Develop and Download Open Source Software

mybbs

Browse Subversion Repository

/[bbs-as-pbbs]/WebModuleUnit1.pas

Contents of /WebModuleUnit1.pas

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1 - (show annotations) (download) (as text)
Wed Sep 23 09:26:54 2015 UTC (8 years, 6 months ago) by yamat0jp
File MIME type: text/x-pascal
File size: 17763 byte(s) 
危険なクッキー送信を訂正

デバッグ環境をひとまず無視(xamppで開発しています)

ログアウトさせる機能実装(オートログアウトはやめました)

※注意
 リソースにhtmlファイルを含めたので.res, .dresファイルをcgiファイルと同じフォルダにおいてください。

 sqliteファイル(.sdb)にパーミッションを設定しないと不正アクセスされます。
1 unit WebModuleUnit1;
2
3 interface
4
5 uses System.SysUtils, System.Classes, Web.HTTPApp, FireDAC.Stan.Intf,
6 FireDAC.Stan.Option, FireDAC.Stan.Param, FireDAC.Stan.Error, FireDAC.DatS,
7 FireDAC.Phys.Intf, FireDAC.DApt.Intf, FireDAC.Stan.Async, FireDAC.DApt,
8 FireDAC.UI.Intf, FireDAC.Stan.Def, FireDAC.Stan.Pool, FireDAC.Phys,
9 FireDAC.Phys.SQLite, FireDAC.Phys.SQLiteDef, FireDAC.Stan.ExprFuncs, Data.DB,
10 FireDAC.Comp.Client, FireDAC.Comp.DataSet, Web.HTTPProd, Web.DSProd,
11 AnsiStrings, System.DateUtils, System.Types;
12
13 type
14 TWebModule1 = class(TWebModule)
15 FDTable1: TFDTable;
16 FDConnection1: TFDConnection;
17 FDTable2: TFDTable;
18 FDTable2home: TWideMemoField;
19 FDTable2title: TWideMemoField;
20 FDTable2title2: TWideMemoField;
21 FDTable2pass: TWideMemoField;
22 PageProducer1: TPageProducer;
23 DataSetPageProducer2: TDataSetPageProducer;
24 FDTable1name: TWideMemoField;
25 FDTable1no: TIntegerField;
26 FDTable1date: TWideMemoField;
27 FDTable1sub: TWideMemoField;
28 FDTable1com: TWideMemoField;
29 FDTable1pass: TWideMemoField;
30 adminDS: TDataSetPageProducer;
31 FDTable2ngwords: TWideMemoField;
32 FDTable3: TFDTable;
33 FDTable3link: TIntegerField;
34 FDTable3count: TIntegerField;
35 FDTable1line: TIntegerField;
36 FDTable3line: TIntegerField;
37 procedure WebModule1DefaultHandlerAction(Sender: TObject;
38 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
39 procedure PageProducer1HTMLTag(Sender: TObject; Tag: TTag;
40 const TagString: string; TagParams: TStrings; var ReplaceText: string);
41 procedure WebModule1registAction(Sender: TObject; Request: TWebRequest;
42 Response: TWebResponse; var Handled: Boolean);
43 procedure DataSetPageProducer2HTMLTag(Sender: TObject; Tag: TTag;
44 const TagString: string; TagParams: TStrings; var ReplaceText: string);
45 procedure WebModule1userdelAction(Sender: TObject; Request: TWebRequest;
46 Response: TWebResponse; var Handled: Boolean);
47 procedure WebModule1adminAction(Sender: TObject; Request: TWebRequest;
48 Response: TWebResponse; var Handled: Boolean);
49 procedure WebModule1admindelAction(Sender: TObject; Request: TWebRequest;
50 Response: TWebResponse; var Handled: Boolean);
51 procedure WebModule1loginAction(Sender: TObject; Request: TWebRequest;
52 Response: TWebResponse; var Handled: Boolean);
53 procedure WebModuleBeforeDispatch(Sender: TObject; Request: TWebRequest;
54 Response: TWebResponse; var Handled: Boolean);
55 procedure WebModule1setupAction(Sender: TObject; Request: TWebRequest;
56 Response: TWebResponse; var Handled: Boolean);
57 procedure WebModule1searchAction(Sender: TObject; Request: TWebRequest;
58 Response: TWebResponse; var Handled: Boolean);
59 procedure WebModuleCreate(Sender: TObject);
60 procedure WebModuleDestroy(Sender: TObject);
61 private
62 { private ���� }
63 public
64 { public ���� }
65 user: string;
66 time: Int64;
67 words: TStringList;
68 position: integer;
69 uri: string;
70 foo: string;
71 function footer(const path: string): string;
72 function regist(var com: string): integer;
