Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 16.113

This commit is contained in:
Antonio Cañas Vargas 2017-01-13 10:49:56 +01:00
parent e327103aa9
commit 4395183825
27 changed files with 230 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
swad_ID.c
View File

@ -178,6 +178,7 @@ unsigned ID_GetListUsrCodsFromUsrID (struct UsrData *UsrDat,
char *Query;
MYSQL_RES *mysql_res;
MYSQL_ROW row;
size_t Length;
unsigned NumID;
unsigned NumUsr;
bool CheckPassword = false;
@ -189,14 +190,17 @@ unsigned ID_GetListUsrCodsFromUsrID (struct UsrData *UsrDat,
CheckPassword = true;
/***** Allocate memory for query string *****/
if ((Query = (char *) malloc (512 + UsrDat->IDs.Num * (1 + ID_MAX_LENGTH_USR_ID + 1))) == NULL)
Length = 512 + UsrDat->IDs.Num * (1 + ID_MAX_LENGTH_USR_ID + 1) - 1;
if ((Query = (char *) malloc (Length + 1)) == NULL)
Lay_ShowErrorAndExit ("Not enough memory to store list of user's IDs.");
/***** Get user's code(s) from database *****/
strcpy (Query,CheckPassword ? "SELECT DISTINCT(usr_IDs.UsrCod) FROM usr_IDs,usr_data"
" WHERE usr_IDs.UsrID IN (" :
"SELECT DISTINCT(UsrCod) FROM usr_IDs"
" WHERE UsrID IN (");
strncpy (Query,CheckPassword ? "SELECT DISTINCT(usr_IDs.UsrCod) FROM usr_IDs,usr_data"
" WHERE usr_IDs.UsrID IN (" :
"SELECT DISTINCT(UsrCod) FROM usr_IDs"
" WHERE UsrID IN (",Length);
Query[Length] = '\0';
for (NumID = 0;
NumID < UsrDat->IDs.Num;
NumID++)

2
swad_centre.c
View File

@ -1264,7 +1264,7 @@ static void Ctr_GetPhotoAttribution (long CtrCod,char **PhotoAttribution)
Lay_ShowErrorAndExit ("Error allocating memory for photo attribution.");
strncpy (*PhotoAttribution,row[0],Length);
PhotoAttribution[Length] = '\0';
(*PhotoAttribution)[Length] = '\0';
}
}

3
swad_changelog.h
View File

@ -189,13 +189,14 @@
/****************************** Public constants *****************************/
/*****************************************************************************/
#define Log_PLATFORM_VERSION "SWAD 16.112 (2017-01-13)"
#define Log_PLATFORM_VERSION "SWAD 16.113 (2017-01-13)"
#define CSS_FILE "swad16.111.5.css"
#define JS_FILE "swad16.101.js"
// Number of lines (includes comments but not blank lines) has been got with the following command:
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
/*
Version 16.113: Jan 13, 2017 Some strcpy changed to strncpy. (211497 lines)
Version 16.112: Jan 13, 2017 Some strcpy changed to strncpy. (211415 lines)
Version 16.111.16:Dec 30, 2016 Fixed minor bug in user's ID, reported by Coverity. (211185 lines)
Version 16.111.15:Dec 30, 2016 Fixed bug in forums, reported by Coverity. (211182 lines)

3
swad_country.c
View File

@ -1413,8 +1413,9 @@ static void Cty_GetMapAttribution (long CtyCod,char **MapAttribution)
Length = strlen (row[0]);
if (((*MapAttribution) = (char *) malloc (Length + 1)) == NULL)
Lay_ShowErrorAndExit ("Error allocating memory for map attribution.");
strncpy (*MapAttribution,row[0],Length);
MapAttribution[Length] = '\0';
(*MapAttribution)[Length] = '\0';
}
}

2
swad_follow.c
View File

@ -934,7 +934,7 @@ void Fol_GetNotifFollower (char *SummaryStr,char **ContentStr)
SummaryStr[0] = '\0';
if ((*ContentStr = (char *) malloc (1)))
strcpy (*ContentStr,"");
*ContentStr[0] = '\0';
}
/*****************************************************************************/

