Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 18.6.2

This commit is contained in:
Antonio Cañas Vargas 2018-10-17 01:08:42 +02:00
parent 489c75e9db
commit 182b6eb2e1
24 changed files with 203 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
swad_account.c
View File

@ -350,7 +350,9 @@ static void Acc_ShowFormRequestNewAccountWithParams (const char *NewNicknameWith
/***** Nickname *****/
if (NewNicknameWithoutArroba[0])
sprintf (NewNicknameWithArroba,"@%s",NewNicknameWithoutArroba);
snprintf (NewNicknameWithArroba,sizeof (NewNicknameWithArroba),
"@%s",
NewNicknameWithoutArroba);
else
NewNicknameWithArroba[0] = '\0';
fprintf (Gbl.F.Out,"<tr>"
@ -409,7 +411,9 @@ void Acc_ShowFormGoToRequestNewAccount (void)
extern const char *Txt_Create_account;
/***** Start box *****/
sprintf (Gbl.Title,Txt_New_on_PLATFORM_Sign_up,Cfg_PLATFORM_SHORT_NAME);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_New_on_PLATFORM_Sign_up,
Cfg_PLATFORM_SHORT_NAME);
Box_StartBox (NULL,Gbl.Title,NULL,
Hlp_PROFILE_SignUp,Box_NOT_CLOSABLE);
@ -619,7 +623,9 @@ static bool Acc_GetParamsNewAccount (char NewNicknameWithoutArroba[Nck_MAX_BYTES
Str_RemoveLeadingArrobas (NewNicknameWithoutArroba);
/* Create a new version of the nickname with arroba */
sprintf (NewNicknameWithArroba,"@%s",NewNicknameWithoutArroba);
snprintf (NewNicknameWithArroba,sizeof (NewNicknameWithArroba),
"@%s",
NewNicknameWithoutArroba);
if (Nck_CheckIfNickWithArrobaIsValid (NewNicknameWithArroba)) // If new nickname is valid
{