73 end;
74
75 var
76 WebModuleClass: TComponentClass = TWebModule1;
77
78 implementation
79
80 { %CLASSGROUP 'Vcl.Controls.TControl' }
81
82 {$R *.dfm}
83
84 procedure TWebModule1.DataSetPageProducer2HTMLTag(Sender: TObject; Tag: TTag;
85 const TagString: string; TagParams: TStrings; var ReplaceText: string);
86 begin
87 ReplaceText := FDTable1.FieldByName(TagString).AsString;
88 end;
89
90 function TWebModule1.footer(const path: string): string;
91 var
92 s1, s2, t1, t2: string;
93 home: string;
94 i, k, count: integer;
95 function linkcontent: string;
96 var
97 j, link: integer;
98 begin
99 result := '';
100 link := FDTable3.FieldByName('link').AsInteger;
101 if position > link div 2 then
102 begin
103 if (FDTable1.RecordCount - 1) div count < position + link div 2 then
104 i := FDTable1.RecordCount div count - link - position
105 else
106 i := -(link div 2)
107 end
108 else if position = -1 then
109 i := -position + FDTable1.RecordCount div count - link
110 else
111 i := -position;
112 for j := 0 to link do
113 begin
114 if FDTable1.RecordCount <= (position + i + j) * count then
115 break;
116 if position + i + j < 0 then
117 continue;
118 if i + j = 0 then
119 result := result + ' ' + IntToStr(position + 1) + ' '
120 else
121 result := result + Format(' <a href="' + home + path +
122 '?pos=%d">%d</a> ', [position + i + j, position + 1 + i + j]);
123 end;
124 end;
125
126 begin
127 count := FDTable3.FieldByName('count').AsInteger;
128 if path = 'admin' then
129 home := String(ReplaceText(FDTable2.FieldByName('home').AsAnsiString,
130 'http', 'https'))
131 else
132 home := FDTable2.FieldByName('home').AsString;
133 if position <= -1 then
134 begin
135 s1 := '���V%d�����L�����\��<br><center>Pages : [<b>';
136 s2 := '<<' + linkcontent + '>>] ���V</b><br></center>';
137 result := Format(s1, [count]) + s2;
138 end
139 else
140 begin
141 if position = 0 then
142 t1 := '?pos=0'
143 else
144 t1 := '?pos=' + IntToStr(position - 1);
145 i := (FDTable1.RecordCount - 1) div count;
146 if position > i then
147 position := i;
148 if position = i then
149 begin
150 t2 := '?pos=' + IntToStr(position);
151 k := FDTable1.RecordCount;
152 end
153 else
154 begin
155 t2 := '?pos=' + IntToStr(position + 1);
156 k := (position + 1) * count;
157 end;
158 s1 := '%d ���� %d ������ %d �������\��<br><center>Page : [<b>';
159 s2 := '<a href="' + home + path + t1 + '"><<</a>' + linkcontent +
160 '<a href="' + home + path + t2 + '">>></a>] <a href="' + home + path +
161 '">���V</a></b></center>';
162 result := Format(s1, [FDTable1.RecordCount, position * count + 1, k]) + s2;
163 end;
164 end;
165
166 procedure TWebModule1.PageProducer1HTMLTag(Sender: TObject; Tag: TTag;
167 const TagString: string; TagParams: TStrings; var ReplaceText: string);
168 var
169 i, j, count: integer;
170 s: TDataSetPageProducer;
171 begin
172 if TagString = 'home' then
173 begin
174 if (uri = 'admin')or(uri = 'login') then
175 ReplaceText := String(AnsiReplaceText(FDTable2.FieldByName('home')
176 .AsAnsiString, 'http', 'https'))
177 else
178 ReplaceText := FDTable2.FieldByName('home').AsString;
179 end;
180 if (TagString = 'title') or (TagString = 'title2') then
181 ReplaceText := FDTable2.FieldByName(TagString).AsString;
182 if TagString = 'username' then
183 ReplaceText := user;
184 if TagString = 'main' then
185 begin
186 if FDTable1.RecordCount = 0 then
187 begin
188 if uri = 'index' then
189 ReplaceText := '�������e������������.';
190 end
191 else
192 begin
193 count := FDTable3.FieldByName('count').AsInteger;
194 if uri = 'admin' then
