]> git.ipfire.org Git - thirdparty/sarg.git/blob - topsites.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Protection against buffer overflows in getword and friends and report the origin...
[thirdparty/sarg.git] / topsites.c
1 /*
2 * AUTHOR: Pedro Lineu Orso pedro.orso@gmail.com
3 * 1998, 2008
4 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
5 *
6 * SARG donations:
7 * please look at http://sarg.sourceforge.net/donations.php
8 * ---------------------------------------------------------------------
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
23 *
24 */
25
26 #include "include/conf.h"
27
28 void topsites()
29 {
30
31 FILE *fp_in, *fp_ou;
32
33 char url[MAXLEN];
34 char ourl[MAXLEN];
35 char nacc[20];
36 char nbytes[20];
37 char ntime[20];
38 char ntemp[40];
39 char ttnacc[20];
40 char ttnbytes[20];
41 char ttntime[20];
42 char csort[255];
43 char general[MAXLEN];
44 char general2[MAXLEN];
45 char general3[MAXLEN];
46 char per[MAXLEN];
47 char sites[MAXLEN];
48 char report[MAXLEN];
49 char period[100];
50 char sortf[10];
51 char sortt[10];
52 long long int tnacc=0;
53 long long int tnbytes=0;
54 long long int tntime=0;
55 long long int twork1=0, twork2=0, twork3=0;
56 int regs=0;
57
58 if(strcmp(Privacy,"yes") == 0)
59 return;
60
61 sprintf(general,"%s/sarg-general",dirname);
62 sprintf(sites,"%s/sarg-sites",dirname);
63 sprintf(general2,"%s/sarg-general2",dirname);
64 sprintf(general3,"%s/sarg-general3",dirname);
65 sprintf(per,"%s/sarg-period",dirname);
66
67 if (strstr(ReportType,"topusers") == 0)
68 sprintf(report,"%s/index.html",dirname);
69 else
70 sprintf(report,"%s/topsites.html",dirname);
71
72 if ((fp_in = fopen(per, "r")) == 0) {
73 fprintf(stderr, "SARG: (topuser) %s: %s\n",text[45],per);
74 exit(1);
75 }
76
77 fgets(period,sizeof(period),fp_in);
78 fclose(fp_in);
79
80 sprintf(csort,"sort -k 4,4 -o '%s' '%s'",general2,general);
81 system(csort);
82
83 if((fp_in=fopen(general2,"r"))==NULL) {
84 fprintf(stderr, "SARG: (topsite) %s: %s\n",text[8],general2);
85 exit(1);
86 }
87
88 if((fp_ou=fopen(general3,"w"))==NULL) {
89 fprintf(stderr, "SARG: (topsite) %s: %s\n",text[8],general3);
90 exit(1);
91 }
92
93 while(fgets(buf,sizeof(buf),fp_in)!=NULL) {
94 if (getword(url,sizeof(url),buf,' ')<0) {
95 printf("SARG: Maybe you have an invalid user in your %s file of the topsites.\n",general2);
96 exit(1);
97 }
98 if(strcmp(url,"TOTAL") == 0) {
99 if (getword(ttnacc,sizeof(ttnacc),buf,' ')<0) {
100 printf("SARG: Maybe you have an invalid total number of access in your %s file of the topsites.\n",general2);
101 exit(1);
102 }
103 if (getword(ttnbytes,sizeof(ttnbytes),buf,' ')<0) {
104 printf("SARG: Maybe you have an invalid total number of bytes in your %s file of the topsites.\n",general2);
105 exit(1);
106 }
107 if (getword(ttntime,sizeof(ttntime),buf,' ')<0) {
108 printf("SARG: Maybe you have an invalid total time in your %s file of the topsites.\n",general2);