42
swad_forum.c
View File

@ -1394,13 +1394,15 @@ static void For_GetPstData (long PstCod,long *UsrCod,time_t *CreatTimeUTC,
/*****************************************************************************/
// This function may be called inside a web service, so don't report error
void For_GetSummaryAndContentForumPst (char *SummaryStr,char **ContentStr,
void For_GetSummaryAndContentForumPst (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
long PstCod,
unsigned MaxChars,bool GetContent)
{
char Query[512];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
size_t Length;
SummaryStr[0] = '\0'; // Return nothing on error
@ -1417,16 +1419,22 @@ void For_GetSummaryAndContentForumPst (char *SummaryStr,char **ContentStr,
row = mysql_fetch_row (mysql_res);
/***** Copy subject *****/
strcpy (SummaryStr,row[0]);
strncpy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT);
SummaryStr[Cns_MAX_BYTES_TEXT] = '\0';
if (MaxChars)
Str_LimitLengthHTMLStr (SummaryStr,MaxChars);
/***** Copy content *****/
if (GetContent)
{
if ((*ContentStr = (char *) malloc (strlen (row[1])+1)) == NULL)
Length = strlen (row[1]);
if ((*ContentStr = (char *) malloc (Length + 1)) == NULL)
Lay_ShowErrorAndExit ("Error allocating memory for notification content.");
strcpy (*ContentStr,row[1]);
strncpy (*ContentStr,row[1],Length);
(*ContentStr)[Length] = '\0';
}
}
mysql_free_result (mysql_res);
@ -2125,7 +2133,7 @@ static void For_WriteLinkToAForum (For_ForumType_t ForumType,bool ShowNumOfPosts
unsigned Level,bool IsLastItemInLevel[1+For_FORUM_MAX_LEVELS])
{
char Icon[512];
char ForumName[512];
char ForumName[For_MAX_BYTES_FORUM_NAME + 1];
For_SetForumName (ForumType,
&Gbl.Forum.Ins,
@ -2182,7 +2190,8 @@ void For_SetForumName (For_ForumType_t ForumType,
struct Centre *Ctr,
struct Degree *Deg,
struct Course *Crs,
char *ForumName,Txt_Language_t Language,bool UseHTMLEntities)
char ForumName[For_MAX_BYTES_FORUM_NAME + 1],
Txt_Language_t Language,bool UseHTMLEntities)
{
extern const char *Txt_General;
extern const char *Txt_General_NO_HTML[1+Txt_NUM_LANGUAGES];
@ -2192,7 +2201,8 @@ void For_SetForumName (For_ForumType_t ForumType,
switch (ForumType)
{
case For_FORUM_COURSE_USRS:
strcpy (ForumName,Crs->ShrtName);
strncpy (ForumName,Crs->ShrtName,For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_COURSE_TCHS:
sprintf (ForumName,"%s%s",Crs->ShrtName,
@ -2200,7 +2210,8 @@ void For_SetForumName (For_ForumType_t ForumType,
Txt_only_teachers_NO_HTML[Language]);
break;
case For_FORUM_DEGREE_USRS:
strcpy (ForumName,Deg->ShrtName);
strncpy (ForumName,Deg->ShrtName,For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_DEGREE_TCHS:
sprintf (ForumName,"%s%s",Deg->ShrtName,
@ -2208,7 +2219,8 @@ void For_SetForumName (For_ForumType_t ForumType,
Txt_only_teachers_NO_HTML[Language]);
break;
case For_FORUM_CENTRE_USRS:
strcpy (ForumName,Ctr->ShrtName);
strncpy (ForumName,Ctr->ShrtName,For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_CENTRE_TCHS:
sprintf (ForumName,"%s%s",Ctr->ShrtName,
@ -2216,7 +2228,8 @@ void For_SetForumName (For_ForumType_t ForumType,
Txt_only_teachers_NO_HTML[Language]);
break;
case For_FORUM_INSTIT_USRS:
strcpy (ForumName,Ins->ShrtName);
strncpy (ForumName,Ins->ShrtName,For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_INSTIT_TCHS:
sprintf (ForumName,"%s%s",Ins->ShrtName,
@ -2224,8 +2237,10 @@ void For_SetForumName (For_ForumType_t ForumType,
Txt_only_teachers_NO_HTML[Language]);
break;
case For_FORUM_GLOBAL_USRS:
strcpy (ForumName,UseHTMLEntities ? Txt_General :
Txt_General_NO_HTML[Language]);
strncpy (ForumName,UseHTMLEntities ? Txt_General :
Txt_General_NO_HTML[Language],
For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_GLOBAL_TCHS:
sprintf (ForumName,"%s%s",
@ -2235,7 +2250,8 @@ void For_SetForumName (For_ForumType_t ForumType,
Txt_only_teachers_NO_HTML[Language]);
break;
case For_FORUM_SWAD_USRS:
strcpy (ForumName,Cfg_PLATFORM_SHORT_NAME);
strncpy (ForumName,Cfg_PLATFORM_SHORT_NAME,For_MAX_BYTES_FORUM_NAME);
ForumName[For_MAX_BYTES_FORUM_NAME] = '\0';
break;
case For_FORUM_SWAD_TCHS:
sprintf (ForumName,"%s%s",Cfg_PLATFORM_SHORT_NAME,

8
swad_forum.h
View File

@ -84,6 +84,8 @@ typedef enum
} For_ForumOrderType_t;
#define For_DEFAULT_ORDER For_LAST_MSG
#define For_MAX_BYTES_FORUM_NAME (512 - 1)
/*****************************************************************************/
/***************************** Public prototypes *****************************/
/*****************************************************************************/
@ -97,7 +99,8 @@ unsigned long For_GetNumPostsUsr (long UsrCod);
void For_DeleteThrFromReadThrs (long ThrCod);
void For_RemoveUsrFromReadThrs (long UsrCod);
void For_GetSummaryAndContentForumPst (char *SummaryStr,char **ContentStr,
void For_GetSummaryAndContentForumPst (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
long PstCod,
unsigned MaxChars,bool GetContent);
@ -109,7 +112,8 @@ void For_SetForumName (For_ForumType_t ForumType,
struct Centre *Ctr,
struct Degree *Deg,
struct Course *Crs,
char *ForumName,Txt_Language_t Language,bool UseHTMLEntities);
char ForumName[For_MAX_BYTES_FORUM_NAME + 1],
Txt_Language_t Language,bool UseHTMLEntities);
unsigned For_GetNumThrsWithNewPstsInForum (For_ForumType_t ForumType,unsigned NumThreads);
void For_ShowForumThrs (void);
unsigned For_GetNumTotalForumsOfType (For_ForumType_t ForumType,

