From a0d459807d87f76593dc4a1a68b4a909b403be19 Mon Sep 17 00:00:00 2001
From: Jefferson Julio <snhr.jj@gmail.com>
Date: Tue, 1 Jun 2021 19:19:28 -0300
Subject: Handling POST multi/form-data uploads

---
 index.sh | 80 +++++++++++++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 59 insertions(+), 21 deletions(-)

(limited to 'index.sh')

diff --git a/index.sh b/index.sh
index cd60cc0..4cac655 100755
--- a/index.sh
+++ b/index.sh
@@ -9,6 +9,7 @@ source ./config.sh
 
 RESPONSE_CONTENT_TYPE="text/html"
 STATUS=200
+EXTRA_HEADERS=
 
 HEADER_TITLE='cd programadores/;cd Jefferson\ Julio/;source jefferson.sh'
 HEADER_TITLE_MOBILE="$HEADER_TITLE"
@@ -64,28 +65,64 @@ HTML
 router () {
   REQUEST_URI=$(urldecode "$REQUEST_URI")
 
-  case "$REQUEST_URI" in
-    /)
-      BODY=$(source ./pages/home.sh)
-      ;;
-    /contato)
-      HEADER_TITLE="source pages/contato.sh"
+  if [ "$REQUEST_METHOD" = "GET" ]; then
+    case "$REQUEST_URI" in
+      /)
+        BODY=$(source ./pages/home.sh)
+        ;;
+      /contato)
+        HEADER_TITLE="source pages/contato.sh"
+        HEADER_TITLE_MOBILE="$HEADER_TITLE"
+        BODY=$(source ./pages/contato.sh)
+        ;;
+      /$ARTICLES_PATH*)
+        ARTICLE_FILE=.$REQUEST_URI
+        HEADER_TITLE="ARTICLE_FILE=$(sanitize-filename "$ARTICLE_FILE");source pages/article.sh"
+        HEADER_TITLE_MOBILE="ARTICLE_FILE=$(sanitize-filename "$ARTICLE_FILE");source pages/article.sh"
+        BODY=$(source ./pages/article.sh)
+        ;;
+      *)
+        STATUS=404
+        HEADER_TITLE="REQUEST_FILE=.$(sanitize-filename "$REQUEST_URI");source page.sh"
+        HEADER_TITLE_MOBILE="$HEADER_TITLE"
+        BODY="<p class='err-404'>404: .$REQUEST_URI: Arquivo ou diretório inexistente</p>"
+        ;;
+    esac
+  elif [ "$REQUEST_METHOD" = "POST" ]; then
+    source $SCRIPT_DIR/lib/cgibashopts/cgibashopts
+
+    POST_DESTINATION="$FORM_destination"
+
+    if [[ ! " ${ALLOWED_POST_FOLDERS[@]} " =~ " ${POST_DESTINATION} " ]]; then
+      STATUS=401
+      HEADER_TITLE="POST_DESTINATION=$POST_DESTINATION;source jefferson.sh"
       HEADER_TITLE_MOBILE="$HEADER_TITLE"
-      BODY=$(source ./pages/contato.sh)
-      ;;
-    /$ARTICLES_PATH*)
-      ARTICLE_FILE=.$REQUEST_URI
-      HEADER_TITLE="ARTICLE_FILE=$(sanitize-filename "$ARTICLE_FILE");source pages/article.sh"
-      HEADER_TITLE_MOBILE="ARTICLE_FILE=$(sanitize-filename "$ARTICLE_FILE");source pages/article.sh"
-      BODY=$(source ./pages/article.sh)
-      ;;
-    *)
-      STATUS=404
-      HEADER_TITLE="REQUEST_FILE=.$(sanitize-filename "$REQUEST_URI");source page.sh"
-      HEADER_TITLE_MOBILE="$HEADER_TITLE"
-      BODY="<p class='err-404'>404: .$REQUEST_URI: Arquivo ou diretório inexistente</p>"
-      ;;
-  esac
+      BODY="$(cat <<ERR
+<p class='err-401'>
+  401: .$POST_DESTINATION: Destino inválido, sem 1337 o suficiente.
+</p>
+ERR
+      )"
+      return 1
+    fi
+
+    POST_PATH="/pages$POST_DESTINATION"
+    POST_DESTINATION="${SCRIPT_DIR}/pages$POST_DESTINATION"
+
+    mkdir -p "$POST_DESTINATION"
+
+    case "$REQUEST_URI" in
+      /post)
+        source $SCRIPT_DIR/utils/handle-post-upload.sh
+        ;;
+      *)
+        STATUS=404
+        HEADER_TITLE="REQUEST_FILE=.$(sanitize-filename "$REQUEST_URI");source page.sh"
+        HEADER_TITLE_MOBILE="$HEADER_TITLE"
+        BODY="<p class='err-404'>404: .$REQUEST_URI: Arquivo ou diretório inexistente</p>"
+        ;;
+    esac
+  fi
 }
 
 router
@@ -102,6 +139,7 @@ esac
 cat <<INDEX
 Content-Type: $RESPONSE_CONTENT_TYPE
 Status: $STATUS
+$EXTRA_HEADERS
 
 $RESPONSE_BODY
 INDEX
-- 
cgit v1.2.3