77
swad_action.c
View File

@ -5150,7 +5150,9 @@ char *Act_GetActionTextFromDB (long ActCod,
void Act_StartFormGoTo (Act_Action_t NextAction)
{
Gbl.Form.Num++; // Initialized to -1. The first time it is incremented, it will be equal to 0
sprintf (Gbl.Form.Id,"form_%d",Gbl.Form.Num);
snprintf (Gbl.Form.Id,sizeof (Gbl.Form.Id),
"form_%d",
Gbl.Form.Num);
Act_StartFormInternal (NextAction,false,Gbl.Form.Id,NULL,NULL); // Do not put now parameter location
}
@ -5172,7 +5174,9 @@ void Act_StartFormOnSubmit (Act_Action_t NextAction,const char *OnSubmit)
void Act_StartFormAnchorOnSubmit (Act_Action_t NextAction,const char *Anchor,const char *OnSubmit)
{
Gbl.Form.Num++; // Initialized to -1. The first time it is incremented, it will be equal to 0
sprintf (Gbl.Form.Id,"form_%d",Gbl.Form.Num);
snprintf (Gbl.Form.Id,sizeof (Gbl.Form.Id),
"form_%d",
Gbl.Form.Num);
Act_StartFormInternal (NextAction,true,Gbl.Form.Id,Anchor,OnSubmit); // Do put now parameter location (if no open session)
}
@ -5184,8 +5188,9 @@ void Act_StartFormUnique (Act_Action_t NextAction)
void Act_StartFormUniqueAnchor (Act_Action_t NextAction,const char *Anchor)
{
Gbl.Form.Num++; // Initialized to -1. The first time it is incremented, it will be equal to 0
sprintf (Gbl.Form.UniqueId,"form_%s_%d",
Gbl.UniqueNameEncrypted,Gbl.Form.Num);
snprintf (Gbl.Form.UniqueId,sizeof (Gbl.Form.UniqueId),
"form_%s_%d",
Gbl.UniqueNameEncrypted,Gbl.Form.Num);
Act_StartFormInternal (NextAction,true,Gbl.Form.UniqueId,Anchor,NULL); // Do put now parameter location (if no open session)
}
@ -5200,7 +5205,7 @@ static void Act_StartFormInternal (Act_Action_t NextAction,bool PutParameterLoca
const char *Id,const char *Anchor,const char *OnSubmit)
{
extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES];
char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256];
char ParamsStr[Act_MAX_BYTES_PARAMS_STR];
if (!Gbl.Form.Inside)
{
@ -5236,27 +5241,26 @@ static void Act_StartFormInternal (Act_Action_t NextAction,bool PutParameterLoca
}
}
// Params should have space for 256 + 256 + Ses_BYTES_SESSION_ID + 256 bytes
void Act_SetParamsForm (char *ParamsStr,Act_Action_t NextAction,
void Act_SetParamsForm (char ParamsStr[Act_MAX_BYTES_PARAMS_STR],Act_Action_t NextAction,
bool PutParameterLocationIfNoSesion)
{
char ParamAction[256];
char ParamSession[256 + Ses_BYTES_SESSION_ID];
char ParamLocation[256];
char ParamAction[Act_MAX_BYTES_PARAM_ACTION];
char ParamSession[Act_MAX_BYTES_PARAM_SESSION];
char ParamLocation[Act_MAX_BYTES_PARAM_LOCATION];
ParamAction[0] = '\0';
ParamSession[0] = '\0';
ParamLocation[0] = '\0';
if (NextAction != ActUnk)
sprintf (ParamAction,"<input type=\"hidden\" name=\"act\""
" value=\"%ld\" />",
Act_GetActCod (NextAction));
snprintf (ParamAction,sizeof (ParamAction),
"<input type=\"hidden\" name=\"act\" value=\"%ld\" />",
Act_GetActCod (NextAction));
if (Gbl.Session.Id[0])
sprintf (ParamSession,"<input type=\"hidden\" name=\"ses\""
" value=\"%s\" />",
Gbl.Session.Id);
snprintf (ParamSession,sizeof (ParamSession),
"<input type=\"hidden\" name=\"ses\" value=\"%s\" />",
Gbl.Session.Id);
else if (PutParameterLocationIfNoSesion)
// Extra parameters necessary when there's no open session
{
@ -5265,32 +5269,34 @@ void Act_SetParamsForm (char *ParamsStr,Act_Action_t NextAction,
it is necessary to send a parameter with course code */
if (Gbl.CurrentCrs.Crs.CrsCod > 0)
// If course selected...
sprintf (ParamLocation,"<input type=\"hidden\" name=\"crs\""
" value=\"%ld\" />",
Gbl.CurrentCrs.Crs.CrsCod);
snprintf (ParamLocation,sizeof (ParamLocation),
"<input type=\"hidden\" name=\"crs\" value=\"%ld\" />",
Gbl.CurrentCrs.Crs.CrsCod);
else if (Gbl.CurrentDeg.Deg.DegCod > 0)
// If no course selected, but degree selected...
sprintf (ParamLocation,"<input type=\"hidden\" name=\"deg\""
" value=\"%ld\" />",
Gbl.CurrentDeg.Deg.DegCod);
snprintf (ParamLocation,sizeof (ParamLocation),
"<input type=\"hidden\" name=\"deg\" value=\"%ld\" />",
Gbl.CurrentDeg.Deg.DegCod);
else if (Gbl.CurrentCtr.Ctr.CtrCod > 0)
// If no degree selected, but centre selected...
sprintf (ParamLocation,"<input type=\"hidden\" name=\"ctr\""
" value=\"%ld\" />",
Gbl.CurrentCtr.Ctr.CtrCod);
snprintf (ParamLocation,sizeof (ParamLocation),
"<input type=\"hidden\" name=\"ctr\" value=\"%ld\" />",
Gbl.CurrentCtr.Ctr.CtrCod);
else if (Gbl.CurrentIns.Ins.InsCod > 0)
// If no centre selected, but institution selected...
sprintf (ParamLocation,"<input type=\"hidden\" name=\"ins\""
" value=\"%ld\" />",
Gbl.CurrentIns.Ins.InsCod);
snprintf (ParamLocation,sizeof (ParamLocation),
"<input type=\"hidden\" name=\"ins\" value=\"%ld\" />",
Gbl.CurrentIns.Ins.InsCod);
else if (Gbl.CurrentCty.Cty.CtyCod > 0)
// If no institution selected, but country selected...
sprintf (ParamLocation,"<input type=\"hidden\" name=\"cty\""
" value=\"%ld\" />",
Gbl.CurrentCty.Cty.CtyCod);
snprintf (ParamLocation,sizeof (ParamLocation),
"<input type=\"hidden\" name=\"cty\" value=\"%ld\" />",
Gbl.CurrentCty.Cty.CtyCod);
}
sprintf (ParamsStr,"%s%s%s",ParamAction,ParamSession,ParamLocation);
snprintf (ParamsStr,Act_MAX_BYTES_PARAMS_STR,
"%s%s%s",
ParamAction,ParamSession,ParamLocation);
}
void Act_EndForm (void)
@ -5378,9 +5384,10 @@ void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID])
So, Id uses:
- a name for this execution (Gbl.UniqueNameEncrypted)
- a number for each element in this execution (CountForThisExecution) *****/
sprintf (UniqueId,"id_%s_%u",
Gbl.UniqueNameEncrypted,
++CountForThisExecution);
snprintf (UniqueId,Act_MAX_BYTES_ID,
"id_%s_%u",
Gbl.UniqueNameEncrypted,
++CountForThisExecution);
}
/*****************************************************************************/