19
swad_group.c
View File

@ -2497,7 +2497,8 @@ void Grp_GetListGrpTypesAndGrpsInThisCrs (Grp_WhichGroupTypes_t WhichGroupTypes)
Lay_ShowErrorAndExit ("Wrong code of group.");
/* Get group name (row[1]) */
strcpy (Grp->GrpName,row[1]);
strncpy (Grp->GrpName,row[1],Grp_MAX_LENGTH_GROUP_NAME);
Grp->GrpName[Grp_MAX_LENGTH_GROUP_NAME] = '\0';
/* Get max number of students of group (row[2]) and number of current students */
Grp->MaxStudents = Grp_ConvertToNumMaxStdsGrp (row[2]);
@ -2625,7 +2626,8 @@ static void Grp_GetDataOfGroupTypeByCod (struct GroupType *GrpTyp)
/***** Get some data of group type *****/
row = mysql_fetch_row (mysql_res);
strcpy (GrpTyp->GrpTypName,row[0]);
strncpy (GrpTyp->GrpTypName,row[0],Grp_MAX_LENGTH_GROUP_TYPE_NAME);
GrpTyp->GrpTypName[Grp_MAX_LENGTH_GROUP_TYPE_NAME] = '\0';
GrpTyp->MandatoryEnrollment = (row[1][0] == 'Y');
GrpTyp->MultipleEnrollment = (row[2][0] == 'Y');
GrpTyp->MustBeOpened = (row[3][0] == 'Y');
@ -2711,13 +2713,15 @@ void Grp_GetDataOfGroupByCod (struct GroupData *GrpDat)
Lay_ShowErrorAndExit ("Wrong code of course.");
/* Get the name of the group type (row[2]) */
strcpy (GrpDat->GrpTypName,row[2]);
strncpy (GrpDat->GrpTypName,row[2],Grp_MAX_LENGTH_GROUP_TYPE_NAME);
GrpDat->GrpTypName[Grp_MAX_LENGTH_GROUP_TYPE_NAME] = '\0';
/* Get whether a student may be in one or multiple groups (row[3]) */
GrpDat->MultipleEnrollment = (row[3][0] == 'Y');
/* Get the name of the group (row[4]) */
strcpy (GrpDat->GrpName,row[4]);
strncpy (GrpDat->GrpName,row[4],Grp_MAX_LENGTH_GROUP_NAME);
GrpDat->GrpName[Grp_MAX_LENGTH_GROUP_NAME] = '\0';
/* Get maximum number of students (row[5]) */
GrpDat->MaxStudents = Grp_ConvertToNumMaxStdsGrp (row[5]);
@ -4014,7 +4018,9 @@ void Grp_RenameGroupType (void)
}
/***** Show the form again *****/
strcpy (Gbl.CurrentCrs.Grps.GrpTyp.GrpTypName,NewNameGrpTyp);
strncpy (Gbl.CurrentCrs.Grps.GrpTyp.GrpTypName,NewNameGrpTyp,
Grp_MAX_LENGTH_GROUP_TYPE_NAME);
Gbl.CurrentCrs.Grps.GrpTyp.GrpTypName[Grp_MAX_LENGTH_GROUP_TYPE_NAME] = '\0';
Grp_ReqEditGroups ();
}
@ -4085,7 +4091,8 @@ void Grp_RenameGroup (void)
}
/***** Show the form again *****/
strcpy (Gbl.CurrentCrs.Grps.GrpName,NewNameGrp);
strncpy (Gbl.CurrentCrs.Grps.GrpName,NewNameGrp,Grp_MAX_LENGTH_GROUP_NAME);
Gbl.CurrentCrs.Grps.GrpName[Grp_MAX_LENGTH_GROUP_NAME] = '\0';
Grp_ReqEditGroups ();
}

6
swad_group.h
View File

@ -55,8 +55,8 @@ struct GroupData
long GrpCod;
long GrpTypCod;
long CrsCod;
char GrpTypName[Grp_MAX_LENGTH_GROUP_TYPE_NAME+1];
char GrpName[Grp_MAX_LENGTH_GROUP_NAME+1];
char GrpTypName[Grp_MAX_LENGTH_GROUP_TYPE_NAME + 1];
char GrpName[Grp_MAX_LENGTH_GROUP_NAME + 1];
unsigned MaxStudents;
int Vacant;
bool Open; // Group is open?
@ -66,7 +66,7 @@ struct GroupData
struct Group
{
long GrpCod; // Code of group
char GrpName[Grp_MAX_LENGTH_GROUP_NAME+1]; // Name of group
char GrpName[Grp_MAX_LENGTH_GROUP_NAME + 1]; // Name of group
unsigned MaxStudents;
unsigned NumStudents; // Number of students in the group
bool Open; // Group is open?

20
swad_holiday.c
View File

@ -312,7 +312,8 @@ void Hld_GetListHolidays (void)
Hld->PlcCod = Str_ConvertStrCodToLongCod (row[1]);
/* Get the full name of the place (row[2]) */
strcpy (Hld->PlaceFullName,row[2]);
strncpy (Hld->PlaceFullName,row[2],Plc_MAX_LENGTH_PLACE_FULL_NAME);
Hld->PlaceFullName[Plc_MAX_LENGTH_PLACE_FULL_NAME] = '\0';
/* Get type (row[3]) */
Hld->HldTyp = Hld_GetTypeOfHoliday (row[3]);
@ -336,7 +337,8 @@ void Hld_GetListHolidays (void)
}
/* Get the name of the holiday/non school period (row[6]) */
strcpy (Hld->Name,row[6]);
strncpy (Hld->Name,row[6],Hld_MAX_LENGTH_HOLIDAY_NAME);
Hld->Name[Hld_MAX_LENGTH_HOLIDAY_NAME] = '\0';
}
}
@ -402,7 +404,8 @@ static void Hld_GetDataOfHolidayByCod (struct Holiday *Hld)
Hld->PlcCod = Str_ConvertStrCodToLongCod (row[0]);
/* Get the full name of the place (row[1]) */
strcpy (Hld->PlaceFullName,row[1]);
strncpy (Hld->PlaceFullName,row[1],Plc_MAX_LENGTH_PLACE_FULL_NAME);
Hld->PlaceFullName[Plc_MAX_LENGTH_PLACE_FULL_NAME] = '\0';
/* Get type (row[2]) */
Hld->HldTyp = Hld_GetTypeOfHoliday (row[2]);
@ -426,7 +429,8 @@ static void Hld_GetDataOfHolidayByCod (struct Holiday *Hld)
}
/* Get the name of the holiday/non school period (row[5]) */
strcpy (Hld->Name,row[5]);
strncpy (Hld->Name,row[5],Hld_MAX_LENGTH_HOLIDAY_NAME);
Hld->Name[Hld_MAX_LENGTH_HOLIDAY_NAME] = '\0';
}
/***** Free structure that stores the query result *****/
@ -694,7 +698,9 @@ void Hld_ChangeHolidayPlace (void)
/***** Show the form again *****/
Hld->PlcCod = NewPlace.PlcCod;
strcpy (Hld->PlaceFullName,NewPlace.FullName);
strncpy (Hld->PlaceFullName,NewPlace.FullName,Plc_MAX_LENGTH_PLACE_FULL_NAME);
Hld->PlaceFullName[Plc_MAX_LENGTH_PLACE_FULL_NAME] = '\0';
Hld_EditHolidays ();
}
@ -889,7 +895,9 @@ void Hld_RenameHoliday (void)
}
/***** Show the form again *****/
strcpy (Hld->Name,NewHldName);
strncpy (Hld->Name,NewHldName,Hld_MAX_LENGTH_HOLIDAY_NAME);
Hld->Name[Hld_MAX_LENGTH_HOLIDAY_NAME] = '\0';
Hld_EditHolidays ();
}

