/*
Umlaut converter, CGI version.
(See also \targon\twl\umlaut(
Copyright 2000, R.Harmsen
5 Dec 2014: Added meta viewport and hyperlinks.
16 September 2022: Measures against Cross-Site Scripting (XSS).
See function against_XSS, and see:
https://www.openbugbounty.org/
https://cwe.mitre.org/data/definitions/79.html
https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
*/
#include Automatische Umlautumwandlung
\n" "
\n", script, input, AlgorText[0], AlgorText[1]); } /*********************************************************************** **********************************************************************/ void htmlhead (void) { printf( "Content-type: text/html\n\n" "\n" "\n" "\n" "\n" "Farben:\n" "Neutral\n" "Eigensinnig\n" "Neu laden\n" "
" ); printf( "\n" "Sprachenmenü\n" "Hauptmenü\n" "
" ); fflush(stdout); } /*********************************************************************** **********************************************************************/ void htmlfoot (void) { printf("\n"); fflush(stdout); } /*********************************************************************** ****************\******************************************************/ void getparms (int len, char *input, enum algor_enum *p_algor) { char *eq1, *eq2; char *amp; char *buf = calloc(len + 1, 1); if (!buf || fread(buf, len, 1, stdin) != 1) { free(buf); return; } eq1 = strchr(buf, '='); if (!eq1) { free(buf); return; } eq1++; if ((amp = strchr(eq1, '&')) != NULL) { *amp = '\0'; } memset(input, '\0', len); strncpy(input, eq1, len - 1); decode_cgi_string(input); if (strlen(input) == 0) { strcpy(input, inittext); } if (amp) eq1 = amp + 1; eq2 = strchr(eq1, '='); if (!eq2) { free(buf); return; } eq2++; if ((amp = strchr(eq2, '&')) != NULL) { *amp = '\0'; } decode_cgi_string(eq2); if (strncmp(eq2, AlgorText[0], strlen(AlgorText[0])) == 0) *p_algor = ALGOR_UE_U; else if (strncmp(eq2, AlgorText[1], strlen(AlgorText[1])) == 0) *p_algor = ALGOR_U_UE; free(buf); } /*********************************************************************** **********************************************************************/ int calculate (int len, char *input, enum algor_enum algor) { char *out; char *tus; const char ruler[] = ""); printf("%s", out); printf(""); printf(ruler); break; case ALGOR_U_UE: default: printf(ruler); printf("Konvertiert:"); printf("
"); acc_to_ae(out, input); printf("%s", out); printf (""); tus = malloc(len + len / 2); if (tus) { strcpy(tus, out); ae_to_acc(tus); acc_to_iso(out, tus); printf(ruler); printf("Zurückkonvertiert:"); printf("
"); printf("%s", out); printf(""); printf(ruler); printf("Unterschiede:"); printf("
"); repdiff(input, out); printf(""); free(tus); } printf(ruler); break; } free(out); return 0; } /*********************************************************************** **********************************************************************/ /* Niet gebruikt. misschien later nog. */ #if 0 static int isletterofword (char *p) { if (isascii(*p)) { if (islower(*p) || isupper(*p) || isdigit(*p)) return 1; } else { if (*p == '\xe4' /* a-umlaut */ || *p == '\xf6' /* o-umlaut */ || *p == '\xfc' /* u-umlaut */ || *p == '\xc4' /* A-umlaut */ || *p == '\xd6' /* O-umlaut */ || *p == '\xdc' /* U-umlaut */ || *p == '\xdf' /* Scharfes s */) { return 1; } } return 0; } #endif /*********************************************************************** Wipe out any < and > in input entered by the user, to avoid maliciously input HTML code, and possible scripting languages within that. **********************************************************************/ static char to_erase[] = "<>"; void against_XSS (char *input) { char *p, *q; for (p = input; *p; p++) for (q = to_erase; *q; q++) if (*p == *q) *p = ' '; }