195 s := adminDS
196 else
197 s := DataSetPageProducer2;
198 if position < -1 then
199 position := -1;
200 if (position + 1) * count > FDTable1.RecordCount then
201 position := (FDTable1.RecordCount - 1) div count;
202 if position = -1 then
203 begin
204 if FDTable1.RecordCount < count then
205 j := FDTable1.RecordCount mod count
206 else
207 j := count;
208 end
209 else if FDTable1.RecordCount < (position + 1) * count then
210 j := FDTable1.RecordCount - position * count
211 else
212 j := count;
213 if position = -1 then
214 FDTable1.Last
215 else
216 FDTable1.RecNo := (position + 1) * count;
217 for i := 1 to j do
218 begin
219 ReplaceText := ReplaceText + s.Content;
220 FDTable1.Prior;
221 end;
222 end;
223 end;
224 if TagString = 'footer' then
225 if TagParams.Values['refer'] = 'true' then
226 ReplaceText := foo
227 else
228 begin
229 foo := footer(uri);
230 ReplaceText := foo;
231 end;
232 if TagString = 'text' then
233 if FDTable1.Filtered = false then
234 ReplaceText := '����������'
235 else
236 ReplaceText := '�Y������ ' + IntToStr(FDTable1.RecordCount) + ' ��' +
237 '<br><#main>';
238 end;
239
240 function TWebModule1.regist(var com: string): integer;
241 var
242 i: integer;
243 begin
244 result := 1;
245 i := 1;
246 while True do
247 begin
248 i := Pos(#$D#$A, com, i);
249 if i = 0 then
250 break;
251 Delete(com, i, Length(#$D#$A));
252 Insert('<br>', com, i);
253 inc(i, 4);
254 inc(result);
255 end;
256 end;
257
258 procedure TWebModule1.WebModule1adminAction(Sender: TObject;
259 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
260 var
261 s: string;
262 x: Boolean;
263 procedure something;
264 var
265 s: TResourceStream;
266 begin
267 x := false;
268 s := TResourceStream.Create(HInstance,'admin',RT_RCDATA);
269 try
270 uri:='admin';
271 PageProducer1.HTMLDoc.LoadFromStream(s);
272 Response.ContentType := 'text/html; charset=utf-8;';
273 Response.Content := PageProducer1.Content;
274 finally
275 s.Free;
276 end;
277 end;
278 procedure AddCookie(day: integer);
279 begin
280 with Response.Cookies.Add do
281 begin
282 Path := ReplaceText(FDTable2.FieldByName('home').AsAnsiString + 'admin','http','https');
283 Expires := Now + day;
284 Name := 'psw';
285 Value := AnsiString(s);
286 Secure := True;
287 end;
288 end;
289
290 begin
291 if Request.Query = 'del' then
292 begin
293 AddCookie(-3);
294 Response.SendRedirect(FDTable2.FieldByName('home').AsAnsiString);
295 Exit;
296 end;
297 x := True;
298 s := Request.ContentFields.Values['password'];
299 position := StrToIntDef(Request.QueryFields.Values['pos'], -1);
300 if s <> '' then
301 begin
302 AddCookie(1);
303 if s = FDTable2.FieldByName('pass').AsString then
304 something;
305 end
306 else if Request.CookieFields.Values['psw'] = FDTable2.FieldByName('pass').AsString
307 then
308 something;
309 if x = True then
310 Response.SendRedirect(FDTable2.FieldByName('home').AsAnsiString + 'login');
311 end;
312
313 procedure TWebModule1.WebModule1admindelAction(Sender: TObject;
314 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
315 var
316 i: integer;
317 begin
318 for i := 0 to Request.ContentFields.count - 1 do
319 if FDTable1.Locate('no', Request.ContentFields.ValueFromIndex[i], []) = True
320 then
321 FDTable1.Delete;
322 Response.SendRedirect(ReplaceText(FDTable2.FieldByName('home').AsAnsiString +
323 'admin', 'http', 'https'));
324 end;
325
326 procedure TWebModule1.WebModule1DefaultHandlerAction(Sender: TObject;
327 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
328 var
329 s: TResourceStream;
330 begin