4
swad_holiday.h
View File

@ -53,11 +53,11 @@ struct Holiday
{
long HldCod;
long PlcCod;
char PlaceFullName[Plc_MAX_LENGTH_PLACE_FULL_NAME+1];
char PlaceFullName[Plc_MAX_LENGTH_PLACE_FULL_NAME + 1];
Hld_HolidayType_t HldTyp;
struct Date StartDate;
struct Date EndDate;
char Name[Hld_MAX_LENGTH_HOLIDAY_NAME+1];
char Name[Hld_MAX_LENGTH_HOLIDAY_NAME + 1];
};
typedef enum

17
swad_image.c
View File

@ -343,17 +343,24 @@ void Img_GetImageFromForm (int NumImgInForm,struct Image *Image,
/*****************************************************************************/
/********* Set parameters names depending on number of image in form *********/
/*****************************************************************************/
// If NumImgInForm < 0, params have no suffix
// If NumImgInForm < 0, params have no suffix
// If NumImgInForm >= 0, the number is a suffix of the params
void Img_SetParamNames (struct ParamUploadImg *ParamUploadImg,int NumImgInForm)
{
if (NumImgInForm < 0) // One unique image in form ==> no suffix needed
{
strcpy (ParamUploadImg->Action,"ImgAct");
strcpy (ParamUploadImg->File ,"ImgFil");
strcpy (ParamUploadImg->Title ,"ImgTit");
strcpy (ParamUploadImg->URL ,"ImgURL");
strncpy (ParamUploadImg->Action,"ImgAct",Img_MAX_LENGTH_PARAM_UPLOAD_IMG);
ParamUploadImg->Action[Img_MAX_LENGTH_PARAM_UPLOAD_IMG] = '\0';
strncpy (ParamUploadImg->File ,"ImgFil",Img_MAX_LENGTH_PARAM_UPLOAD_IMG);
ParamUploadImg->File [Img_MAX_LENGTH_PARAM_UPLOAD_IMG] = '\0';
strncpy (ParamUploadImg->Title ,"ImgTit",Img_MAX_LENGTH_PARAM_UPLOAD_IMG);
ParamUploadImg->Title [Img_MAX_LENGTH_PARAM_UPLOAD_IMG] = '\0';
strncpy (ParamUploadImg->URL ,"ImgURL",Img_MAX_LENGTH_PARAM_UPLOAD_IMG);
ParamUploadImg->URL [Img_MAX_LENGTH_PARAM_UPLOAD_IMG] = '\0';
}
else // Several images in form ==> add suffix
{

9
swad_image.h
View File

@ -99,12 +99,13 @@ struct Image
};
/***** Parameters used in a form to upload an image *****/
#define Img_MAX_LENGTH_PARAM_UPLOAD_IMG (16 - 1)
struct ParamUploadImg
{
char Action[16];
char File[16];
char Title[16];
char URL[16];
char Action[Img_MAX_LENGTH_PARAM_UPLOAD_IMG + 1];
char File [Img_MAX_LENGTH_PARAM_UPLOAD_IMG + 1];
char Title [Img_MAX_LENGTH_PARAM_UPLOAD_IMG + 1];
char URL [Img_MAX_LENGTH_PARAM_UPLOAD_IMG + 1];
};
/*****************************************************************************/

18
swad_info.c
View File

@ -2141,8 +2141,8 @@ void Inf_EditRichTxtInfo (void)
void Inf_RecAndChangePlainTxtInfo (void)
{
char Txt_HTMLFormat[Cns_MAX_BYTES_LONG_TEXT+1];
char Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT+1];
char Txt_HTMLFormat [Cns_MAX_BYTES_LONG_TEXT + 1];
char Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT + 1];
/***** Set info type *****/
Gbl.CurrentCrs.Info.Type = Inf_AsignInfoType ();
@ -2150,7 +2150,10 @@ void Inf_RecAndChangePlainTxtInfo (void)
/***** Get text with course information from form *****/
Par_GetParameter (Par_PARAM_SINGLE,"Txt",Txt_HTMLFormat,
Cns_MAX_BYTES_LONG_TEXT,NULL);
strcpy (Txt_MarkdownFormat,Txt_HTMLFormat);
strncpy (Txt_MarkdownFormat,Txt_HTMLFormat,Cns_MAX_BYTES_LONG_TEXT);
Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT] = '\0';
Str_ChangeFormat (Str_FROM_FORM,Str_TO_HTML,
Txt_HTMLFormat,Cns_MAX_BYTES_LONG_TEXT,true); // Store in HTML format (not rigorous)
Str_ChangeFormat (Str_FROM_FORM,Str_TO_MARKDOWN,
@ -2176,8 +2179,8 @@ void Inf_RecAndChangePlainTxtInfo (void)
void Inf_RecAndChangeRichTxtInfo (void)
{
char Txt_HTMLFormat[Cns_MAX_BYTES_LONG_TEXT+1];
char Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT+1];
char Txt_HTMLFormat [Cns_MAX_BYTES_LONG_TEXT + 1];
char Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT + 1];
/***** Set info type *****/
Gbl.CurrentCrs.Info.Type = Inf_AsignInfoType ();
@ -2185,7 +2188,10 @@ void Inf_RecAndChangeRichTxtInfo (void)
/***** Get text with course information from form *****/
Par_GetParameter (Par_PARAM_SINGLE,"Txt",Txt_HTMLFormat,
Cns_MAX_BYTES_LONG_TEXT,NULL);
strcpy (Txt_MarkdownFormat,Txt_HTMLFormat);
strncpy (Txt_MarkdownFormat,Txt_HTMLFormat,Cns_MAX_BYTES_LONG_TEXT);
Txt_MarkdownFormat[Cns_MAX_BYTES_LONG_TEXT] = '\0';
Str_ChangeFormat (Str_FROM_FORM,Str_TO_HTML,
Txt_HTMLFormat,Cns_MAX_BYTES_LONG_TEXT,true); // Store in HTML format (not rigorous)
Str_ChangeFormat (Str_FROM_FORM,Str_TO_MARKDOWN,

