Fix the initialization and validation of checkbox and text fields in CGI forms.

diff --git a/CHANGES.md b/CHANGES.md
index 39c3eff1b6abc81f9eaecd31528b48e3eee35ceb..74113d5974d0bafd7e3540b8f72ab9c25a938351 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -65,6 +65,8 @@ Changes in CUPS v2.5b1 (TBA)
   (Issue #901)
 - Fixed encoding of IPv6 addresses in HTTP requests (Issue #903)
 - Fixed encoding of `IPP_TAG_EXTENSION` values in IPP messages (Issue #913)
+- Fixed CGI program initialization and validation of form checkbox and text
+  fields.
 - Removed hash support for SHA2-512-224 and SHA2-512-256.
 - Removed `mantohtml` script for generating html pages (use
   `https://www.msweet.org/mantohtml/`)

diff --git a/cgi-bin/admin.c b/cgi-bin/admin.c
index 34c2d46bed20fab044fb217c55d6be2408a2fa0a..34291f2e2de9600e0e68f11d00dc8249f735d28c 100644 (file)
--- a/cgi-bin/admin.c
+++ b/cgi-bin/admin.c
@@ -335,9 +335,9 @@ do_am_class(http_t *http,           /* I - HTTP connection */
 
   title = cgiText(modify ? _("Modify Class") : _("Add Class"));
   op    = cgiGetVariable("OP");
-  name  = cgiGetVariable("PRINTER_NAME");
+  name  = cgiGetTextfield("PRINTER_NAME");
 
-  if (cgiGetVariable("PRINTER_LOCATION") == NULL)
+  if (cgiGetTextfield("PRINTER_LOCATION") == NULL)
   {
    /*
     * Build a CUPS_GET_PRINTERS request, which requires the
@@ -544,10 +544,10 @@ do_am_class(http_t *http,         /* I - HTTP connection */
                NULL, uri);
 
   ippAddString(request, IPP_TAG_PRINTER, IPP_TAG_TEXT, "printer-location",
-               NULL, cgiGetVariable("PRINTER_LOCATION"));
+               NULL, cgiGetTextfield("PRINTER_LOCATION"));
 
   ippAddString(request, IPP_TAG_PRINTER, IPP_TAG_TEXT, "printer-info",
-               NULL, cgiGetVariable("PRINTER_INFO"));
+               NULL, cgiGetTextfield("PRINTER_INFO"));
 
   ippAddBoolean(request, IPP_TAG_PRINTER, "printer-is-accepting-jobs", 1);
 
@@ -643,7 +643,7 @@ do_am_printer(http_t *http,         /* I - HTTP connection */
                };
 
 
-  ptr = cgiGetVariable("DEVICE_URI");
+  ptr = cgiGetTextfield("DEVICE_URI");
   fprintf(stderr, "DEBUG: do_am_printer: DEVICE_URI=\"%s\"\n",
           ptr ? ptr : "(null)");
 
@@ -664,7 +664,7 @@ do_am_printer(http_t *http,         /* I - HTTP connection */
 
     httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL,
                      "localhost", 0, "/printers/%s",
-                    cgiGetVariable("PRINTER_NAME"));
+                    cgiGetTextfield("PRINTER_NAME"));
     ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri",
                  NULL, uri);
 
@@ -687,7 +687,7 @@ do_am_printer(http_t *http,         /* I - HTTP connection */
     fprintf(stderr, "DEBUG: file->mimetype=%s\n", file->mimetype);
   }
 
-  if ((name = cgiGetVariable("PRINTER_NAME")) != NULL)
+  if ((name = cgiGetTextfield("PRINTER_NAME")) != NULL)
   {
     for (ptr = name; *ptr; ptr ++)
       if ((*ptr >= 0 && *ptr <= ' ') || *ptr == 127 || *ptr == '/' || *ptr == '\\' || *ptr == '?' || *ptr == '\'' || *ptr == '\"' || *ptr == '#')
@@ -704,7 +704,7 @@ do_am_printer(http_t *http,         /* I - HTTP connection */
     }
   }
 