109 exit(1);
110 }
111 continue;
112 }
113 if (getword(nacc,sizeof(nacc),buf,' ')<0) {
114 printf("SARG: Maybe you have an invalid number of access in your %s file of the topsites.\n",general2);
115 exit(1);
116 }
117 if (getword(nbytes,sizeof(nbytes),buf,' ')<0) {
118 printf("SARG: Maybe you have an invalid number of bytes in your %s file of the topsites.\n",general2);
119 exit(1);
120 }
121 if (getword(url,sizeof(url),buf,' ')<0) {
122 printf("SARG: Maybe you have an invalid url in your %s file of the topsites.\n",general2);
123 exit(1);
124 }
125 if (getword(ntemp,sizeof(ntemp),buf,' ')<0) {
126 printf("SARG: Maybe you have a broken record or garbage in column 5 in your %s file of the topsites.\n",general2);
127 exit(1);
128 }
129 if (getword(ntemp,sizeof(ntemp),buf,' ')<0) {
130 printf("SARG: Maybe you have a broken record or garbage in column 6 in your %s file of the topsites.\n",general2);
131 exit(1);
132 }
133 if (getword(ntemp,sizeof(ntemp),buf,' ')<0) {
134 printf("SARG: Maybe you have a broken record or garbage in column 7 in your %s file of the topsites.\n",general2);
135 exit(1);
136 }
137 if (getword(ntime,sizeof(ntime),buf,' ')<0) {
138 printf("SARG: Maybe you have a broken record or garbage in column 8 in your %s file of the topsites.\n",general2);
139 exit(1);
140 }
141
142 if(!regs) {
143 strcpy(ourl,url);
144 regs++;
145 }
146
147 if(strcmp(url,ourl) != 0) {
148 my_lltoa(tnacc,val1,15);
149 my_lltoa(tnbytes,val2,15);
150 my_lltoa(tntime,val3,15);
151 sprintf(buf,"%s %s %s %s\n",val1,val2,val3,ourl);
152 fputs(buf, fp_ou);
153 strcpy(ourl,url);
154 tnacc=0;
155 tnbytes=0;
156 tntime=0;
157 }
158
159 tnacc+=my_atoll(nacc);
160 tnbytes+=my_atoll(nbytes);
161 tntime+=my_atoll(ntime);
162 }
163
164 my_lltoa(tnacc,val1,15);
165 my_lltoa(tnbytes,val2,15);
166 my_lltoa(tntime,val3,15);
167 sprintf(buf,"%s %s %s %s\n",val1,val2,val3,ourl);
168 fputs(buf, fp_ou);
169
170 fclose(fp_in);
171 fclose(fp_ou);
172 unlink(general2);
173
174 strlow(TopsitesSortField);
175 strlow(TopsitesSortType);
176
177 if(strcmp(TopsitesSortField,"connect") == 0)
178 strcpy(sortf,"1,1");
179 if(strcmp(TopsitesSortField,"bytes") == 0)
180 strcpy(sortf,"2,2");
181 if(strcmp(TopsitesSortType,"a") == 0)
182 strcpy(sortt," ");
183 if(strcmp(TopsitesSortType,"d") == 0)
184 strcpy(sortt,"-r");
185
186 sprintf(csort,"sort %s -k %s -o '%s' '%s'",sortt,sortf,sites,general3);
187 system(csort);
188
189 unlink(general2);
190 unlink(general3);
191
192 if((fp_in=fopen(sites,"r"))==NULL) {
193 fprintf(stderr, "SARG: (topsite) %s: %s\n",text[8],sites);
194 exit(1);
195 }
196
197 if((fp_ou=fopen(report,"w"))==NULL) {
198 fprintf(stderr, "SARG: (topsite) %s: %s\n",text[8],report);
199 exit(1);
200 }
201
202 regs=0;
203
204 fprintf(fp_ou, "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n<html>\n<head>\n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=%s\">\n",CharSet);