24
swad_institution.c
View File

@ -1028,14 +1028,16 @@ void Ins_GetListInstitutions (long CtyCod,Ins_GetExtraData_t GetExtraData)
Ins->RequesterUsrCod = Str_ConvertStrCodToLongCod (row[3]);
/* Get the short name of the institution (row[4]) */
strcpy (Ins->ShrtName,row[4]);
strncpy (Ins->ShrtName,row[4],Ins_MAX_LENGTH_INSTIT_SHRT_NAME);
Ins->ShrtName[Ins_MAX_LENGTH_INSTIT_SHRT_NAME] = '\0';
/* Get the full name of the institution (row[5]) */
strncpy (Ins->FullName,row[5],Ins_MAX_LENGTH_INSTIT_FULL_NAME);
Ins->FullName[Ins_MAX_LENGTH_INSTIT_FULL_NAME] = '\0';
/* Get the URL of the institution (row[6]) */
strcpy (Ins->WWW,row[6]);
strncpy (Ins->WWW,row[6],Cns_MAX_LENGTH_WWW);
Ins->WWW[Cns_MAX_LENGTH_WWW] = '\0';
/* Get extra data */
switch (GetExtraData)
@ -1123,14 +1125,16 @@ bool Ins_GetDataOfInstitutionByCod (struct Instit *Ins,
Ins->RequesterUsrCod = Str_ConvertStrCodToLongCod (row[2]);
/* Get the short name of the institution (row[3]) */
strcpy (Ins->ShrtName,row[3]);
strncpy (Ins->ShrtName,row[3],Ins_MAX_LENGTH_INSTIT_SHRT_NAME);
Ins->ShrtName[Ins_MAX_LENGTH_INSTIT_SHRT_NAME] = '\0';
/* Get the full name of the institution (row[4]) */
strncpy (Ins->FullName,row[4],Ins_MAX_LENGTH_INSTIT_FULL_NAME);
Ins->FullName[Ins_MAX_LENGTH_INSTIT_FULL_NAME] = '\0';
/* Get the URL of the institution (row[5]) */
strcpy (Ins->WWW,row[5]);
strncpy (Ins->WWW,row[5],Cns_MAX_LENGTH_WWW);
Ins->WWW[Cns_MAX_LENGTH_WWW] = '\0';
/* Get extra data */
if (GetExtraData == Ins_GET_EXTRA_DATA)
@ -1179,7 +1183,9 @@ void Ins_GetShortNameOfInstitutionByCod (struct Instit *Ins)
{
/***** Get the short name of this institution *****/
row = mysql_fetch_row (mysql_res);
strcpy (Ins->ShrtName,row[0]);
strncpy (Ins->ShrtName,row[0],Ins_MAX_LENGTH_INSTIT_SHRT_NAME);
Ins->ShrtName[Ins_MAX_LENGTH_INSTIT_SHRT_NAME] = '\0';
}
/***** Free structure that stores the query result *****/
@ -1856,7 +1862,9 @@ void Ins_ChangeInsWWW (void)
{
/***** Update database changing old WWW by new WWW *****/
Ins_UpdateInsWWWDB (Ins->InsCod,NewWWW);
strcpy (Ins->WWW,NewWWW);
strncpy (Ins->WWW,NewWWW,Cns_MAX_LENGTH_WWW);
Ins->WWW[Cns_MAX_LENGTH_WWW] = '\0';
/***** Write message to show the change made *****/
sprintf (Gbl.Message,Txt_The_new_web_address_is_X,NewWWW);
@ -1887,7 +1895,9 @@ void Ins_ChangeInsWWWInConfig (void)
{
/***** Update database changing old WWW by new WWW *****/
Ins_UpdateInsWWWDB (Gbl.CurrentIns.Ins.InsCod,NewWWW);
strcpy (Gbl.CurrentIns.Ins.WWW,NewWWW);
strncpy (Gbl.CurrentIns.Ins.WWW,NewWWW,Cns_MAX_LENGTH_WWW);
Gbl.CurrentIns.Ins.WWW[Cns_MAX_LENGTH_WWW] = '\0';
/***** Write message to show the change made *****/
sprintf (Gbl.Message,Txt_The_new_web_address_is_X,NewWWW);

6
swad_institution.h
View File

@ -61,9 +61,9 @@ struct Instit
long CtyCod;
Ins_Status_t Status; // Institution status
long RequesterUsrCod; // User code of the person who requested the creation of this institution
char ShrtName[Ins_MAX_LENGTH_INSTIT_SHRT_NAME+1];
char FullName[Ins_MAX_LENGTH_INSTIT_FULL_NAME+1];
char WWW[Cns_MAX_LENGTH_WWW+1];
char ShrtName[Ins_MAX_LENGTH_INSTIT_SHRT_NAME + 1];
char FullName[Ins_MAX_LENGTH_INSTIT_FULL_NAME + 1];
char WWW[Cns_MAX_LENGTH_WWW + 1];
unsigned NumUsrsWhoClaimToBelongToIns;
unsigned NumCtrs;
unsigned NumDegs;