8
swad_action.h
View File

@ -29,6 +29,7 @@
#include <stdbool.h> // For boolean type
#include "swad_constant.h"
#include "swad_cryptography.h"
#include "swad_string.h"
#include "swad_tab.h"
@ -68,6 +69,11 @@ typedef signed int Act_Action_t; // Must be a signed type, because -1 is used to
#define Act_MAX_BYTES_ID (32 + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 10 + 1)
#define Act_MAX_BYTES_PARAM_ACTION 256
#define Act_MAX_BYTES_PARAM_SESSION (256 + Cns_BYTES_SESSION_ID)
#define Act_MAX_BYTES_PARAM_LOCATION 256
#define Act_MAX_BYTES_PARAMS_STR (Act_MAX_BYTES_PARAM_ACTION + Act_MAX_BYTES_PARAM_SESSION + Act_MAX_BYTES_PARAM_LOCATION)
/*****************************************************************************/
/************************* Not asociates with tabs ***************************/
/*****************************************************************************/
@ -1672,7 +1678,7 @@ void Act_StartFormUnique (Act_Action_t NextAction);
void Act_StartFormAnchor (Act_Action_t NextAction,const char *Anchor);
void Act_StartFormUniqueAnchor (Act_Action_t NextAction,const char *Anchor);
void Act_StartFormId (Act_Action_t NextAction,const char *Id);
void Act_SetParamsForm (char *ParamsStr,Act_Action_t NextAction,
void Act_SetParamsForm (char ParamsStr[Act_MAX_BYTES_PARAMS_STR],Act_Action_t NextAction,
bool PutParameterLocationIfNoSesion);
void Act_EndForm (void);
void Act_LinkFormSubmit (const char *Title,const char *LinkStyle,

25
swad_agenda.c
View File

@ -131,7 +131,9 @@ void Agd_PutParamAgd (void)
{
char Nickname[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1];
sprintf (Nickname,"@%s",Gbl.Usrs.Other.UsrDat.Nickname);
snprintf (Nickname,sizeof (Nickname),
"@%s",
Gbl.Usrs.Other.UsrDat.Nickname);
Par_PutHiddenParamString ("agd",Nickname);
}
@ -364,7 +366,9 @@ void Agd_ShowUsrAgenda (void)
Error = false;
/***** Start box *****/
sprintf (Gbl.Title,Txt_Public_agenda_USER,Gbl.Usrs.Other.UsrDat.FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Public_agenda_USER,
Gbl.Usrs.Other.UsrDat.FullName);
ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod);
Box_StartBox ("100%",Gbl.Title,
ItsMe ? Agd_PutIconsMyPublicAgenda :
@ -407,7 +411,9 @@ void Agd_ShowOtherAgendaAfterLogIn (void)
if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&Gbl.Usrs.Other.UsrDat)) // Existing user
{
/***** Start box *****/
sprintf (Gbl.Title,Txt_Public_agenda_USER,Gbl.Usrs.Other.UsrDat.FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Public_agenda_USER,
Gbl.Usrs.Other.UsrDat.FullName);
ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod);
Box_StartBox ("100%",Gbl.Title,
ItsMe ? Agd_PutIconToViewEditMyFullAgenda :
@ -660,10 +666,11 @@ static void Agd_PutIconToShowQR (void)
char URL[Cns_MAX_BYTES_WWW + 1];
extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES];
sprintf (URL,"%s/%s?agd=@%s",
Cfg_URL_SWAD_CGI,
Txt_STR_LANG_ID[Gbl.Prefs.Language],
Gbl.Usrs.Me.UsrDat.Nickname);
snprintf (URL,sizeof (URL),
"%s/%s?agd=@%s",
Cfg_URL_SWAD_CGI,
Txt_STR_LANG_ID[Gbl.Prefs.Language],
Gbl.Usrs.Me.UsrDat.Nickname);
Gbl.QR.Str = URL;
QR_PutLinkToPrintQRCode (ActPrnAgdQR);
}
@ -1951,7 +1958,9 @@ void Agd_PrintAgdQRCode (void)
extern const char *Txt_Where_s_USER;
/***** Start box *****/
sprintf (Gbl.Title,Txt_Where_s_USER,Gbl.Usrs.Me.UsrDat.FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Where_s_USER,
Gbl.Usrs.Me.UsrDat.FullName);
Box_StartBox (NULL,Gbl.Title,NULL,
NULL,Box_NOT_CLOSABLE);

5
swad_assignment.c
View File

@ -520,8 +520,9 @@ static void Asg_WriteAssignmentFolder (struct Assignment *Asg,bool PrintView)
Brw_INTERNAL_NAME_ROOT_FOLDER_ASSIGNMENTS,
Asg->Folder,
Brw_IS_FOLDER,-1L);
sprintf (Gbl.Title,Txt_Upload_file_or_create_folder_in_FOLDER,
Asg->Folder);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Upload_file_or_create_folder_in_FOLDER,
Asg->Folder);
fprintf (Gbl.F.Out,"<input type=\"image\""
" src=\"%s/folder-open-plus16x16.gif\""
" alt=\"%s\" title=\"%s\" class=\"ICO20x20\" />",