-  if ((var = cgiGetVariable("DEVICE_URI")) != NULL)
+  if ((var = cgiGetTextfield("DEVICE_URI")) != NULL)
   {
     if ((uriptr = strrchr(var, '|')) != NULL)
     {
@@ -880,7 +880,7 @@ do_am_printer(http_t *http,         /* I - HTTP connection */
     cgiCopyTemplateLang("choose-serial.tmpl");
     cgiEndHTML();
   }
-  else if (!name || !cgiGetVariable("PRINTER_LOCATION"))
+  else if (!name || !cgiGetTextfield("PRINTER_LOCATION"))
   {
     cgiStartHTML(title);
 
@@ -1119,7 +1119,7 @@ do_am_printer(http_t *http,               /* I - HTTP connection */
 
     httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL,
                      "localhost", 0, "/printers/%s",
-                    cgiGetVariable("PRINTER_NAME"));
+                    cgiGetTextfield("PRINTER_NAME"));
     ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri",
                  NULL, uri);
 
@@ -1132,12 +1132,12 @@ do_am_printer(http_t *http,             /* I - HTTP connection */
     }
 
     ippAddString(request, IPP_TAG_PRINTER, IPP_TAG_TEXT, "printer-location",
-                 NULL, cgiGetVariable("PRINTER_LOCATION"));
+                 NULL, cgiGetTextfield("PRINTER_LOCATION"));
 
     ippAddString(request, IPP_TAG_PRINTER, IPP_TAG_TEXT, "printer-info",
-                 NULL, cgiGetVariable("PRINTER_INFO"));
+                 NULL, cgiGetTextfield("PRINTER_INFO"));
 
-    cupsCopyString(uri, cgiGetVariable("DEVICE_URI"), sizeof(uri));
+    cupsCopyString(uri, cgiGetTextfield("DEVICE_URI"), sizeof(uri));
 
    /*
     * Strip make and model from URI...
@@ -1166,7 +1166,7 @@ do_am_printer(http_t *http,               /* I - HTTP connection */
 
     ippAddBoolean(request, IPP_TAG_PRINTER, "printer-is-accepting-jobs", 1);
 
-    var = cgiGetVariable("printer_is_shared");
+    var = cgiGetCheckbox("printer_is_shared");
     ippAddBoolean(request, IPP_TAG_PRINTER, "printer-is-shared",
                   var && (!strcmp(var, "1") || !strcmp(var, "on")));
 
@@ -1307,29 +1307,29 @@ do_config_server(http_t *http)          /* I - HTTP connection */
     * Get the checkbox values from the form...
     */
 
-    debug_logging        = cgiGetVariable("DEBUG_LOGGING") ? "1" : "0";
-    remote_admin         = cgiGetVariable("REMOTE_ADMIN") ? "1" : "0";
-    remote_any           = cgiGetVariable("REMOTE_ANY") ? "1" : "0";
-    share_printers       = cgiGetVariable("SHARE_PRINTERS") ? "1" : "0";
-    user_cancel_any      = cgiGetVariable("USER_CANCEL_ANY") ? "1" : "0";
+    debug_logging        = cgiGetCheckbox("DEBUG_LOGGING") ? "1" : "0";
+    remote_admin         = cgiGetCheckbox("REMOTE_ADMIN") ? "1" : "0";
+    remote_any           = cgiGetCheckbox("REMOTE_ANY") ? "1" : "0";
+    share_printers       = cgiGetCheckbox("SHARE_PRINTERS") ? "1" : "0";
+    user_cancel_any      = cgiGetCheckbox("USER_CANCEL_ANY") ? "1" : "0";
 
-    advanced = cgiGetVariable("ADVANCEDSETTINGS") != NULL;
+    advanced = cgiGetCheckbox("ADVANCEDSETTINGS") != NULL;
     if (advanced)
     {
      /*
       * Get advanced settings...
       */
 
-      browse_web_if        = cgiGetVariable("BROWSE_WEB_IF") ? "Yes" : "No";
-      max_clients          = cgiGetVariable("MAX_CLIENTS");
-      max_log_size         = cgiGetVariable("MAX_LOG_SIZE");
-      preserve_jobs        = cgiGetVariable("PRESERVE_JOBS");
+      browse_web_if        = cgiGetCheckbox("BROWSE_WEB_IF") ? "Yes" : "No";
+      max_clients          = cgiGetTextfield("MAX_CLIENTS");
+      max_log_size         = cgiGetTextfield("MAX_LOG_SIZE");
+      preserve_jobs        = cgiGetTextfield("PRESERVE_JOBS");
 