26
swad_link.c
View File

@ -232,13 +232,16 @@ void Lnk_GetListLinks (void)
Lay_ShowErrorAndExit ("Wrong code of institutional link.");
/* Get the short name of the link (row[1]) */
strcpy (Lnk->ShrtName,row[1]);
strncpy (Lnk->ShrtName,row[1],Lnk_MAX_LENGTH_LINK_SHRT_NAME);
Lnk->ShrtName[Lnk_MAX_LENGTH_LINK_SHRT_NAME] = '\0';
/* Get the full name of the link (row[2]) */
strcpy (Lnk->FullName,row[2]);
strncpy (Lnk->FullName,row[2],Lnk_MAX_LENGTH_LINK_FULL_NAME);
Lnk->FullName[Lnk_MAX_LENGTH_LINK_FULL_NAME] = '\0';
/* Get the URL of the link (row[3]) */
strcpy (Lnk->WWW,row[3]);
strncpy (Lnk->WWW,row[3],Cns_MAX_LENGTH_WWW);
Lnk->WWW[Cns_MAX_LENGTH_WWW] = '\0';
}
}
else
@ -277,13 +280,16 @@ void Lnk_GetDataOfLinkByCod (struct Link *Lnk)
row = mysql_fetch_row (mysql_res);
/* Get the short name of the link (row[0]) */
strcpy (Lnk->ShrtName,row[0]);
strncpy (Lnk->ShrtName,row[0],Lnk_MAX_LENGTH_LINK_SHRT_NAME);
Lnk->ShrtName[Lnk_MAX_LENGTH_LINK_SHRT_NAME] = '\0';
/* Get the full name of the link (row[1]) */
strcpy (Lnk->FullName,row[1]);
strncpy (Lnk->FullName,row[1],Lnk_MAX_LENGTH_LINK_FULL_NAME);
Lnk->FullName[Lnk_MAX_LENGTH_LINK_FULL_NAME] = '\0';
/* Get the URL of the link (row[2]) */
strcpy (Lnk->WWW,row[2]);
strncpy (Lnk->WWW,row[2],Cns_MAX_LENGTH_WWW);
Lnk->WWW[Cns_MAX_LENGTH_WWW] = '\0';
}
/***** Free structure that stores the query result *****/
@ -545,7 +551,9 @@ static void Lnk_RenameLink (Cns_ShrtOrFullName_t ShrtOrFullName)
}
/***** Show the form again *****/
strcpy (CurrentLnkName,NewLnkName);
strncpy (CurrentLnkName,NewLnkName,MaxLength);
CurrentLnkName[MaxLength] = '\0';
Lnk_EditLinks ();
}
@ -602,7 +610,9 @@ void Lnk_ChangeLinkWWW (void)
Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_web_address_empty);
/***** Show the form again *****/
strcpy (Lnk->WWW,NewWWW);
strncpy (Lnk->WWW,NewWWW,Cns_MAX_LENGTH_WWW);
Lnk->WWW[Cns_MAX_LENGTH_WWW] = '\0';
Lnk_EditLinks ();
}

6
swad_link.h
View File

@ -37,9 +37,9 @@
struct Link
{
long LnkCod;
char ShrtName[Lnk_MAX_LENGTH_LINK_SHRT_NAME+1];
char FullName[Lnk_MAX_LENGTH_LINK_FULL_NAME+1];
char WWW[Cns_MAX_LENGTH_WWW+1];
char ShrtName[Lnk_MAX_LENGTH_LINK_SHRT_NAME + 1];
char FullName[Lnk_MAX_LENGTH_LINK_FULL_NAME + 1];
char WWW[Cns_MAX_LENGTH_WWW + 1];
};
/*****************************************************************************/

24
swad_mail.c
View File

@ -288,10 +288,12 @@ static void Mai_GetListMailDomainsAllowedForNotif (void)
Lay_ShowErrorAndExit ("Wrong code of mail domain.");
/* Get the mail domain (row[1]) */
strcpy (Mai->Domain,row[1]);
strncpy (Mai->Domain,row[1],Mai_MAX_LENGTH_MAIL_DOMAIN);
Mai->Domain[Mai_MAX_LENGTH_MAIL_DOMAIN] = '\0';
/* Get the mail domain info (row[2]) */
strcpy (Mai->Info,row[2]);
strncpy (Mai->Info,row[2],Mai_MAX_LENGTH_MAIL_INFO);
Mai->Info[Mai_MAX_LENGTH_MAIL_INFO] = '\0';
/* Get number of users (row[3]) */
if (sscanf (row[3],"%u",&(Mai->NumUsrs)) != 1)
@ -392,10 +394,12 @@ void Mai_GetDataOfMailDomainByCod (struct Mail *Mai)
row = mysql_fetch_row (mysql_res);
/* Get the short name of the mail (row[0]) */
strcpy (Mai->Domain,row[0]);
strncpy (Mai->Domain,row[0],Mai_MAX_LENGTH_MAIL_DOMAIN);
Mai->Domain[Mai_MAX_LENGTH_MAIL_DOMAIN] = '\0';
/* Get the full name of the mail (row[1]) */
strcpy (Mai->Info,row[1]);
strncpy (Mai->Info,row[1],Mai_MAX_LENGTH_MAIL_INFO);
Mai->Info[Mai_MAX_LENGTH_MAIL_INFO] = '\0';
}
/***** Free structure that stores the query result *****/
@ -649,7 +653,9 @@ static void Mai_RenameMailDomain (Cns_ShrtOrFullName_t ShrtOrFullName)
}
/***** Show the form again *****/
strcpy (CurrentMaiName,NewMaiName);
strncpy (CurrentMaiName,NewMaiName,MaxLength);
CurrentMaiName[MaxLength] = '\0';
Mai_EditMailDomains ();
}
@ -1033,7 +1039,8 @@ bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat)
row = mysql_fetch_row (mysql_res);
/* Get email */
strcpy (UsrDat->Email,row[0]);
strncpy (UsrDat->Email,row[0],Usr_MAX_BYTES_USR_EMAIL);
UsrDat->Email[Usr_MAX_BYTES_USR_EMAIL] = '\0';
UsrDat->EmailConfirmed = (row[1][0] == 'Y');
@ -1665,7 +1672,7 @@ void Mai_ConfirmEmail (void)
MYSQL_ROW row;
char MailKey[Mai_LENGTH_EMAIL_CONFIRM_KEY+1];
long UsrCod;
char Email[Usr_MAX_BYTES_USR_EMAIL+1];
char Email[Usr_MAX_BYTES_USR_EMAIL + 1];
bool KeyIsCorrect = false;
bool Confirmed;
@ -1683,7 +1690,8 @@ void Mai_ConfirmEmail (void)
UsrCod = Str_ConvertStrCodToLongCod (row[0]);
/* Get user's email */
strcpy (Email,row[1]);
strncpy (Email,row[1],Usr_MAX_BYTES_USR_EMAIL);
Email[Usr_MAX_BYTES_USR_EMAIL] = '\0';
KeyIsCorrect = true;
}

