func changePass(w http.ResponseWriter, r *http.Request) {
page := NewPage()
page.File = "templates/change.html"
if r.Method != "POST" {
servePage(page, w, r)
return
}
err := r.ParseForm()
if err != nil {
serveErr(page, err, w, r)
return
}
user := r.Form.Get("user")
pass := r.Form.Get("pass")
new_pass := r.Form.Get("newpass")
confirm := r.Form.Get("confirm")
if new_pass != confirm {
err = fmt.Errorf("New passwords do not match.")
serveErr(page, err, w, r)
return
}
if !check_auth || !auth.Authenticate(user, pass) {
page.Msg = "Authentication failed."
page.ShowErr = true
servePage(page, w, r)
return
}
salt, hash := auth.HashPass(new_pass)
if len(salt) == 0 || len(hash) == 0 {
page.Msg = "Invalid password."
page.ShowErr = true
servePage(page, w, r)
return
}
err = dbChangePass(user, salt, hash)
if err != nil {
serveErr(page, err, w, r)
return
}
page.ShowMsg = true
page.Msg = "Password changed."
servePage(page, w, r)
}
func addUser(w http.ResponseWriter, r *http.Request) {
page := NewPage()
page.File = "templates/add.html"
if admin_user == "" {
err := fmt.Errorf("No administrative user specified.")
serveErr(page, err, w, r)
return
}
if r.Method != "POST" {
servePage(page, w, r)
return
}
err := r.ParseForm()
if err != nil {
serveErr(page, err, w, r)
return
}
user := r.Form.Get("user")
pass := r.Form.Get("pass")
if user != admin_user && !auth.Authenticate(user, pass) {
err = fmt.Errorf("Authentication failed.")
serveErr(page, err, w, r)
return
}
new_user := r.Form.Get("newuser")
new_pass := r.Form.Get("newpass")
salt, hash := auth.HashPass(new_pass)
if len(salt) == 0 || len(hash) == 0 {
page.Msg = "Invalid password."
page.ShowErr = true
servePage(page, w, r)
return
}
err = addUserToDb(new_user, salt, hash)
if err != nil {
serveErr(page, err, w, r)
} else {
page.Msg = "User added."
page.ShowMsg = true
servePage(page, w, r)
}
}
func newShortened(w http.ResponseWriter, r *http.Request) {
page := NewPage()
err := r.ParseForm()
if err != nil {
serveErr(page, err, w, r)
return
}
user := r.Form.Get("user")
pass := r.Form.Get("pass")
if check_auth && !auth.Authenticate(user, pass) {
err = fmt.Errorf("Authenticated failed!")
serveErr(page, err, w, r)
return
}
sid := r.Form.Get("sid")
url := r.Form.Get("url")
if len(url) > 0 && !valid_link.MatchString(url) {
url = "http://" + url
}
if len(url) == 0 {
err := fmt.Errorf("Invalid URL")
serveErr(page, err, w, r)
return
} else if len(sid) > 0 {
if surl, err := lookupShortCode(sid); err != nil {
serveErr(page, err, w, r)
return
} else if surl != "" && surl != url {
err = fmt.Errorf("URL already present.")
if err != nil {
serveErr(page, err, w, r)
return
}
sid, db_err := urlToSid(url)
if db_err == nil {
page.ShortCode = sid
page.Posted = true
} else {
err = db_err
}
serveErr(page, err, w, r)
return
} else if err = insertShortened(sid, url); err != nil {
serveErr(page, err, w, r)
return
} else if valid_sid.MatchString(sid) {
page.ShortCode = sid
page.Posted = true
} else {
err = fmt.Errorf("Invalid short code.")
serveErr(page, err, w, r)
return
}
} else {
sid, err := ShortenUrl(ValidateShortenedUrl)
if err != nil {
serveErr(page, err, w, r)
return
}
if err = insertShortened(sid, url); err != nil {
serveErr(page, err, w, r)
return
} else {
page.Posted = true
page.ShortCode = sid
}
}
servePage(page, w, r)
return
}