16
swad_attendance.c
View File

@ -2265,7 +2265,9 @@ void Att_RegisterMeAsStdInAttEvent (void)
/***** Get comments for this student *****/
Present = Att_CheckIfUsrIsPresentInAttEventAndGetComments (Att.AttCod,Gbl.Usrs.Me.UsrDat.UsrCod,
CommentStd,CommentTch);
sprintf (CommentParamName,"CommentStd%ld",Gbl.Usrs.Me.UsrDat.UsrCod);
snprintf (CommentParamName,sizeof (CommentParamName),
"CommentStd%ld",
Gbl.Usrs.Me.UsrDat.UsrCod);
Par_GetParToHTML (CommentParamName,CommentStd,Cns_MAX_BYTES_TEXT);
if (Present ||
@ -2305,7 +2307,6 @@ void Att_RegisterStudentsInAttEvent (void)
extern const char *Txt_Presents;
extern const char *Txt_Absents;
struct AttendanceEvent Att;
char Format[256];
unsigned NumStd;
const char *Ptr;
bool Present;
@ -2378,7 +2379,9 @@ void Att_RegisterStudentsInAttEvent (void)
{
/***** Get comments for this student *****/
Att_CheckIfUsrIsPresentInAttEventAndGetComments (Att.AttCod,Gbl.Usrs.LstUsrs[Rol_STD].Lst[NumStd].UsrCod,CommentStd,CommentTch);
sprintf (CommentParamName,"CommentTch%ld",Gbl.Usrs.LstUsrs[Rol_STD].Lst[NumStd].UsrCod);
snprintf (CommentParamName,sizeof (CommentParamName),
"CommentTch%ld",
Gbl.Usrs.LstUsrs[Rol_STD].Lst[NumStd].UsrCod);
Par_GetParToHTML (CommentParamName,CommentTch,Cns_MAX_BYTES_TEXT);
Present = !Gbl.Usrs.LstUsrs[Rol_STD].Lst[NumStd].Remove;
@ -2403,10 +2406,11 @@ void Att_RegisterStudentsInAttEvent (void)
Usr_FreeUsrsList (Rol_STD);
/***** Write final message *****/
sprintf (Format,"%s: %%u<br />%s: %%u",Txt_Presents,Txt_Absents);
snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt),
Format,
NumStdsPresent,NumStdsAbsent);
"%s: %u<br />"
"%s: %u",
Txt_Presents,NumStdsPresent,
Txt_Absents ,NumStdsAbsent );
Ale_ShowAlert (Ale_INFO,Gbl.Alert.Txt);
}
else // Gbl.Usrs.LstUsrs[Rol_STD].NumUsrs == 0

4
swad_calendar.c
View File

@ -204,7 +204,7 @@ unsigned Cal_GetFirstDayOfWeekFromStr (const char *Str)
void Cal_DrawCurrentMonth (void)
{
extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES];
char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256];
char ParamsStr[Act_MAX_BYTES_PARAMS_STR];
/***** Get list of holidays *****/
if (!Gbl.Hlds.LstIsRead)
@ -304,7 +304,7 @@ static void Cal_DrawCalendar (Act_Action_t ActionSeeCalendar,
{
extern const char *Hlp_Calendar;
extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES];
char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256];
char ParamsStr[Act_MAX_BYTES_PARAMS_STR];
/***** Get list of holidays *****/
if (!Gbl.Hlds.LstIsRead)