331 position := StrToIntDef(Request.QueryFields.Values['pos'], -1);
332 user := Request.CookieFields.Values['UID'];
333 s:=TResourceStream.Create(HInstance,'index',RT_RCDATA);
334 try
335 uri:='index';
336 PageProducer1.HTMLDoc.LoadFromStream(s);
337 Response.ContentType := 'text/html; charset=utf-8;';
338 Response.Content := PageProducer1.Content;
339 finally
340 s.Free;
341 end;
342 end;
343
344 procedure TWebModule1.WebModule1loginAction(Sender: TObject;
345 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
346 var
347 s: TResourceStream;
348 begin
349 s:=TResourceStream.Create(HInstance,'login',RT_RCDATA);
350 try
351 uri:='login';
352 PageProducer1.HTMLDoc.LoadFromStream(s);
353 Response.ContentType := 'text/html; charset=utf-8;';
354 Response.Content := PageProducer1.Content;
355 finally
356 s.Free;
357 end;
358 end;
359
360 procedure TWebModule1.WebModule1registAction(Sender: TObject;
361 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
362 var
363 na, sub, com, pass: string;
364 no, line: integer;
365 i: integer;
366 begin
367 with Request.ContentFields do
368 begin
369 na := Values['name'];
370 sub := Values['title'];
371 com := Values['comment'];
372 pass := Values['password'];
373 end;
374 line:=0;
375 if na = '' then
376 na := '�N������';
377 if sub = '' then
378 sub := '�^�C�g������';
379 if com = '' then
380 Response.Content := '�{��������������.'#$D#$A
381 else
382 line := regist(com);
383 for i := 0 to words.count - 1 do
384 if ContainsText(AnsiString(com), AnsiString(words[i])) = True then
385 begin
386 Response.Content := Response.Content + '���~����������������.';
387 break;
388 end;
389 if FDTable1.RecordCount = 0 then
390 no := 1
391 else
392 begin
393 FDTable1.Last;
394 no := FDTable1.FieldByName('no').AsInteger + 1;
395 if SecondsBetween(Now, StrToDateTime(FDTable1.FieldByName('date').AsString))
396 < time then
397 Response.Content := '����������������.';
398 end;
399 if Response.Content <> '' then
400 begin
401 Response.ContentType := 'text/plain;';
402 Exit;
403 end;
404 FDTable1.AppendRecord([na, no, DateTimeToStr(Now), sub, com, pass, line]);
405 with Response.Cookies.Add do
406 begin
407 path := FDTable2.FieldByName('home').AsAnsiString;
408 Name := 'UID';
409 Value := AnsiString(na);
410 Expires := Now + 1;
411 end;
412 Response.SendRedirect(FDTable2.FieldByName('home').AsAnsiString);
413 end;
414
415 procedure TWebModule1.WebModule1searchAction(Sender: TObject;
416 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
417 var
418 s: TStringList;
419 t1, t2, t3: string;
420 i, j: integer;
421 m: TResourceStream;
422 begin
423 t1 := Request.ContentFields.Values['filter'];
424 t3 := '';
425 s := TStringList.Create;
426 try
427 s.DelimitedText := Request.ContentFields.Values['word1'];
428 for i := 0 to s.count - 1 do
429 begin
430 t2 := Trim(s[i]);
431 if t2 = '' then
432 continue;
433 if t3 <> '' then
434 t3 := t3 + ' and ';
435 t3 := t3 + t1 + ' LIKE ''%' + t2 + '%''';
436 end;
437 finally
438 s.Free;
439 end;
440 if t3 = '' then
441 begin
442 m:=TResourceStream.Create(HInstance,'search',RT_RCDATA);
443 try
444 PageProducer1.HTMLDoc.LoadFromStream(m);
445 Response.ContentType := 'text/html; charset=utf-8;';
446 Response.Content := PageProducer1.Content;
447 finally
448 m.Free;
449 end;
450 Exit;
451 end;
452 FDTable1.Filter := t3;
453 FDTable1.Filtered := True;
454 m:=TResourceStream.Create(HInstance,'search',RT_RCDATA);
455 try
456 j := 0;
457 for i := 1 to FDTable1.RecordCount - 1 do
458 begin
459 inc(j, FDTable1.FieldByName('line').AsInteger);
460 FDTable1.Next;
461 end;
462 PageProducer1.HTMLDoc.LoadFromStream(m);