       if (preserve_jobs)
       {
-        max_jobs             = cgiGetVariable("MAX_JOBS");
-       preserve_job_history = cgiGetVariable("PRESERVE_JOB_HISTORY");
-       preserve_job_files   = cgiGetVariable("PRESERVE_JOB_FILES");
+        max_jobs             = cgiGetTextfield("MAX_JOBS");
+       preserve_job_history = cgiGetTextfield("PRESERVE_JOB_HISTORY");
+       preserve_job_files   = cgiGetTextfield("PRESERVE_JOB_FILES");
 
        if (!max_jobs || atoi(max_jobs) < 0)
          max_jobs = "500";
@@ -1374,7 +1374,7 @@ do_config_server(http_t *http)            /* I - HTTP connection */
     * Get authentication settings...
     */
 
-    if (cgiGetVariable("KERBEROS"))
+    if (cgiGetCheckbox("KERBEROS"))
       cupsCopyString(default_auth_type, "Negotiate", sizeof(default_auth_type));
     else
     {
@@ -1795,7 +1795,7 @@ do_delete_class(http_t *http)             /* I - HTTP connection */
     return;
   }
 
-  if ((pclass = cgiGetVariable("PRINTER_NAME")) != NULL)
+  if ((pclass = cgiGetTextfield("PRINTER_NAME")) != NULL)
     httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL,
                      "localhost", 0, "/classes/%s", pclass);
   else
@@ -1880,7 +1880,7 @@ do_delete_printer(http_t *http)           /* I - HTTP connection */
     return;
   }
 
-  if ((printer = cgiGetVariable("PRINTER_NAME")) != NULL)
+  if ((printer = cgiGetTextfield("PRINTER_NAME")) != NULL)
     httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL,
                      "localhost", 0, "/printers/%s", printer);
   else
@@ -2171,22 +2171,32 @@ do_menu(http_t *http)                   /* I - HTTP connection */
   if ((val = cupsGetOption(CUPS_SERVER_DEBUG_LOGGING, num_settings,
                            settings)) != NULL && atoi(val))
     cgiSetVariable("DEBUG_LOGGING", "CHECKED");
+  else
+    cgiSetVariable("DEBUG_LOGGING", "");
 
   if ((val = cupsGetOption(CUPS_SERVER_REMOTE_ADMIN, num_settings,
                            settings)) != NULL && atoi(val))
     cgiSetVariable("REMOTE_ADMIN", "CHECKED");
+  else
+    cgiSetVariable("REMOTE_ADMIN", "");
 
   if ((val = cupsGetOption(CUPS_SERVER_REMOTE_ANY, num_settings,
                            settings)) != NULL && atoi(val))
     cgiSetVariable("REMOTE_ANY", "CHECKED");
+  else
+    cgiSetVariable("REMOTE_ANY", "");
 
   if ((val = cupsGetOption(CUPS_SERVER_SHARE_PRINTERS, num_settings,
                            settings)) != NULL && atoi(val))
     cgiSetVariable("SHARE_PRINTERS", "CHECKED");
+  else
+    cgiSetVariable("SHARE_PRINTERS", "");
 
   if ((val = cupsGetOption(CUPS_SERVER_USER_CANCEL_ANY, num_settings,
                            settings)) != NULL && atoi(val))
     cgiSetVariable("USER_CANCEL_ANY", "CHECKED");
+  else
+    cgiSetVariable("USER_CANCEL_ANY", "");
 
 #ifdef HAVE_GSSAPI
   cgiSetVariable("HAVE_GSSAPI", "1");
@@ -2205,6 +2215,8 @@ do_menu(http_t *http)                     /* I - HTTP connection */
   if (!_cups_strcasecmp(val, "yes") || !_cups_strcasecmp(val, "on") ||
       !_cups_strcasecmp(val, "true"))
     cgiSetVariable("BROWSE_WEB_IF", "CHECKED");
+  else
+    cgiSetVariable("BROWSE_WEB_IF", "");
 
   if ((val = cupsGetOption("PreserveJobHistory", num_settings,
                            settings)) == NULL)
@@ -2288,7 +2300,7 @@ do_set_allowed_users(http_t *http)        /* I - HTTP connection */
 
 
   is_class = cgiGetVariable("IS_CLASS");
-  printer  = cgiGetVariable("PRINTER_NAME");
+  printer  = cgiGetTextfield("PRINTER_NAME");
 
   if (!printer)
   {
@@ -2299,7 +2311,7 @@ do_set_allowed_users(http_t *http)        /* I - HTTP connection */
     return;
   }
 