122
swad_centre.c
View File

@ -241,7 +241,9 @@ void Ctr_DrawCentreLogoAndNameWithLink (struct Centre *Ctr,Act_Action_t Action,
Ctr_PutParamCtrCod (Ctr->CtrCod);
/***** Link to action *****/
sprintf (Gbl.Title,Txt_Go_to_X,Ctr->FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Go_to_X,
Ctr->FullName);
Act_LinkFormSubmit (Gbl.Title,ClassLink,NULL);
/***** Draw centre logo *****/
@ -307,11 +309,12 @@ static void Ctr_Configuration (bool PrintView)
if (Gbl.CurrentCtr.Ctr.CtrCod > 0)
{
/***** Path to photo *****/
sprintf (PathPhoto,"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
snprintf (PathPhoto,sizeof (PathPhoto),
"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
PhotoExists = Fil_CheckIfPathExists (PathPhoto);
/***** Start box *****/
@ -636,8 +639,9 @@ static void Ctr_Configuration (bool PrintView)
/* Form to go to see degrees of this centre */
Act_StartFormGoTo (ActSeeDeg);
Ctr_PutParamCtrCod (Gbl.CurrentCtr.Ctr.CtrCod);
sprintf (Gbl.Title,Txt_Degrees_of_CENTRE_X,
Gbl.CurrentCtr.Ctr.ShrtName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Degrees_of_CENTRE_X,
Gbl.CurrentCtr.Ctr.ShrtName);
Act_LinkFormSubmit (Gbl.Title,"DAT",NULL);
fprintf (Gbl.F.Out,"%u</a>",
Deg_GetNumDegsInCtr (Gbl.CurrentCtr.Ctr.CtrCod));
@ -707,11 +711,12 @@ static void Ctr_PutIconToChangePhoto (void)
bool PhotoExists;
/***** Link to upload photo of centre *****/
sprintf (PathPhoto,"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
snprintf (PathPhoto,sizeof (PathPhoto),
"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
PhotoExists = Fil_CheckIfPathExists (PathPhoto);
Lay_PutContextualLink (ActReqCtrPho,NULL,NULL,
"photo64x64.gif",
@ -783,7 +788,9 @@ static void Ctr_ListCentres (void)
unsigned NumCtr;
/***** Start box *****/
sprintf (Gbl.Title,Txt_Centres_of_INSTITUTION_X,Gbl.CurrentIns.Ins.FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Centres_of_INSTITUTION_X,
Gbl.CurrentIns.Ins.FullName);
Box_StartBox (NULL,Gbl.Title,Ctr_PutIconsListCentres,
Hlp_INSTITUTION_Centres,Box_NOT_CLOSABLE);
@ -976,8 +983,9 @@ void Ctr_EditCentres (void)
Ctr_GetListCentres (Gbl.CurrentIns.Ins.InsCod);
/***** Start box *****/
sprintf (Gbl.Title,Txt_Centres_of_INSTITUTION_X,
Gbl.CurrentIns.Ins.FullName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Centres_of_INSTITUTION_X,
Gbl.CurrentIns.Ins.FullName);
Box_StartBox (NULL,Gbl.Title,Ctr_PutIconsEditingCentres,
Hlp_INSTITUTION_Centres,Box_NOT_CLOSABLE);
@ -1763,10 +1771,11 @@ void Ctr_RemoveCentre (void)
Brw_RemoveCtrFilesFromDB (Ctr.CtrCod);
/***** Remove directories of the centre *****/
sprintf (PathCtr,"%s/%s/%02u/%u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Ctr.CtrCod % 100),
(unsigned) Ctr.CtrCod);
snprintf (PathCtr,sizeof (PathCtr),
"%s/%s/%02u/%u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Ctr.CtrCod % 100),
(unsigned) Ctr.CtrCod);
Fil_RemoveTree (PathCtr);
/***** Remove centre *****/
@ -2243,7 +2252,9 @@ static void Ctr_ShowAlertAndButtonToGoToCtr (void)
if (Gbl.Ctrs.EditingCtr.CtrCod != Gbl.CurrentCtr.Ctr.CtrCod)
{
/***** Alert with button to go to centre *****/
sprintf (Gbl.Title,Txt_Go_to_X,Gbl.Ctrs.EditingCtr.ShrtName);
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Go_to_X,
Gbl.Ctrs.EditingCtr.ShrtName);
Ale_ShowAlertAndButton (Gbl.Alert.Type,Gbl.Alert.Txt,
ActSeeDeg,NULL,NULL,Ctr_PutParamGoToCtr,
Btn_CONFIRM_BUTTON,Gbl.Title);
@ -2373,13 +2384,15 @@ void Ctr_ReceivePhoto (void)
/***** Create private directories if not exist *****/
/* Create private directory for images if it does not exist */
sprintf (PathImgPriv,"%s/%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG);
snprintf (PathImgPriv,sizeof (PathImgPriv),
"%s/%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG);
Fil_CreateDirIfNotExists (PathImgPriv);
/* Create temporary private directory for images if it does not exist */
sprintf (PathImgPriv,"%s/%s/%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP);
snprintf (PathImgPriv,sizeof (PathImgPriv),
"%s/%s/%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP);
Fil_CreateDirIfNotExists (PathImgPriv);
/* Get filename extension */
@ -2397,9 +2410,10 @@ void Ctr_ReceivePhoto (void)
}
/* End the reception of image in a temporary file */
sprintf (FileNameImgTmp,"%s/%s/%s/%s.%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP,
Gbl.UniqueNameEncrypted,PtrExtension);
snprintf (FileNameImgTmp,sizeof (FileNameImgTmp),
"%s/%s/%s/%s.%s",
Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP,
Gbl.UniqueNameEncrypted,PtrExtension);
if (!Fil_EndReceptionOfFile (FileNameImgTmp,Param))
{
Ale_ShowAlert (Ale_WARNING,"Error copying file.");
@ -2407,33 +2421,38 @@ void Ctr_ReceivePhoto (void)
}
/***** Creates public directories if not exist *****/
sprintf (Path,"%s/%s",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR);
snprintf (Path,sizeof (Path),
"%s/%s",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR);
Fil_CreateDirIfNotExists (Path);
sprintf (Path,"%s/%s/%02u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100));
snprintf (Path,sizeof (Path),
"%s/%s/%02u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100));
Fil_CreateDirIfNotExists (Path);
sprintf (Path,"%s/%s/%02u/%u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
snprintf (Path,sizeof (Path),
"%s/%s/%02u/%u",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
Fil_CreateDirIfNotExists (Path);
/***** Convert temporary file to public JPEG file *****/
sprintf (FileNameImg,"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
snprintf (FileNameImg,sizeof (FileNameImg),
"%s/%s/%02u/%u/%u.jpg",
Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CTR,
(unsigned) (Gbl.CurrentCtr.Ctr.CtrCod % 100),
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod,
(unsigned) Gbl.CurrentCtr.Ctr.CtrCod);
/* Call to program that makes the conversion */
sprintf (Command,"convert %s -resize '%ux%u>' -quality %u %s",
FileNameImgTmp,
Ctr_PHOTO_SAVED_MAX_WIDTH,
Ctr_PHOTO_SAVED_MAX_HEIGHT,
Ctr_PHOTO_SAVED_QUALITY,
FileNameImg);
snprintf (Command,sizeof (Command),
"convert %s -resize '%ux%u>' -quality %u %s",
FileNameImgTmp,
Ctr_PHOTO_SAVED_MAX_WIDTH,
Ctr_PHOTO_SAVED_MAX_HEIGHT,
Ctr_PHOTO_SAVED_QUALITY,
FileNameImg);
ReturnCode = system (Command);
if (ReturnCode == -1)
Lay_ShowErrorAndExit ("Error when running command to process image.");
@ -2969,9 +2988,10 @@ unsigned Ctr_ListCtrsFound (const char *Query)
{
/***** Start box and table *****/
/* Number of centres found */
sprintf (Gbl.Title,"%u %s",
NumCtrs,(NumCtrs == 1) ? Txt_centre :
Txt_centres);
snprintf (Gbl.Title,sizeof (Gbl.Title),
"%u %s",
NumCtrs,(NumCtrs == 1) ? Txt_centre :
Txt_centres);
Box_StartBoxTable (NULL,Gbl.Title,NULL,
NULL,Box_NOT_CLOSABLE,2);

