private Byte[] HandleGETRequest(String url, String ip, String[] getParams, String referer, out String status)
{
status = "200";
String path = "";
String message = "";
Boolean isLoggedIn = CheckStateOfSession(ip);
switch (url)
{
case "/":
if (isLoggedIn)
path = "cp_page.html";
else
path = "index.html";
break;
case "/logout":
if (activeIPs.ContainsKey(ip))
{
sessions.removeSession(getHashcodeOfActiveIP(ip));
activeIPs.Remove(ip);
isLoggedIn = false;
Console.WriteLine("User has logged out");
}
else
Console.WriteLine("User is not even logged in");
path = "redirect.html";
break;
case "/log":
path = "log";
break;
case "/users":
path = "usermanage_list.html";
break;
case "/create":
path = "usermanage_create.html";
break;
case "/edit":
path = "usermanage_edit.html";
break;
case "/delete":
path = "usermanage_delete.html";
break;
default:
return HandleError(status = "404");
}
if (!url.Equals("/") && !url.Equals("/logout") && !isLoggedIn)
return HandleError(status = "403"); // If the user is not logged in
if (!url.Equals("/") && !url.Equals("/log") && isLoggedIn && !sessions.getSession(activeIPs[ip]).User.Type.Equals(User.USER_TYPE.ADMIN))
return HandleError(status = "403"); // If the user does not have the appropriate access level
if (((url.Equals("/edit") || url.Equals("/delete")) && getParams.Length != 2 && !getParams[1].ToLower().StartsWith("id=")))
return HandleError(status = "404");
if (!path.Equals("log"))
path = "SecuredPages\\" + path;
try
{
String htmlPage = "";
if (path.Equals("log"))
{
String logLines;
using (StreamReader sr = new StreamReader("Data\\Log.txt"))
logLines = sr.ReadToEnd();
using (StreamReader sr = new StreamReader("SecuredPages\\log_template.html"))
htmlPage = sr.ReadToEnd();
logLines = logLines.Replace("\r\n", "\r\n<br />");
htmlPage = htmlPage.Replace("{LogLines}", logLines);
}
else
{
using (StreamReader sr = new StreamReader(path))
htmlPage = sr.ReadToEnd();
}
// If controlpage, get old settings
if (path.Contains("cp_page.html"))
{
String oldDefaultPages = "";
foreach (String defaultPage in Settings.DefaultPages)
oldDefaultPages += defaultPage + ";";
oldDefaultPages = oldDefaultPages.Substring(0, oldDefaultPages.Length - 1);
htmlPage = htmlPage.Replace("{oldPort}", Settings.Port.ToString())
.Replace("{oldAdminPort}", Settings.AdminPort.ToString())
.Replace("{oldRoot}", Settings.Root)
.Replace("{oldDefaultPages}", oldDefaultPages)
.Replace("{oldDirectoryBrowsing}", Settings.DirectoryBrowsing ? "checked" : "");
}
else if (url.Equals("/users")) // list of users
{
List<User> users = new List<User>();
MySqlDataReader dr = connector.selectUsersQuery();
if (dr.HasRows)
{
while (dr.Read())
users.Add(new User(int.Parse(dr.GetString("id")), dr.GetString("username"), dr.GetString("password"), dr.GetString("type")));
String listItem = "";
using (StreamReader sr = new StreamReader("SecuredPages\\usermanage_listitem.html"))
listItem = sr.ReadToEnd();
String listUsers = "";
foreach (User user in users)
listUsers += listItem.Replace("{username}", user.Username).Replace("{isAdmin}", user.Type.Equals(User.USER_TYPE.ADMIN) ? "checked" : "").Replace("{id}", user.ID.ToString());
htmlPage = htmlPage.Replace("{ListUsers}", listUsers);
}
else
{
using (StreamReader sr = new StreamReader("SecuredPages\\redirect.html"))
htmlPage = sr.ReadToEnd();
// If it fails to load the users, redirect client to users overview
htmlPage = htmlPage.Replace("{url}", "/");
}
connector.CloseConnection();
}
else if (((url.StartsWith("/edit") || url.StartsWith("/delete")) && getParams.Length > 1))
{
MySqlDataReader dr = connector.selectUserByIDQuery(getParams[1].Substring(3));
if (dr.Read())
{
htmlPage = htmlPage.Replace("{user}", dr[1].ToString()).Replace("{id}", dr[0].ToString());
htmlPage = htmlPage.Replace("{oldUsername}", dr[1].ToString()).Replace("{oldIsAdmin}", dr[3].Equals("admin") ? "checked" : "");
connector.CloseConnection();
}
else
{
using (StreamReader sr = new StreamReader("SecuredPages\\redirect.html"))
htmlPage = sr.ReadToEnd();
// If it fails to load the user, redirect client to users overview
htmlPage = htmlPage.Replace("{url}", "/users");
}
}
else if (url.Equals("/logout"))
htmlPage = htmlPage.Replace("{url}", "/");
// Replace with something better
htmlPage = htmlPage.Replace("{Message}", message);
return Encoding.ASCII.GetBytes(htmlPage);
}
catch (Exception e)
{
Console.WriteLine("File could not be read. Message:");
Console.WriteLine(e.Message);
if (connector.IsOpen())
connector.CloseConnection();
}
return HandleError(status = "404");
}