463 Response.ContentType := 'text/html; charset=utf-8;';
464 if (t3 <> '') and (j > FDTable3.FieldByName('line').AsInteger) then
465 begin
466 t1 := PageProducer1.Content;
467 i := Pos('<#main>', t1);
468 Delete(t1, i, Length('<#main>'));
469 Response.Content := t1 + Format('�\���s����%d�s��������������.',
470 [FDTable3.FieldByName('line').AsInteger]);
471 end
472 else
473 Response.Content := PageProducer1.ContentFromString
474 (PageProducer1.Content);
475 finally
476 FDTable1.Filtered := false;
477 m.Free;
478 end;
479 end;
480
481 procedure TWebModule1.WebModule1setupAction(Sender: TObject;
482 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
483 var
484 i: integer;
485 s: string;
486 begin
487 for i := 0 to Request.ContentFields.count - 1 do
488 begin
489 s := Request.ContentFields.Names[i];
490 if s <> 'home' then
491 FDTable2.FieldByName(s).AsString :=
492 Request.ContentFields.ValueFromIndex[i];
493 end;
494 Handled := false;
495 end;
496
497 procedure TWebModule1.WebModule1userdelAction(Sender: TObject;
498 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
499 var
500 s: string;
501 i: integer;
502 begin
503 i := StrToIntDef(Request.ContentFields.Values['number'], 0);
504 if (i > 0) and (FDTable1.Locate('no', i, []) = True) then
505 begin
506 s := FDTable1.FieldByName('pass').AsString;
507 if (s <> '') and (s = Request.ContentFields.Values['password']) then
508 FDTable1.Delete;
509 end;
510 Handled := false;
511 end;
512
513 procedure TWebModule1.WebModuleBeforeDispatch(Sender: TObject;
514 Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
515 var
516 s: string;
517 m: TResourceStream;
518 begin
519 if FDTable1.Exists = false then
520 FDTable1.CreateTable(false, [tpTable]);
521 if FDTable2.Exists = false then
522 begin
523 FDTable2.CreateTable(false, [tpTable]);
524 FDTable2.Active := True;
525 {
526 if (Request.ServerPort = 80) or (Request.ServerPort = 443) then
527 s := 'http://' + String(Request.Host)
528 else
529 s := 'http://' + String(Request.Host) + ':' +
530 IntToStr(Request.ServerPort);
531 }
532 s:='http://'+String(Request.Host);
533 if Request.ScriptName <> '' then
534 s := s + String(Request.ScriptName) + '/'
535 else
536 s := s + '/';
537 FDTable2.AppendRecord([s, 'pbbs clone',
538 '<center><font size=5 face=Verdana color=gray><b>P-BBS CLONE</b></font></center>',
539 'admin', '����,����,����']);
540 m:=TResourceStream.Create(HInstance,'setup',RT_RCDATA);
541 try
542 uri:='setup';
543 PageProducer1.HTMLDoc.LoadFromStream(m);
544 Response.ContentType := 'text/html; charset=utf-8;';
545 Response.Content := PageProducer1.Content;
546 finally
547 m.Free;
548 end;
549 Handled := True;
550 end
551 else
552 FDTable2.Active := True;
553 if FDTable3.Exists = false then
554 begin
555 FDTable3.CreateTable(false, [tpTable]);
556 FDTable3.Active := True;
557 FDTable3.AppendRecord([5, 20, 500]);
558 end
559 else
560 FDTable3.Active := True;
561 words.DelimitedText := FDTable2.FieldByName('ngwords').AsString;
562 FDTable1.Active := True;
563 if FileExists('maintenance.htm') = True then
564 begin
565 PageProducer1.HTMLFile := 'maintenance.htm';
566 Response.ContentType := 'text/html; charset=utf-8;';
567 Response.Content := PageProducer1.Content;
568 Handled := True;
569 end;
570 end;
571
572 procedure TWebModule1.WebModuleCreate(Sender: TObject);
573 begin
574 time := 1;
575 words := TStringList.Create;
576 end;
577
578 procedure TWebModule1.WebModuleDestroy(Sender: TObject);
579 begin
580 words.Free;
581 end;
582
583 end.
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help