose(); exit(0); } - sprintf(StatusMessage, "%s\n", get_html_text("151") ); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("151") ); moddotqmail(); vclose(); exit(0); @@ -478,13 +472,13 @@ vclose(); exit(0); } else { - sprintf(StatusMessage,"%s %s\n", get_html_text("152"), Newu); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("152"), Newu); moddotqmail(); vclose(); exit(0); } } else { - sprintf(StatusMessage, "%s\n", get_html_text("155")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("155")); vclose(); exit(0); } @@ -495,8 +489,8 @@ count_forwards(); load_limits(); if ( MaxForwards != -1 && CurForwards >= MaxForwards ) { - sprintf(StatusMessage, "%s %d\n", - get_html_text("157"), MaxForwards); + snprintf (StatusMessage, sizeof(StatusMessage), "%s %d\n", + get_html_text("157"), MaxForwards); show_menu(); vclose(); exit(0); @@ -511,7 +505,7 @@ if (AdminType!=DOMAIN_ADMIN && !(AdminType==USER_ADMIN && strcmp(ActionUser, Username)==0)) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -519,7 +513,7 @@ count_forwards(); load_limits(); if ( MaxForwards != -1 && CurForwards >= MaxForwards ) { - sprintf(StatusMessage, "%s %d\n", get_html_text("157"), MaxForwards); + snprintf (StatusMessage, sizeof(StatusMessage), "%s %d\n", get_html_text("157"), MaxForwards); send_template( "add_forward.html" ); vclose(); exit(0); @@ -533,7 +527,7 @@ exit(0); } else { - sprintf(StatusMessage, "%s\n", get_html_text("152")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("152")); show_forwards(Username,Domain,Mytime,RealDir); } } @@ -546,23 +540,23 @@ /* jef...@ma... */ if (strlen(forwardname)<=0) { - sprintf(StatusMessage, "%s %s\n", get_html_text("163"), forwardname); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("163"), forwardname); return(-1); /* make sure forwardname is valid */ } else if (fixup_local_name(forwardname)) { - sprintf(StatusMessage, "%s %s\n", get_html_text("163"), forwardname); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("163"), forwardname); return(-1); /* check to see if we already have a user with this name (only for create) */ } else if (create != 0 && check_local_user(forwardname)) { - sprintf(StatusMessage, "%s %s\n", get_html_text("175"), forwardname); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("175"), forwardname); return(-1); } if (strcmp (dest, "#") == 0) { if (dotqmail_add_line(forwardname, "#")) { - sprintf(StatusMessage, "%s %d\n", get_html_text("150"), 2); + snprintf (StatusMessage, sizeof(StatusMessage), "%s %d\n", get_html_text("150"), 2); return(-1); } return 0; @@ -571,23 +565,23 @@ /* see if forwarding to a local user */ if (strstr(dest, "@") == NULL) { if (check_local_user(dest) == 0) { - sprintf(StatusMessage, "%s\n", get_html_text("161")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", get_html_text("161")); return(-1); } else { /* make it an email address */ - sprintf(dest, "%s@%s", dest, Domain); + sprintf (dest, "%s@%s", dest, Domain); } } /* check that it's a valid email address */ if (check_email_addr(dest)) { - sprintf(StatusMessage, "%s %s\n", get_html_text("162"), dest); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("162"), dest); return(-1); } - sprintf(TmpBuf2, "&%s", dest); + snprintf (TmpBuf2, sizeof(TmpBuf2), "&%s", dest); if (dotqmail_add_line(forwardname, TmpBuf2)) { - sprintf(StatusMessage, "%s %d\n", get_html_text("150"), 2); + snprintf (StatusMessage, sizeof(StatusMessage), "%s %d\n", get_html_text("150"), 2); return(-1); } @@ -598,7 +592,7 @@ { if ( AdminType!=DOMAIN_ADMIN ) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); vclose(); exit(0); } @@ -611,7 +605,7 @@ if (AdminType!=DOMAIN_ADMIN && !(AdminType==USER_ADMIN && !strcmp(ActionUser, Username))) { - sprintf(StatusMessage,"%s", get_html_text("142")); + snprintf (StatusMessage, sizeof(StatusMessage), "%s", get_html_text("142")); show_menu(Username, Domain, Mytime); vclose(); exit(0); @@ -620,17 +614,17 @@ /* check to see if we already have a user with this name */ if (fixup_local_name(ActionUser)) { - sprintf(StatusMessage,"%s %s\n", get_html_text("160"), Alias); + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H\n", get_html_text("160"), Alias); deldotqmail(); vclose(); exit(0); } if (!(dotqmail_delete_files(ActionUser))) { - sprintf(StatusMessage, "%s %s %s\n", get_html_text("167"), + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H %H\n", get_html_text("167"), Alias, ActionUser); } else { - sprintf(StatusMessage, "%s %s %s\n", get_html_text("168"), + snprinth (StatusMessage, sizeof(StatusMessage), "%s %H %H\n", get_html_text("168"), Alias, ActionUser); } @@ -678,8 +672,8 @@ *s = '\0'; if ((s = strrchr(user, '/')) == NULL) return NULL; - if (b != NULL) { sprintf (user, "%s <I>(%s)</I>", s+1, b); } - else { strcpy (user, s+1); } + if (b != NULL) { snprinth (user, sizeof(user), "%H <I>(%H)</I>", s+1, b); } + else { snprinth (user, sizeof(user), "%H", s+1); } return (user); @@ -702,7 +696,7 @@ /* back up to pipe or first slash to remove path */ while (line[len] != '/' && line[len] != '|') len--; len++; /* len is now first char of program name */ - sprintf (command, "<I>%s</I>", &line[len]); + snprinth (command, sizeof(command), "<I>%H</I>", &line[len]); return(command); } else { Index: printh.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/Attic/printh.c,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -d -r1.1.2.1 -r1.1.2.2 --- printh.c 10 Nov 2004 05:24:11 -0000 1.1.2.1 +++ printh.c 14 Nov 2004 18:05:55 -0000 1.1.2.2 @@ -40,7 +40,7 @@ * format - a printf-... [truncated message content] |