205 css(fp_ou);
206 fputs("</head>\n",fp_ou);
207 fprintf(fp_ou,"<body bgcolor=%s text=%s background='%s'>\n",BgColor,TxColor,BgImage);
208 if(strlen(LogoImage) > 0) fprintf(fp_ou, "<center><table cellpadding=\"0\" cellspacing=\"0\">\n<tr><th class=\"logo\"><img src='%s' border=0 align=absmiddle width=%s height=%s>&nbsp;%s</th></tr>\n<tr><td height=\"5\"></td></tr>\n</table>\n",LogoImage,Width,Height,LogoText);
209
210 if(strcmp(IndexTree,"date") == 0)
211 show_sarg(fp_ou,"../../..");
212 else
213 show_sarg(fp_ou, "..");
214
215 fputs("<center><table cellpadding=\"0\" cellspacing=\"0\">\n",fp_ou);
216 sprintf(url,"<tr><th class=\"title\">%s</th></tr>\n",Title);
217 fputs(url,fp_ou);
218
219 sprintf(url,"<tr><td class=\"header3\">%s: %s</td></tr>\n",text[89],period);
220 fputs(url,fp_ou);
221 sprintf(url,"<tr><th class=\"header3\">%s %s %s</th></tr>\n",text[83],TopSitesNum,text[84]);
222 fputs(url,fp_ou);
223 fputs("</table></center>\n",fp_ou);
224
225 fputs("<center><table cellpadding=\"1\" cellspacing=\"2\">\n",fp_ou);
226 fputs("<tr><td></td></tr>\n",fp_ou);
227 sprintf(url,"<tr><th class=\"header\">%s</th><th class=\"header\">%s</th> \
228 <th class=\"header\">%s</th><th class=\"header\">%s</th> \
229 <th class=\"header\">%s</th></tr>\n", \
230 text[100],text[91],text[92],text[93],text[99]);
231 fputs(url,fp_ou);
232
233 regs=1;
234 ntopsites = 0;
235
236 while(fgets(buf,sizeof(buf),fp_in)!=NULL) {
237 if(regs>atoi(TopSitesNum))
238 break;
239 if (getword(nacc,sizeof(nacc),buf,' ')<0) {
240 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",sites);
241 exit(1);
242 }
243 if (atoi(nacc) == 0) continue;
244 if (getword(nbytes,sizeof(nbytes),buf,' ')<0 ||
245 getword(ntime,sizeof(ntime),buf,' ')<0 || getword(url,sizeof(url),buf,' ')<0) {
246 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",sites);
247 exit(1);
248 }
249
250 twork1=my_atoll(nacc);
251 twork2=my_atoll(nbytes);
252 twork3=my_atoll(ntime);
253
254 sprintf(wwork1,"%s",fixnum(twork1,1));
255 sprintf(wwork2,"%s",fixnum(twork2,1));
256 sprintf(wwork3,"%s",fixtime(twork3,1));
257
258 if(strlen(BlockIt) > 0)
259 sprintf(BlockImage,"<a href=\"%s%s?url=%s\"><img src=\"../images/sarg-squidguard-block.png\" border=\"0\"></a>&nbsp;",wwwDocumentRoot,BlockIt,url);
260 else BlockImage[0]='\0';
261
262
263 sprintf(ourl,"<tr><td class=\"data\">%d</td><td class=\"data2\">%s<a href=\"http://%s\"><font class=\"link\">%s</font></td><td class=\"data\">%s</td><td class=\"data\">%s</td><td class=\"data\">%s</td></tr>\n",regs,BlockImage,url,url,wwork1,wwork2,wwork3);
264 fputs(ourl,fp_ou);
265 regs++;
266 }
267
268
269 fputs("</table></center>\n",fp_ou);
270
271 show_info(fp_ou);
272
273 fputs("</body>\n</html>\n",fp_ou);
274
275 fclose(fp_in);
276 fclose(fp_ou);
277
278 return;
279
280 }
Unnamed repository; edit this file 'description' to name the repository.