-  users = cgiGetVariable("users");
+  users = cgiGetTextfield("users");
   type  = cgiGetVariable("type");
 
   if (!users || !type ||
@@ -2541,7 +2553,7 @@ do_set_default(http_t *http)              /* I - HTTP connection */
 
 
   is_class = cgiGetVariable("IS_CLASS");
-  printer  = cgiGetVariable("PRINTER_NAME");
+  printer  = cgiGetTextfield("PRINTER_NAME");
   title    = cgiText(_("Set As Server Default"));
 
   if (!printer)
@@ -2651,7 +2663,7 @@ do_set_options(http_t *http,              /* I - HTTP connection */
   * Get the printer name...
   */
 
-  if ((printer = cgiGetVariable("PRINTER_NAME")) != NULL)
+  if ((printer = cgiGetTextfield("PRINTER_NAME")) != NULL)
     httpAssembleURIf(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipp", NULL,
                      "localhost", 0, is_class ? "/classes/%s" : "/printers/%s",
                     printer);
@@ -3365,8 +3377,8 @@ do_set_sharing(http_t *http)              /* I - HTTP connection */
 
 
   is_class = cgiGetVariable("IS_CLASS");
-  printer  = cgiGetVariable("PRINTER_NAME");
-  shared   = cgiGetVariable("SHARED");
+  printer  = cgiGetTextfield("PRINTER_NAME");
+  shared   = cgiGetCheckbox("SHARED");
 
   if (!printer || !shared)
   {

diff --git a/cgi-bin/cgi-private.h b/cgi-bin/cgi-private.h
index 23c3651bd5265ce9003c4a791605d7b634d44ad5..ffc798f6272f6f294695c105e2e13126d6213dbf 100644 (file)
--- a/cgi-bin/cgi-private.h
+++ b/cgi-bin/cgi-private.h
@@ -2,10 +2,11 @@
  * Private CGI definitions for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2011 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/cgi.h b/cgi-bin/cgi.h
index 2b7497a7de0029cbd7bac0378c655d8e05685503..18981d27587b0cd69aa1cfc101b37ed64689f5d0 100644 (file)
--- a/cgi-bin/cgi.h
+++ b/cgi-bin/cgi.h
@@ -70,11 +70,13 @@ extern char         *cgiFormEncode(char *dst, const char *src,
 extern void            cgiFreeSearch(void *search);
 extern char            *cgiGetArray(const char *name, int element);
 extern void            cgiGetAttributes(ipp_t *request, const char *tmpl);
+extern const char      *cgiGetCheckbox(const char *name);
 extern const char      *cgiGetCookie(const char *name);
 extern const cgi_file_t        *cgiGetFile(void);
 extern cups_array_t    *cgiGetIPPObjects(ipp_t *response, void *search);
 extern int             cgiGetSize(const char *name);
 extern char            *cgiGetTemplateDir(void);
+extern const char      *cgiGetTextfield(const char *name);
 extern char            *cgiGetVariable(const char *name);
 extern int             cgiInitialize(void);
 extern int             cgiIsPOST(void);

diff --git a/cgi-bin/classes.c b/cgi-bin/classes.c
index 602318308cf8d10ac16ca1bb269d7cc374d041f4..eb83a920d666c3c1119cc6aeaedaeaca2736c513 100644 (file)
--- a/cgi-bin/classes.c
+++ b/cgi-bin/classes.c
@@ -2,10 +2,11 @@
  * Class status CGI for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2016 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2016 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*
@@ -334,7 +335,7 @@ show_all_classes(http_t     *http,  /* I - Connection to server */
     * Get a list of matching job objects.
     */
 
