On Thu, Aug 31, 2006 at 09:41:50PM -0500, T.J. Yang wrote:
I like to display hobbit configuration file also, where can I find this script ?
It's my highly guarded secret intellectual property :-)
#!/bin/sh
echo "Content-type: text/plain" echo ""
REQ="/usr/local/bin/safequery"
if [ "$REQ" = "alert" ] then cat /etc/hobbit/hobbit-alerts.cfg elif [ "$REQ" = "client" ] then cat /etc/hobbit/hobbit-clients.cfg elif [ "$REQ" = "clientlocal" ] then cat /etc/hobbit/client-local.cfg elif [ "$REQ" = "server" ] then cat /etc/hobbit/hobbitserver.cfg elif [ "$REQ" = "launch" ] then cat /etc/hobbit/hobbitlaunch.cfg elif [ "$REQ" = "graph" ] then cat /etc/hobbit/hobbitgraph.cfg else bbcmd bbhostshow fi
exit 0
The "safequery" utility just scans the QUERY_STRING environment and if it only contains characters that are "safe" in a shell script, it prints out the QUERY_STRING value. This is something I wrote years ago to make this kind of quick-and-dirty CGI scripts safer to use.
#include <stdio.h> #include <string.h> #include <stdlib.h>
char *safechars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_+?~=";
int main(int argc, char *argv[]) { unsigned char *querystring; unsigned char *p;
querystring = getenv("QUERY_STRING");
if (!querystring) {
return 0;
};
for (p=querystring; (*p); p++) {
if (!strchr(safechars, *p)) {
return 1;
}
}
printf("%s\n", querystring);
return 0;}
Regards, Henrik