src/lib/cheapcgi.c 6f3056fb1c519aeb262d6c1cc9f352652e3086ae

6f3056fb1c519aeb262d6c1cc9f352652e3086ae
max
  Mon May 27 07:49:54 2024 -0700
not setting pix if run from command line, email from Lou that qa scripts are not running anymore

diff --git src/lib/cheapcgi.c src/lib/cheapcgi.c
index bcbfa18..f8f27aa 100644
--- src/lib/cheapcgi.c
+++ src/lib/cheapcgi.c
@@ -245,35 +245,38 @@
 void dumpCookieList()
 /* Print out the cookie list. */
 {
 struct cgiVar *v;
 for (v=cookieList; v != NULL; v = v->next)
     printf("%s=%s (%d)\n", v->name, v->val, v->saved);
 }
 
 void useTempFile()
 /* tell cheapcgi to use temp files */
 {
 doUseTempFile = TRUE;
 }
 
 boolean cgiIsOnWeb()
-/* Return TRUE if looks like we're being run as a CGI. */
+/* Return TRUE if looks like we're being run as a CGI. 
+ * You cannot use this in your own CGIs to determine if you're run from the command line, 
+ * as cgiFromCommandLine() will set this parameter.*/
 {
 return getenv("REQUEST_METHOD") != NULL;
 }
 
+
 char *cgiRequestMethod()
 /* Return CGI REQUEST_METHOD (such as 'GET/POST/PUT/DELETE/HEAD') */
 {
 return getenv("REQUEST_METHOD");
 }
 
 char *cgiRequestUri()
 /* Return CGI REQUEST_URI */
 {
 return getenv("REQUEST_URI");
 }
 
 char *cgiRequestContentLength()
 /* Return HTTP REQUEST CONTENT_LENGTH if available*/
 {
@@ -2508,59 +2511,64 @@
 dyStringAppend(dy, var);
 dyStringAppendC(dy, '=');
 char *s = cgiEncode(val);
 dyStringAppend(dy, s);
 freez(&s);
 }
 
 void cgiContinueAllVars()
 /* Write back all CGI vars as hidden input for next time around. */
 {
 struct cgiVar *cv;
 for (cv = inputList; cv != NULL; cv = cv->next)
     cgiMakeHiddenVar(cv->name, cv->val);
 }
 
+// flag to keep track if the current process was run from the command line (true) or not (false)
+static boolean wasSpoofed = FALSE;
 
 boolean cgiFromCommandLine(int *pArgc, char *argv[], boolean preferWeb)
 /* Use the command line to set up things as if we were a CGI program.
  * User types in command line (assuming your program called cgiScript)
  * like:
  *        cgiScript nonCgiArg1 var1=value1 var2=value2 var3=value3 nonCgiArg2
  * or like
  *        cgiScript nonCgiArg1 var1=value1&var2=value2&var3=value3 nonCgiArg2
  * or even like
  *        cgiScript nonCgiArg1 -x -y=bogus z=really
  * (The non-cgi arguments can occur anywhere.  The cgi arguments (all containing
  * the character '=' or starting with '-') are erased from argc/argv.  Normally
  * you call this cgiSpoof(&argc, argv);
  */
 {
 int argc = *pArgc;
 int i;
 int argcLeft = argc;
 char *name;
 static char queryString[65536];
 char *q = queryString;
 boolean needAnd = TRUE;
 boolean gotAny = FALSE;
 boolean startDash;
 boolean gotEq;
 static char hostLine[512];
 
 if (preferWeb && cgiIsOnWeb())
     return TRUE;	/* No spoofing required! */
+
+wasSpoofed = TRUE;
+
 q += safef(q, queryString + sizeof(queryString) - q,
 	   "%s", "QUERY_STRING=cgiSpoof=on");
 for (i=0; i<argcLeft; )
     {
     name = argv[i];
     if ((startDash = (name[0] == '-')))
        ++name;
     gotEq = (strchr(name, '=') != NULL);
     if (gotEq || startDash)
         {
         if (needAnd)
             *q++ = '&';
         q += safef(q, queryString + sizeof(queryString) - q, "%s", name);
         if (!gotEq || strchr(name, '&') == NULL)
             needAnd = TRUE;
@@ -2584,30 +2592,36 @@
     host = "unknown";
 safef(hostLine, sizeof(hostLine), "SERVER_NAME=%s", host);
 putenv(hostLine);
 initCgiInput();
 return gotAny;
 }
 
 boolean cgiSpoof(int *pArgc, char *argv[])
 /* If run from web line set up input
  * variables from web line, otherwise
  * set up from command line. */
 {
 return cgiFromCommandLine(pArgc, argv, TRUE);
 }
 
+boolean cgiWasSpoofed()
+/* was the CGI run from the command line? */
+{
+    return wasSpoofed;
+}
+
 boolean cgiFromFile(char *fileName)
 /* Set up a cgi environment using parameters stored in a file.
  * Takes file with arguments in the form:
  *       argument1=someVal
  *       # This is a comment
  *       argument2=someOtherVal
  *       ...
  * and puts them into the cgi environment so that the usual
  * cgiGetVar() commands can be used. Useful when a program
  * has a lot of possible parameters.
  */
 {
 char **argv = NULL;
 int argc = 0;
 int maxArgc = 10;
@@ -2631,30 +2645,31 @@
     /* If our argv array is full expand it. */
     if((argc+1) >= maxArgc)
 	{
 	ExpandArray(argv, maxArgc, 2*maxArgc);
 	maxArgc *= 2;
 	}
     /* Fill in another argument to our psuedo arguments. */
     argv[argc++] = cloneString(line);
     }
 spoof = cgiSpoof(&argc, argv);
 /* Cleanup. */
 lineFileClose(&lf);
 for(i=0; i<argc; i++)
     freez(&argv[i]);
 freez(&argv);
+wasSpoofed = TRUE;
 return spoof;
 }
 
 void logCgiToStderr()
 /* Log useful CGI info to stderr */
 {
 char *ip = getenv("REMOTE_ADDR");
 char *cgiBinary = getenv("SCRIPT_FILENAME");
 char *requestUri = getenv("REQUEST_URI");
 char *hgsid = cgiOptionalString("hgsid");
 char *cgiFileName = NULL;
 time_t nowTime = time(NULL);
 struct tm *tm;
 tm = localtime(&nowTime);
 char *ascTime = asctime(tm);