public static void executeController(ref ServerConfig Servconf, ref RykonProcess cp, ref bool valid_CSRF_tok, ref bool isValidsession, IntPtr handle, FormMain frm)
{
if (!Servconf.EnableControler) // disabled
{
cp.Output_document = WebDesigner.BuiltInDisabled("controller");
cp.Output_code = 302;
}
else // working
{
cp.LoadMaster = true;
valid_CSRF_tok = cp.UrlOriginalString.Contains(Servconf.CSRF) || cp.POSTParEqual("CSRF", Servconf.CSRF);
isValidsession = cp.Reqcuest_cookie_equal(WebServer.Control_auth_tokenname, Servconf.controlsession); /* ||cp.UrlOriginalString.Contains(Servconf.ControlPassword) */
if (Servconf.SecureControl)
{
cp.AllowedTocontrol = isValidsession;
}
else
{
cp.AllowedTocontrol = true;
}
string[] pcs = new string[] { };
if (cp.LocalPath.EndsWith("Control/logout"))
{
cp.SetResponseHeader("Set-Cookie", WebServer.Control_auth_tokenname + "=" + WebServer.CookieDeletedvalue);
cp.Output_document = "Logged out";
return;
}
else if (!cp.LocalPath.StartsWith("/Control/exec"))
{
cp.RedirectTo("http://" + cp.Url.Authority + "/Control/exec.rk");
return;
}
else if (!cp.AllowedTocontrol) // login page
{
bool validformcsrf = cp.POSTParEqual("CSRF", Servconf.CSRF);
bool validformpassword = cp.POSTParEqual("pass", Servconf.ControlPassword);
if (validformcsrf && validformpassword)
{
cp.RedirectTo(cp.Url.ToString());
}
else
{ //ControlLoginPage;
cp.Output_document =
(!valid_CSRF_tok && isValidsession && cp.UrlOriginalString.Contains("CSRF"))
? WebDesigner.invalidAuthTok(cp.Requesting_Host, Servconf)
: WebDesigner.ControlNotAllowedIndex(Servconf.CSRF);
cp.OutPutData = Encoding.UTF8.GetBytes(cp.Output_document);
cp.Output_code = 405;
cp.Processing_Type = ProcessingResult.unAuthorized;
return;
}
}
else if (cp.UrlOriginalString.Contains("exec") && cp.UrlOriginalString.Contains("com=") && valid_CSRF_tok)//&& !cp.UrlOriginalString.EndsWith(this.AuthToke))
{
// sending commands
//"http://192.168.1.100:9090/Control/exec?jex&com=msgbx&title=hello+It"
if (cp.UrlOriginalString.Contains("?"))
{
pcs = cp.UrlOriginalString.Split('?');
}
else if (cp.UrlOriginalString.Contains("/"))
{
pcs = cp.UrlOriginalString.Split('/');
}
}
if (pcs.Length > 0) // receive comands
{
// "http://192.168.1.100:9090/Control/exec jex&com=msgbx&title=hello+It"
string main = pcs[pcs.Length - 1];
if (main.StartsWith(Servconf.CSRF))
{
main = main.Substring(Servconf.CSRF.Length);
}
RemoteCommandExecuter r = new RemoteCommandExecuter(main);
r.HandlePointer = handle;
r.proceeed();
if (r.RequireUnpreved)
{
if (frm != null)
{
if (r.hideOrShowclient())
{
frm.Visible = r.formvisible;
frm.notifyIcon1.Visible = r.ComType == RemoteCommandType.ShowClient;
r.Result = "Form = " + (frm.Visible ? "visible" : "hidden");
r.Result += WebServer.NewLineReplacor;
r.Result += "icon = " + (frm.notifyIcon1.Visible ? "visible" : "hidden");
}
}
}
if (r.HasBinaryResult)
{
cp.OutPutData = r.bytes;
cp.Processing_Type = ProcessingResult.Binary;
cp.Requesting_Binary_data = true;
cp.Request_extn = r.extn;
}
else
{
cp.Output_document = (r.Result);
}
}
else if (cp.AllowedTocontrol)// List Command index
{
cp.Output_document = AppHelper.ReadFileText(Servconf.RootDirectory + "/Control/index.html");
cp.OutPutData = Encoding.UTF8.GetBytes(cp.Output_document);
}
if (Servconf.SecureControl)
{
cp.SetResponseHeader("Set-Cookie", WebServer.Control_auth_tokenname + "=" + Servconf.controlsession);
}
}
}
