X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=auth.c;h=2c0ee326e65d82dba0ab9524f6c293ecdf92a4ec;hb=22774edd6523d566f539f4f633a6f276bfbd6224;hp=6bbf38389553c915dcd99e48edcd250384fbe642;hpb=4bcb77cf900ead8f2d9ba2f7306bb7eb9a3df2c2;p=thirdparty%2Fsarg.git

diff --git a/auth.c b/auth.c
index 6bbf383..2c0ee32 100644
--- a/auth.c
+++ b/auth.c
@@ -1,10 +1,11 @@
 /*
- * AUTHOR: Pedro Lineu Orso                         pedro.orso@gmail.com
- *                                                            1998, 2008
  * SARG Squid Analysis Report Generator      http://sarg.sourceforge.net
+ *                                                            1998, 2015
  *
  * SARG donations:
  *      please look at http://sarg.sourceforge.net/donations.php
+ * Support:
+ *     http://sourceforge.net/projects/sarg/forums/forum/363374
  * ---------------------------------------------------------------------
  *
  *  This program is free software; you can redistribute it and/or modify
@@ -24,44 +25,51 @@
  */
 
 #include "include/conf.h"
+#include "include/defs.h"
 
-void htaccess(const char *name)
+void htaccess(const struct userinfostruct *uinfo)
 {
-   char htname[MAXLEN];
-   FILE *fp_auth;
+	char htname[MAXLEN];
+	char line[MAXLEN];
+	FILE *fp_in;
+	FILE *fp_auth;
+	size_t i,nread;
 
-   if(strncmp(UserAuthentication,"yes",3) !=0 )
-      return;
+	if(!UserAuthentication)
+		return;
 
-   sprintf(htname,"%s/%s/.htaccess",dirname,name);
-   if((fp_auth=fopen(htname,"w"))==NULL) {
-      fprintf(stderr, "SARG: (auth) %s: %s\n",text[45],htname);
-      exit(1);
-   }
+	if (snprintf(htname,sizeof(htname),"%s/%s/.htaccess",outdirname,uinfo->filename)>=sizeof(htname)) {
+		debuga(__FILE__,__LINE__,_("Path too long: "));
+		debuga_more("%s/%s/.htaccess\n",outdirname,uinfo->filename);
+		exit(EXIT_FAILURE);
+	}
+	if((fp_auth=fopen(htname,"w"))==NULL) {
+		debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),htname,strerror(errno));
+		exit(EXIT_FAILURE);
+	}
 
-   strcpy(warea,Require);
-   if (getword(buf,sizeof(buf),warea,'%')<0) {
-      printf("SARG: The \"Require\" entry of your sarg.conf file is too long for your %s file.\n",htname);
-      exit(1);
-   }
-   fputs("AuthUserFile ",fp_auth);
-   fputs(AuthUserFile,fp_auth);
-   fputs("\n",fp_auth);
-   fputs("AuthName ",fp_auth);
-   if(strstr(AuthName,"\"") == 0)
-      fputs("\"",fp_auth);
-   fputs(AuthName,fp_auth);
-   if(strstr(AuthName,"\"") == 0)
-      fputs("\"",fp_auth);
-   fputs("\n",fp_auth);
-   fputs("AuthType ",fp_auth);
-   fputs(AuthType,fp_auth);
-   fputs("\n<Limit GET POST>\n",fp_auth);
-   fputs(buf,fp_auth);
-   fputs(name,fp_auth);
-   fputs("\n</LIMIT>\n",fp_auth);
+	if ((fp_in=fopen(AuthUserTemplateFile,"r"))==NULL) {
+		debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),AuthUserTemplateFile,strerror(errno));
+		exit(EXIT_FAILURE);
+	}
 
-   fclose(fp_auth);
+	while((nread=fread(line,1,sizeof(line),fp_in))!=0) {
+		for (i=0 ; i<nread ; i++)
+			if (line[i]=='%' && i+2<nread && line[i+1]=='u' && !isalpha(line[i+2])) {
+				fputs(uinfo->id,fp_auth);
+				i++;
+			} else {
+				fputc(line[i],fp_auth);
+			}
+	}
+	if (fclose(fp_auth)==EOF) {
+		debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),htname,strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	if (fclose(fp_in)==EOF) {
+		debuga(__FILE__,__LINE__,_("Read error in \"%s\": %s\n"),AuthUserTemplateFile,strerror(errno));
+		exit(EXIT_FAILURE);
+	}
 
-   return;
+	return;
 }