/*******************************************\
| * Ce programme est sous licence GNU GPL * |
| * This software is under GNU/GPL licence * |
| * * * * * * * * * * * * * * * * * * * * * * |
| * http://www.gnu.org/copyleft/gpl.html * |
\*******************************************/
/* Créé par Laurent Coustet <ed@zehome.com>
* http://ed.zehome.com/
* Made by Laurent Coustet <ed@zehome.com>
*/
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <mysql/mysql.h>
#include "mysql.h"
#include "debug.h"
#include "guestbook.h"
/* vim: set shiftwidth=2 tabstop=2
*/
void GetGB ()
{
MYSQL mysql;
MYSQL_ROW row;
MYSQL_RES *result;
MYSQL_FIELD *field;
ST_GB *guestbook;
unsigned int num_fields;
unsigned int i,j=0;
unsigned long *lengths;
connect(&mysql);
query(&mysql,"SELECT id,auteur,ip,browser,texte,DATE_FORMAT(date,'%W %%e %M %Y') AS formated_date FROM site_guestbook ORDER by date desc",NULL);
if ((result = mysql_store_result(&mysql))==NULL)
{
// ERROR("Impossible d'executer une requete SQL!");
printf("Impossible d'executer une requete SQL!\n");
return;
}
num_fields = mysql_num_fields(result);
// On attribue a guestbook la taille nécessaire.
//guestbook = malloc((int)num_fields*sizeof(ST_GB));
guestbook = malloc(sizeof(ST_GB)*1000);
field = mysql_fetch_field(result);
while((row = mysql_fetch_row(result)))
{
lengths = mysql_fetch_lengths(result);
for(i = 0; i < num_fields && i<999; i++)
{
if (strcmp(field[i].name,"id")==0)
{
guestbook[j].id = atoi(row[i]);
}
if (strcmp(field[i].name,"ip")==0)
{
guestbook[j].ip = strdup(row[i]);
}
if (strcmp(field[i].name,"texte")==0)
{
guestbook[j].texte = strdup(row[i]);
}
if (strcmp(field[i].name,"auteur")==0)
{
guestbook[j].auteur = strdup(row[i]);
}
if (strcmp(field[i].name,"formated_date")==0)
{
guestbook[j].date = strdup(row[i]);
}
}
j++;
} // while
print_gb_head();
for(i=0;i< mysql_num_rows(result);i++)
{
printf("<h1 style=\"text-align: left; font-size: 1em;\">Posté par : %s, %s (%s)</h1>\n<br />\n%s\n",
guestbook[i].auteur,
guestbook[i].date,
guestbook[i].ip,
guestbook[i].texte);
free(guestbook[i].auteur);
free(guestbook[i].date);
free(guestbook[i].ip);
free(guestbook[i].texte);
}
free(guestbook);
mysql_free_result(result);
disconnect(&mysql);
return;
}
void print_gb_head()
{
printf("<h1>Le livre d'or</h1>\n\n");
printf("<form method=\"post\" /><input type=\"hidden\" name=\"page\" value=\"addgb\" />\n");
printf("Auteur: <input type=\"text\" name=\"auteur\"><br />\n");
printf("Texte: <textarea name=\"texte\" cols=\"50\"></textarea><br />\n");
printf("<input type=\"submit\" value=\"Envoyer\" />\n</form>\n");
}
char *sanitize(char *t, int len)
{
char *new;
int pos = 0;
len += 64;
new = malloc(len);
while (*t)
{
switch (*t)
{
case '>':
if (pos + 4 > len)
{
len += 64;
realloc(new, len);
}
new[pos++] = '&';
new[pos++] = 'g';
new[pos++] = 't';
new[pos] = ';';
break;
case '<':
if (pos + 4 > len)
{
len += 64;
realloc(new, len);
}
new[pos++] = '&';
new[pos++] = 'l';
new[pos++] = 't';
new[pos] = ';';
break;
case '\"':
if (pos + 2 > len)
{
len += 64;
realloc(new, len);
}
new[pos++] = '\\';
new[pos] = '\"';
break;
default:
new[pos] = *t;
break;
}
pos++;
t++;
}
new[pos] = '\0';
return new;
}
int AddGB(char *texte, char *auteur, char *ip, char *browser)
{
MYSQL mysql;
char *saut, *stexte, *sip, *sbrowser;
connect(&mysql);
if ((! auteur) || (! ip) || (! texte))
return 1;
saut = sanitize(auteur, strlen(auteur));
stexte = sanitize(texte, strlen(texte));
sip = sanitize(ip, strlen(ip));
sbrowser = sanitize(browser, strlen(browser));
query(&mysql,"INSERT INTO site_guestbook (texte,auteur,ip,browser,date) VALUES (\"%s\",\"%s\",\"%s\",\"%s\",NOW())",stexte,saut,sip,sbrowser);
disconnect(&mysql);
free(saut);
free(stexte);
free(sip);
free(sbrowser);
return 0;
}