3
swad_changelog.h
View File

@ -355,10 +355,11 @@ En OpenSWAD:
ps2pdf source.ps destination.pdf
*/
#define Log_PLATFORM_VERSION "SWAD 18.6.1 (2018-10-16)"
#define Log_PLATFORM_VERSION "SWAD 18.6.2 (2018-10-17)"
#define CSS_FILE "swad18.4.css"
#define JS_FILE "swad17.17.1.js"
/*
Version 18.6.2: Oct 17, 2018 Some sprintf changed by snprintf. (235808 lines)
Version 18.6.1: Oct 16, 2018 Some sprintf changed by snprintf. (235755 lines)
Version 18.6: Oct 16, 2018 sprintf changed by snprintf in alerts. (235730 lines)
Version 18.5.3: Oct 16, 2018 sprintf changed by safe string copy in some alerts. (235198 lines)

4
swad_config.h
View File

@ -28,9 +28,9 @@
/** Uncomment one of the following installations of SWAD or create your own **/
/*****************************************************************************/
#define LOCALHOST_UBUNTU // Comment this line if not applicable
//#define LOCALHOST_UBUNTU // Comment this line if not applicable
//#define OPENSWAD_ORG // Comment this line if not applicable
//#define SWAD_UGR_ES // Comment this line if not applicable
#define SWAD_UGR_ES // Comment this line if not applicable
//#define SWADBERRY_UGR_ES // Comment this line if not applicable
/*****************************************************************************/

3
swad_connected.h
View File

@ -33,6 +33,9 @@
/***************************** Public constants ******************************/
/*****************************************************************************/
#define Con_MIN_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MIN_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds
#define Con_MAX_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MAX_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds
/*****************************************************************************/
/******************************** Public types *******************************/
/*****************************************************************************/

2
swad_constant.h
View File

@ -54,6 +54,8 @@
#define Cns_MAX_BYTES_TEXT ( 64 * 1024 - 1) // Used for medium texts
#define Cns_MAX_BYTES_LONG_TEXT (256 * 1024 - 1) // Used for big contents
#define Cns_BYTES_SESSION_ID Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64
/*****************************************************************************/
/******************************* Public types ********************************/
/*****************************************************************************/

6
swad_database.c
View File

@ -1357,7 +1357,7 @@ mysql> DESCRIBE hidden_params;
4 rows in set (0,00 sec)
*/
DB_CreateTable ("CREATE TABLE IF NOT EXISTS hidden_params ("
"SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID
"SessionId CHAR(43) NOT NULL," // Cns_BYTES_SESSION_ID
"Action INT NOT NULL,"
"ParamName VARCHAR(255) NOT NULL,"
"ParamValue LONGTEXT NOT NULL,"
@ -2075,7 +2075,7 @@ mysql> DESCRIBE sessions;
18 rows in set (0,00 sec)
*/
DB_CreateTable ("CREATE TABLE IF NOT EXISTS sessions ("
"SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID
"SessionId CHAR(43) NOT NULL," // Cns_BYTES_SESSION_ID
"UsrCod INT NOT NULL,"
"Password CHAR(86) COLLATE latin1_bin NOT NULL," // Pwd_BYTES_ENCRYPTED_PASSWORD
"Role TINYINT NOT NULL DEFAULT 0,"
@ -2253,7 +2253,7 @@ mysql> DESCRIBE social_timelines;
2 rows in set (0.00 sec)
*/
DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_timelines ("
"SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID
"SessionId CHAR(43) NOT NULL," // Cns_BYTES_SESSION_ID
"NotCod BIGINT NOT NULL,"
"UNIQUE INDEX(SessionId,NotCod))");

2
swad_global.h
View File

@ -174,7 +174,7 @@ struct Globals
unsigned NumSessions;
bool IsOpen;
bool HasBeenDisconnected;
char Id[Ses_BYTES_SESSION_ID + 1];
char Id[Cns_BYTES_SESSION_ID + 1];
long UsrCod;
} Session;