4
swad_mail.h
View File

@ -46,8 +46,8 @@ typedef enum
struct Mail
{
long MaiCod;
char Domain[Mai_MAX_LENGTH_MAIL_DOMAIN+1];
char Info[Mai_MAX_LENGTH_MAIL_INFO+1];
char Domain[Mai_MAX_LENGTH_MAIL_DOMAIN + 1];
char Info[Mai_MAX_LENGTH_MAIL_INFO + 1];
unsigned NumUsrs;
};

53
swad_mark.c
View File

@ -323,7 +323,10 @@ bool Mrk_CheckFileOfMarks (const char *Path,struct MarksProperties *Marks)
// Only one table is allowed
if (Str_FindStrInFile (FileAllMarks,"<table",Str_NO_SKIP_HTML_COMMENTS))
{
strcpy (Gbl.Message,Txt_There_are_more_than_one_table_in_the_file_of_marks);
strncpy (Gbl.Message,Txt_There_are_more_than_one_table_in_the_file_of_marks,
Lay_MAX_BYTES_ALERT);
Gbl.Message[Lay_MAX_BYTES_ALERT] = '\0';
FileIsCorrect = false;
}
else
@ -384,7 +387,10 @@ bool Mrk_CheckFileOfMarks (const char *Path,struct MarksProperties *Marks)
}
else
{
strcpy (Gbl.Message,Txt_Table_not_found_in_the_file_of_marks);
strncpy (Gbl.Message,Txt_Table_not_found_in_the_file_of_marks,
Lay_MAX_BYTES_ALERT);
Gbl.Message[Lay_MAX_BYTES_ALERT] = '\0';
FileIsCorrect = false;
}
@ -456,7 +462,9 @@ static bool Mrk_GetUsrMarks (FILE *FileUsrMarks,struct UsrData *UsrDat,
/***** Open HTML file with the table of marks *****/
if (!(FileAllMarks = fopen (PathFileAllMarks,"rb")))
{ // Can't open the file with the table of marks
strcpy (Gbl.Message,"Can not open file of marks.");
strncpy (Gbl.Message,"Can not open file of marks.",Lay_MAX_BYTES_ALERT); // TODO: Need translation!
Gbl.Message[Lay_MAX_BYTES_ALERT] = '\0';
return false;
}
@ -709,7 +717,8 @@ void Mrk_ShowMyMarks (void)
/*****************************************************************************/
// This function may be called inside a web service, so don't report error
void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
void Mrk_GetNotifMyMarks (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
long MrkCod,long UsrCod,
unsigned MaxChars,bool GetContent)
{
@ -733,8 +742,9 @@ void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
char PathMarks[PATH_MAX+1];
char FileNameUsrMarks[PATH_MAX+1];
FILE *FileUsrMarks;
long SizeOfMyMarks;
long i;
size_t SizeOfMyMarks;
size_t Length;
size_t i;
char *Ptr;
SummaryStr[0] = '\0'; // Return nothing on error
@ -824,21 +834,31 @@ void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
/***** Get user's marks *****/
if (Mrk_GetUsrMarks (FileUsrMarks,&UsrDat,PathMarks,&Marks))
{
SizeOfMyMarks = ftell (FileUsrMarks);
SizeOfMyMarks = (size_t) ftell (FileUsrMarks);
fclose (FileUsrMarks);
if ((*ContentStr = (char *) malloc (9+SizeOfMyMarks+3+1)))
Length = 9 + SizeOfMyMarks + 3;
if ((*ContentStr = (char *) malloc (Length + 1)))
{
strcpy (*ContentStr,"<![CDATA[");
/* 9 starting chars */
strncpy (*ContentStr,"<![CDATA[",9);
/* Content */
Ptr = (*ContentStr) + 9;
if ((FileUsrMarks = fopen (FileNameUsrMarks,"rb")))
{
for (Ptr = (*ContentStr) + 9, i = 0;
for (i = 0;
i < SizeOfMyMarks;
i++)
Ptr[i] = (char) fgetc (FileUsrMarks);
*Ptr++ = (char) fgetc (FileUsrMarks);
fclose (FileUsrMarks);
}
strcpy ((*ContentStr)+9+SizeOfMyMarks,"]]>");
/* 3 ending chars */
strncpy (Ptr,"]]>",3);
/* Ending null char */
(*ContentStr)[Length] = '\0';
}
}
else
@ -850,7 +870,10 @@ void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
}
else
{
strcpy (Gbl.Message,"Can not open file with user's marks!");
strncpy (Gbl.Message,"Can not open file with user's marks!", // TODO: Need translation!
Lay_MAX_BYTES_ALERT);
Gbl.Message[Lay_MAX_BYTES_ALERT] = '\0';
if ((*ContentStr = (char *) malloc (9+strlen (Gbl.Message)+3+1)))
sprintf (*ContentStr,"<![CDATA[%s]]>",Gbl.Message);
}
@ -858,7 +881,9 @@ void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
}
else
{
strcpy (Gbl.Message,"User's IDs not found!");
strncpy (Gbl.Message,"User's IDs not found!",Lay_MAX_BYTES_ALERT); // TODO: Need translation!
Gbl.Message[Lay_MAX_BYTES_ALERT] = '\0';
if ((*ContentStr = (char *) malloc (9+strlen (Gbl.Message)+3+1)))
sprintf (*ContentStr,"<![CDATA[%s]]>",Gbl.Message);
}