-    if ((var = cgiGetVariable("QUERY")) != NULL &&
+    if ((var = cgiGetTextfield("QUERY")) != NULL &&
         !cgiGetVariable("CLEAR"))
       search = cgiCompileSearch(var);
     else

diff --git a/cgi-bin/help-index.h b/cgi-bin/help-index.h
index c6486f0152584f3e1067edaab44239ab08be7423..21c07bd3952b185230f16413071b839a9cfcca08 100644 (file)
--- a/cgi-bin/help-index.h
+++ b/cgi-bin/help-index.h
@@ -2,10 +2,11 @@
  * Online help index definitions for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 1997-2007 by Easy Software Products.
+ * Copyright © 2007-2011 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 #ifndef _CUPS_HELP_INDEX_H_

diff --git a/cgi-bin/help.c b/cgi-bin/help.c
index 348971275e4b07b133ccbf4d40d3fba5ee4c86d2..e85dcdedf47edb75e94a3f3d286289ff475b0fc8 100644 (file)
--- a/cgi-bin/help.c
+++ b/cgi-bin/help.c
@@ -2,10 +2,11 @@
  * Online help CGI for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2011 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*
@@ -172,7 +173,7 @@ main(int  argc,                             /* I - Number of command-line arguments */
   if (cgiGetVariable("CLEAR"))
     cgiSetVariable("QUERY", "");
 
-  query = cgiGetVariable("QUERY");
+  query = cgiGetTextfield("QUERY");
   si    = helpSearchIndex(hi, query, topic, helpfile);
 
   cgiClearVariables();

diff --git a/cgi-bin/html.c b/cgi-bin/html.c
index 97490bf19c005921b2085fbcea3fe4369a779721..41d7b09daae18daeb389d344f151c9e45da2b8c1 100644 (file)
--- a/cgi-bin/html.c
+++ b/cgi-bin/html.c
@@ -2,10 +2,11 @@
  * HTML support functions for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2011 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/ipp-var.c b/cgi-bin/ipp-var.c
index 72401783c4e4f9adcf313e2dcca58cac6bc9cb25..0f00a7511870667cbdecf53311887960c22919d2 100644 (file)
--- a/cgi-bin/ipp-var.c
+++ b/cgi-bin/ipp-var.c
@@ -2,10 +2,11 @@
  * CGI <-> IPP variable routines for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2016 by Apple Inc.
- * Copyright 1997-2007 by Easy Software Products.
+ * Copyright © 2007-2016 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/jobs.c b/cgi-bin/jobs.c
index 1217c1fd4fd970e0145239ddbcbe7d4b5d484db6..66a4f81a2ad9cb5332239e3ec35789456c78872c 100644 (file)
--- a/cgi-bin/jobs.c
+++ b/cgi-bin/jobs.c
@@ -2,10 +2,11 @@
  * Job status CGI for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2014 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2014 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/printers.c b/cgi-bin/printers.c
index 097ed6ba2c0b4ba52f8701524dbb30ab46841978..b20c0a9ff24282d28c9975a9c56054f1f1409c72 100644 (file)
--- a/cgi-bin/printers.c
+++ b/cgi-bin/printers.c
@@ -2,10 +2,11 @@
  * Printer status CGI for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2016 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2016 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*
@@ -351,7 +352,7 @@ show_all_printers(http_t     *http, /* I - Connection to server */
     * Get a list of matching job objects.
     */
 
-    if ((var = cgiGetVariable("QUERY")) != NULL &&
+    if ((var = cgiGetTextfield("QUERY")) != NULL &&
         !cgiGetVariable("CLEAR"))
       search = cgiCompileSearch(var);
     else

diff --git a/cgi-bin/search.c b/cgi-bin/search.c
index f9411c19f3a77d4d16f2eeefd025a607a0b8091d..106d15406b67559e1fb27039fe1edb726afa33f8 100644 (file)
--- a/cgi-bin/search.c
+++ b/cgi-bin/search.c
@@ -2,8 +2,8 @@
  * Search routines for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2018 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2018 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
  * Licensed under Apache License v2.0.  See the file "LICENSE" for more
  * information.

diff --git a/cgi-bin/template.c b/cgi-bin/template.c
index e3602c4e2c9c6cd265b304b685776a797306d97f..931e660ce402303f5b61d7b9417e6b13a63aa27e 100644 (file)
--- a/cgi-bin/template.c
+++ b/cgi-bin/template.c
@@ -2,10 +2,11 @@
  * CGI template function.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2015 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
+ * Copyright © 2007-2015 by Apple Inc.
+ * Copyright © 1997-2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 #include "cgi-private.h"
@@ -398,6 +399,8 @@ cgi_copy(FILE *out,                 /* I - Output file */
       * See if the terminating character requires another test...
       */
 