4
swad_pagination.c
View File

@ -790,7 +790,7 @@ unsigned Pag_GetParamPagNum (Pag_WhatPaginate_t WhatPaginate)
void Pag_SaveLastPageMsgIntoSession (Pag_WhatPaginate_t WhatPaginate,unsigned NumPage)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Save last page of received/sent messages *****/
sprintf (Query,"UPDATE sessions SET %s=%u WHERE SessionId='%s'",
@ -806,7 +806,7 @@ void Pag_SaveLastPageMsgIntoSession (Pag_WhatPaginate_t WhatPaginate,unsigned Nu
unsigned Pag_GetLastPageMsgFromSession (Pag_WhatPaginate_t WhatPaginate)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned long NumRows;

4
swad_parameter.c
View File

@ -740,7 +740,7 @@ void Par_GetMainParameters (void)
}
/***** Get session identifier, if exists *****/
Par_GetParToText ("ses",Gbl.Session.Id,Ses_BYTES_SESSION_ID);
Par_GetParToText ("ses",Gbl.Session.Id,Cns_BYTES_SESSION_ID);
if (Gbl.Session.Id[0])
{
/***** Get user's code, password, current degree and current course from stored session *****/
@ -755,7 +755,7 @@ void Par_GetMainParameters (void)
else
{
// Try old parameter "IdSes" (allowed for compatibility, to be removed soon)
Par_GetParToText ("IdSes",Gbl.Session.Id,Ses_BYTES_SESSION_ID);
Par_GetParToText ("IdSes",Gbl.Session.Id,Cns_BYTES_SESSION_ID);
if (Gbl.Session.Id[0])
{
/***** Get user's code, password, current degree and current course from stored session *****/

2
swad_plugin.c
View File

@ -80,7 +80,7 @@ void Plg_ListPlugins (void)
extern const char *Txt_Plugin;
unsigned NumPlg;
struct Plugin *Plg;
char URL[Cns_MAX_BYTES_WWW + Ses_BYTES_SESSION_ID + 1];
char URL[Cns_MAX_BYTES_WWW + Cns_BYTES_SESSION_ID + 1];
if (Gbl.Usrs.Me.Role.Logged != Rol_SYS_ADM)
{

2
swad_search.c
View File

@ -1302,7 +1302,7 @@ static void Sch_SaveLastSearchIntoSession (void)
{
char Query[256 +
Sch_MAX_BYTES_STRING_TO_FIND +
Ses_BYTES_SESSION_ID];
Cns_BYTES_SESSION_ID];
if (Gbl.Usrs.Me.Logged)
{

22
swad_session.c
View File

@ -83,7 +83,7 @@ void Ses_CreateSession (void)
{
/***** Create a unique name for the session *****/
Str_Copy (Gbl.Session.Id,Gbl.UniqueNameEncrypted,
Ses_BYTES_SESSION_ID);
Cns_BYTES_SESSION_ID);
/***** Check that session is not open *****/
if (Ses_CheckIfSessionExists (Gbl.Session.Id))
@ -107,7 +107,7 @@ void Ses_CreateSession (void)
bool Ses_CheckIfSessionExists (const char *IdSes)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Get if session already exists in database *****/
sprintf (Query,"SELECT COUNT(*) FROM sessions WHERE SessionId='%s'",
@ -157,7 +157,7 @@ void Ses_CloseSession (void)
void Ses_InsertSessionInDB (void)
{
char Query[1024 +
Ses_BYTES_SESSION_ID +
Cns_BYTES_SESSION_ID +
Pwd_BYTES_ENCRYPTED_PASSWORD];
/***** Insert session in the database *****/
@ -191,7 +191,7 @@ void Ses_UpdateSessionDataInDB (void)
{
char Query[1024 +
Pwd_BYTES_ENCRYPTED_PASSWORD +
Ses_BYTES_SESSION_ID];
Cns_BYTES_SESSION_ID];
/***** Update session in database *****/
sprintf (Query,"UPDATE sessions SET UsrCod=%ld,Password='%s',Role=%u,"
@ -216,7 +216,7 @@ void Ses_UpdateSessionDataInDB (void)
void Ses_UpdateSessionLastRefreshInDB (void)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Update session in database *****/
sprintf (Query,"UPDATE sessions SET LastRefresh=NOW() WHERE SessionId='%s'",
@ -230,7 +230,7 @@ void Ses_UpdateSessionLastRefreshInDB (void)
static void Ses_RemoveSessionFromDB (void)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Remove current session *****/
sprintf (Query,"DELETE FROM sessions WHERE SessionId='%s'",
@ -272,7 +272,7 @@ void Ses_RemoveExpiredSessions (void)
bool Ses_GetSessionData (void)
{
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned UnsignedNum;
@ -368,7 +368,7 @@ void Ses_InsertHiddenParInDB (Act_Action_t NextAction,
else
LengthParamValue = 0;
MaxLength = 256 +
Ses_BYTES_SESSION_ID +
Cns_BYTES_SESSION_ID +
LengthParamName +
LengthParamValue;
if ((Query = (char *) malloc (MaxLength + 1)) == NULL)
@ -398,7 +398,7 @@ void Ses_InsertHiddenParInDB (Act_Action_t NextAction,
void Ses_RemoveHiddenParFromThisSession (void)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
if (Gbl.Session.IsOpen && // There is an open session
!Gbl.HiddenParamsInsertedIntoDB) // No params just inserted
@ -432,7 +432,7 @@ void Ses_RemoveHiddenParFromExpiredSessions (void)
static bool Ses_CheckIfHiddenParIsAlreadyInDB (Act_Action_t NextAction,
const char *ParamName)
{
char Query[512 + Ses_BYTES_SESSION_ID];
char Query[512 + Cns_BYTES_SESSION_ID];
/***** Get a hidden parameter from database *****/
sprintf (Query,"SELECT COUNT(*) FROM hidden_params"
@ -450,7 +450,7 @@ unsigned Ses_GetHiddenParFromDB (Act_Action_t NextAction,
const char *ParamName,char *ParamValue,
size_t MaxBytes)
{
char Query[512 + Ses_BYTES_SESSION_ID];
char Query[512 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned long NumRows;

