Mercurial > hg > rlgwebd
view sqlickrypt.c @ 49:423ef87ddc9b
RLG-Web: delay removing TermSessions until the client is informed.
Add a TermSession.sendq flag that indicates whether a type q message
has been sent to the client. Don't immediately destroy the TermSession
on child exit if the message hasn't been sent.
This is an ugly hack until the TermSession class is separated into an
EventEmitter to handle the PTY and a listening object that handles
communication with the client. That will also allow other clients to
watch the game.
author | John "Elwin" Edwards <elwin@sdf.org> |
---|---|
date | Mon, 11 Jun 2012 09:15:33 -0700 |
parents | f275d816e857 |
children | c08717cb7793 |
line wrap: on
line source
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <ctype.h> #include <sqlite3.h> #include <unistd.h> #include <crypt.h> #define DATABASE "/dgldir/dgamelaunch.db" #define IBUFSIZE 200 int check(char *uname, char *pw) { char *pwhash, *comphash; char *query = "SELECT password FROM dglusers WHERE username=?;"; int status; sqlite3 *db; sqlite3_stmt *qstmt; status = sqlite3_open(DATABASE, &db); if (status) { sqlite3_close(db); return 3; } sqlite3_prepare_v2(db, query, -1, &qstmt, NULL); if (qstmt == NULL) { sqlite3_close(db); return 3; } status = sqlite3_bind_text(qstmt, 1, uname, -1, SQLITE_TRANSIENT); if (status) { sqlite3_finalize(qstmt); sqlite3_close(db); return 3; } status = sqlite3_step(qstmt); if (status != SQLITE_ROW) { sqlite3_finalize(qstmt); sqlite3_close(db); if (status == SQLITE_DONE) return 2; /* User not found */ return 3; } pwhash = strdup((char *) sqlite3_column_text(qstmt, 0)); /* Clean up */ sqlite3_finalize(qstmt); sqlite3_close(db); /* Check the password */ comphash = crypt(pw, pwhash); if (!strcmp(pwhash, comphash)) status = 0; else status = 1; free(pwhash); return status; } int insertuser(char *uname, char *pw, char *email) { char *checkquery = "SELECT * FROM dglusers WHERE username = ?;"; char *addquery = "INSERT INTO dglusers (username, password, email) VALUES (?, ?, ?);"; int status; sqlite3 *db; sqlite3_stmt *qstmt; status = sqlite3_open(DATABASE, &db); if (status) { sqlite3_close(db); return 3; } /* Check for existing account in the same transaction with creating it. */ status = sqlite3_exec(db, "BEGIN;", NULL, NULL, NULL); if (status) { sqlite3_close(db); return 3; } sqlite3_prepare_v2(db, checkquery, -1, &qstmt, NULL); if (qstmt == NULL) { sqlite3_close(db); return 3; } sqlite3_bind_text(qstmt, 1, uname, -1, SQLITE_TRANSIENT); status = sqlite3_step(qstmt); if (status != SQLITE_DONE) { sqlite3_finalize(qstmt); sqlite3_close(db); if (status == SQLITE_ROW) return 1; /* User already exists */ return 3; } /* The username doesn't exist yet, so create a new account. */ sqlite3_finalize(qstmt); sqlite3_prepare_v2(db, addquery, -1, &qstmt, NULL); if (qstmt == NULL) { sqlite3_close(db); return 3; } sqlite3_bind_text(qstmt, 1, uname, -1, SQLITE_TRANSIENT); sqlite3_bind_text(qstmt, 2, strdup(crypt(pw, pw)), -1, free); sqlite3_bind_text(qstmt, 3, email, -1, SQLITE_TRANSIENT); status = sqlite3_step(qstmt); if (status != SQLITE_DONE) { sqlite3_finalize(qstmt); sqlite3_close(db); return 3; } status = sqlite3_exec(db, "COMMIT;", NULL, NULL, NULL); sqlite3_finalize(qstmt); sqlite3_close(db); return status; } int main(int argc, char *argv[]) { char ibuf[IBUFSIZE], *uname, *pw, *email; char *cptr; // Utility pointer int status; /* Read in the username and password */ fgets(ibuf, IBUFSIZE, stdin); uname = ibuf; pw = strchr(uname, '\n'); if (pw == NULL) exit(4); /* Truncated */ *pw = '\0'; pw++; fgets(pw, IBUFSIZE - (pw - ibuf), stdin); if (pw[strlen(pw) - 1] == '\n') pw[strlen(pw) - 1] = '\0'; else exit(4); /* Truncated */ if (argc > 1 && !strcmp(argv[1], "register")) { email = pw + strlen(pw) + 1; fgets(email, IBUFSIZE - (email - ibuf), stdin); if (email[strlen(email) - 1] == '\n') email[strlen(email) - 1] = '\0'; else exit(4); for (cptr = email; *cptr != '\0'; cptr++) { if (!isalnum(*cptr) && !strchr("@._-", *cptr)) { exit(4); } } } /* Sanitize the username, because it gets put into a query. */ for (cptr = uname; *cptr != '\0'; cptr++) { if (!isalnum(*cptr)) { exit(4); } } if (argc == 1 || !strcmp(argv[1], "check")) status = check(uname, pw); else if (!strcmp(argv[1], "register")) { status = insertuser(uname, pw, email); } else status = 127; return status; }