+      fprintf(stderr, "DEBUG2: %*s\"{%s}\"  mapped to \"%s\"...\n", indent, "", name, outptr);
+
       if (ch == '}')
       {
        /*

diff --git a/cgi-bin/testcgi.c b/cgi-bin/testcgi.c
index ed636b5d17988434a84a9900294fcd16ac17c0f0..836a237c535ce3ea69301ef1d4a666e94324a2b2 100644 (file)
--- a/cgi-bin/testcgi.c
+++ b/cgi-bin/testcgi.c
@@ -2,10 +2,11 @@
  * CGI test program for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2014 by Apple Inc.
- * Copyright 1997-2005 by Easy Software Products.
+ * Copyright © 2007-2014 by Apple Inc.
+ * Copyright © 1997-2005 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/testhi.c b/cgi-bin/testhi.c
index 26f867a97671f50590fd9afaeab0770bd60f665d..61afae422bcd53e7b16033b830254bb7f662a79d 100644 (file)
--- a/cgi-bin/testhi.c
+++ b/cgi-bin/testhi.c
@@ -2,10 +2,11 @@
  * Help index test program for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2017 by Apple Inc.
- * Copyright 1997-2007 by Easy Software Products.
+ * Copyright © 2007-2017 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/testtemplate.c b/cgi-bin/testtemplate.c
index 7f9ba78e8da0b42ca7b3e6e2c04f06e83d7913a9..a68a4b75953fc9dec9c173bfff5b48a68dcd81bc 100644 (file)
--- a/cgi-bin/testtemplate.c
+++ b/cgi-bin/testtemplate.c
@@ -2,10 +2,11 @@
  * CGI template test program for CUPS.
  *
  * Copyright © 2020-2024 by OpenPrinting.
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 2006 by Easy Software Products.
+ * Copyright © 2007-2011 by Apple Inc.
+ * Copyright © 2006 by Easy Software Products.
  *
- * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more
+ * information.
  */
 
 /*

diff --git a/cgi-bin/var.c b/cgi-bin/var.c
index 0e5f6a43ec2e84902a1ac445f0083255ac2b798f..d03a5d77a3ec12017c2db522e4aa4a7559f1ef90 100644 (file)
--- a/cgi-bin/var.c
+++ b/cgi-bin/var.c
@@ -178,6 +178,41 @@ cgiGetArray(const char *name,              /* I - Name of array variable */
 }
 
 
+/*
+ * 'cgiGetCheckbox()' - Get a checkbox value, deleting any invalid values.
+ */
+
+const char *                           /* O - Value or NULL */
+cgiGetCheckbox(const char *name)       /* I - Name of form field */
+{
+  _cgi_var_t   *var = cgi_find_variable(name);
+                                       /* Found variable */
+  const char   *value = var ? var->values[var->nvalues - 1] : NULL;
+
+
+  if (value && _cups_strcasecmp(value, "checkbox"))
+  {
+   /*
+    * Delete the invalid checkbox value...
+    */
+
+    int i = var - form_vars, j;
+
+    form_count --;
+
+    for (j = 0; j < var->nvalues; j ++)
+      free(var->values[j]);
+    free(var->name);
+    free(var->values);
+
+    if (i < form_count)
+      memmove(var, var + 1, (size_t)(form_count - i) * sizeof(_cgi_var_t));
+  }
+
+  return (value);
+}
+
+
 /*
  * 'cgiGetCookie()' - Get a cookie value.
  */
@@ -217,6 +252,41 @@ cgiGetSize(const char *name)               /* I - Name of variable */
 }
 
 
+/*
+ * 'cgiGetTextfield()' - Get a textfield value, deleting any invalid values.
+ */
+
+const char *                           /* O - Value or NULL */
+cgiGetTextfield(const char *name)      /* I - Name of form field */
+{
+  _cgi_var_t   *var = cgi_find_variable(name);
+                                       /* Found variable */
+  const char   *value = var ? var->values[var->nvalues - 1] : NULL;
+
+
+  if (value && strchr(value, '\"') != NULL)
+  {
+   /*
+    * Delete the invalid text field value...
+    */
+
+    int i = var - form_vars, j;
+
+    form_count --;
+
+    for (j = 0; j < var->nvalues; j ++)
+      free(var->values[j]);
+    free(var->name);
+    free(var->values);
+
+    if (i < form_count)
+      memmove(var, var + 1, (size_t)(form_count - i) * sizeof(_cgi_var_t));
+  }
+
+  return (value);
+}
+
+
 /*
  * 'cgiGetVariable()' - Get a CGI variable from the database.
  *