5
swad_session.h
View File

@ -33,11 +33,6 @@
/***************************** Public constants ******************************/
/*****************************************************************************/
#define Ses_BYTES_SESSION_ID Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64
#define Con_MIN_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MIN_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds
#define Con_MAX_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MAX_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds
/*****************************************************************************/
/***************************** Public prototypes *****************************/
/*****************************************************************************/

10
swad_social.c
View File

@ -808,7 +808,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
static long Soc_GetPubCodFromSession (const char *FieldName)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
long PubCod;
@ -836,7 +836,7 @@ static long Soc_GetPubCodFromSession (const char *FieldName)
static void Soc_UpdateLastPubCodIntoSession (void)
{
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
/***** Update last publishing code *****/
sprintf (Query,"UPDATE sessions"
@ -852,7 +852,7 @@ static void Soc_UpdateLastPubCodIntoSession (void)
static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Update last publishing code *****/
sprintf (Query,"UPDATE sessions SET FirstPubCod=%ld WHERE SessionId='%s'",
@ -4767,7 +4767,7 @@ void Soc_ClearOldTimelinesDB (void)
static void Soc_ClearTimelineThisSession (void)
{
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Remove social timeline for this session *****/
sprintf (Query,"DELETE FROM social_timelines WHERE SessionId='%s'",
@ -4781,7 +4781,7 @@ static void Soc_ClearTimelineThisSession (void)
static void Soc_AddNotesJustRetrievedToTimelineThisSession (void)
{
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
sprintf (Query,"INSERT IGNORE INTO social_timelines"
" (SessionId,NotCod)"

4
swad_string.c
View File

@ -112,8 +112,8 @@ action="https://localhost/swad/es" method="post">
void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScreen)
{
extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES];
char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256];
char Anchor1Nick[256 + 256 + 256 + Ses_BYTES_SESSION_ID + 256 + 256];
char ParamsStr[Act_MAX_BYTES_PARAMS_STR];
char Anchor1Nick[256 + 256 + 256 + Cns_BYTES_SESSION_ID + 256 + 256];
char Anchor2Nick[256 + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64];
size_t TxtLength;
size_t TxtLengthWithInsertedAnchors;

4
swad_test.c
View File

@ -722,7 +722,7 @@ static bool Tst_CheckIfNextTstAllowed (void)
static void Tst_SetTstStatus (unsigned NumTst,Tst_Status_t TstStatus)
{
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
/***** Delete old status from expired sessions *****/
sprintf (Query,"DELETE FROM tst_status"
@ -745,7 +745,7 @@ static void Tst_SetTstStatus (unsigned NumTst,Tst_Status_t TstStatus)
static Tst_Status_t Tst_GetTstStatus (unsigned NumTst)
{
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned long NumRows;

6
swad_web_service.c
View File

@ -327,7 +327,7 @@ static int Svc_CheckIdSession (const char *IdSession)
{
const char *Ptr;
unsigned i;
char Query[128 + Ses_BYTES_SESSION_ID];
char Query[128 + Cns_BYTES_SESSION_ID];
/***** Check if pointer is NULL *****/
if (IdSession == NULL)
@ -336,7 +336,7 @@ static int Svc_CheckIdSession (const char *IdSession)
"Session identifier is a null pointer");
/***** Check length of session identifier *****/
if (strlen (IdSession) != Ses_BYTES_SESSION_ID)
if (strlen (IdSession) != Cns_BYTES_SESSION_ID)
return soap_sender_fault (Gbl.soap,
"Bad session identifier",
"The length of the session identifier is wrong");
@ -962,7 +962,7 @@ int swad__loginBySessionKey (struct soap *soap,
struct swad__loginBySessionKeyOutput *loginBySessionKeyOut) // output
{
int ReturnCode;
char Query[256 + Ses_BYTES_SESSION_ID];
char Query[256 + Cns_BYTES_SESSION_ID];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned NumRows;