3
swad_mark.h
View File

@ -52,7 +52,8 @@ void Mrk_ChangeNumRowsFooter (void);
bool Mrk_CheckFileOfMarks (const char *Path,struct MarksProperties *Marks);
void Mrk_ShowMyMarks (void);
void Mrk_GetNotifMyMarks (char *SummaryStr,char **ContentStr,
void Mrk_GetNotifMyMarks (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
long MrkCod,long UsrCod,
unsigned MaxChars,bool GetContent);

7
swad_notification.c
View File

@ -318,7 +318,7 @@ void Ntf_ShowMyNotifications (void)
struct Degree Deg;
struct Course Crs;
long Cod;
char ForumName[512];
char ForumName[For_MAX_BYTES_FORUM_NAME + 1];
time_t DateTimeUTC; // Date-time of the event
Ntf_Status_t Status;
Ntf_StatusTxt_t StatusTxt;
@ -861,7 +861,8 @@ Ntf_StatusTxt_t Ntf_GetStatusTxtFromStatusBits (Ntf_Status_t Status)
/******************* Get notification summary and content ********************/
/*****************************************************************************/
void Ntf_GetNotifSummaryAndContent (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],char **ContentStr,
void Ntf_GetNotifSummaryAndContent (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
Ntf_NotifyEvent_t NotifyEvent,
long Cod,long CrsCod,long UsrCod,
unsigned MaxChars,bool GetContent)
@ -1563,7 +1564,7 @@ static void Ntf_SendPendingNotifByEMailToOneUsr (struct UsrData *ToUsrDat,unsign
struct Course Crs;
long Cod;
For_ForumType_t ForumType = (For_ForumType_t) 0; // Initialized to avoid warning
char ForumName[512];
char ForumName[For_MAX_BYTES_FORUM_NAME + 1];
char Command[2048]; // Command to execute for sending an email
int ReturnCode;

3
swad_notification.h
View File

@ -107,7 +107,8 @@ void Ntf_ShowMyNotifications (void);
Ntf_NotifyEvent_t Ntf_GetParamNotifyEvent (void);
Ntf_StatusTxt_t Ntf_GetStatusTxtFromStatusBits (Ntf_Status_t Status);
void Ntf_GetNotifSummaryAndContent (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],char **ContentStr,
void Ntf_GetNotifSummaryAndContent (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
char **ContentStr,
Ntf_NotifyEvent_t NotifyEvent,
long Cod,long CrsCod,long UsrCod,
unsigned MaxChars,bool GetContent);

2
swad_social.c
View File

@ -1090,7 +1090,7 @@ static void Soc_WriteSocialNote (const struct SocialNote *SocNot,
struct Course Crs;
bool ShowPhoto = false;
char PhotoURL[PATH_MAX+1];
char ForumName[512];
char ForumName[For_MAX_BYTES_FORUM_NAME + 1];
char SummaryStr[Cns_MAX_BYTES_TEXT + 1];
unsigned NumComments;
char IdNewComment[Act_MAX_LENGTH_ID];

22
swad_user.h
View File

@ -133,21 +133,21 @@ struct UsrData
char Surname1 [Usr_MAX_BYTES_NAME + 1];
char Surname2 [Usr_MAX_BYTES_NAME + 1];
char FirstName [Usr_MAX_BYTES_NAME + 1];
char FullName [(Usr_MAX_BYTES_NAME + 1)*3];
char FullName [(Usr_MAX_BYTES_NAME + 1) * 3];
Usr_Sex_t Sex;
char Email [Usr_MAX_BYTES_USR_EMAIL+1];
char Email [Usr_MAX_BYTES_USR_EMAIL + 1];
bool EmailConfirmed;
char Photo [Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1]; // Name of public link to photo
char Photo [Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]; // Name of public link to photo
Pri_Visibility_t PhotoVisibility; // Who can see user's photo
Pri_Visibility_t ProfileVisibility; // Who can see user's public profile
long CtyCod; // Country
char OriginPlace [Cns_MAX_BYTES_STRING+1];
char OriginPlace [Cns_MAX_BYTES_STRING + 1];
struct Date Birthday;
char StrBirthday [Cns_MAX_LENGTH_DATE +1];
char LocalAddress [Cns_MAX_BYTES_STRING+1];
char LocalPhone [Usr_MAX_BYTES_PHONE +1];
char FamilyAddress [Cns_MAX_BYTES_STRING+1];
char FamilyPhone [Usr_MAX_BYTES_PHONE +1];
char StrBirthday [Cns_MAX_LENGTH_DATE + 1];
char LocalAddress [Cns_MAX_BYTES_STRING + 1];
char LocalPhone [Usr_MAX_BYTES_PHONE + 1];
char FamilyAddress [Cns_MAX_BYTES_STRING + 1];
char FamilyPhone [Usr_MAX_BYTES_PHONE + 1];
char *Comments;
long InsCtyCod; // Country of the institution
long InsCod; // Institution
@ -155,8 +155,8 @@ struct UsrData
{
long CtrCod; // Centre
long DptCod; // Department
char Office [Cns_MAX_BYTES_STRING+1];
char OfficePhone [Usr_MAX_BYTES_PHONE +1];
char Office [Cns_MAX_BYTES_STRING + 1];
char OfficePhone [Usr_MAX_BYTES_PHONE + 1];
} Tch;
struct
{

2
swad_web_service.c
View File

@ -2803,7 +2803,7 @@ int swad__getNotifications (struct soap *soap,
struct Degree Deg;
struct Course Crs;
long Cod;
char ForumName[512];
char ForumName[For_MAX_BYTES_FORUM_NAME + 1];
char SummaryStr[Cns_MAX_BYTES_TEXT + 1];
char *ContentStr;
Ntf_Status_t Status;