"
@@ -2541,7 +2551,8 @@ static void Soc_PutDisabledIconShare (unsigned NumShared)
if (NumShared)
sprintf (Gbl.Title,Txt_SOCIAL_NOTE_Shared_by_X_USERS,NumShared);
else
- strcpy (Gbl.Title,Txt_SOCIAL_NOTE_Not_shared_by_anyone);
+ Str_Copy (Gbl.Title,Txt_SOCIAL_NOTE_Not_shared_by_anyone,
+ Lay_MAX_BYTES_TITLE);
/***** Disabled icon to share *****/
fprintf (Gbl.F.Out,"
"
@@ -2565,7 +2576,8 @@ static void Soc_PutDisabledIconFav (unsigned NumFavs)
if (NumFavs)
sprintf (Gbl.Title,Txt_SOCIAL_NOTE_Favourited_by_X_USERS,NumFavs);
else
- strcpy (Gbl.Title,Txt_SOCIAL_NOTE_Not_favourited_by_anyone);
+ Str_Copy (Gbl.Title,Txt_SOCIAL_NOTE_Not_favourited_by_anyone,
+ Lay_MAX_BYTES_TITLE);
/***** Disabled icon to mark as favourite *****/
fprintf (Gbl.F.Out,"
"
@@ -4633,7 +4645,8 @@ static void Soc_AddNotesJustRetrievedToTimelineThisSession (void)
/******************* Get notification of a new social post *******************/
/*****************************************************************************/
-void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCod,
+void Soc_GetNotifSocialPublishing (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
+ char **ContentStr,long PubCod,
unsigned MaxChars,bool GetContent)
{
char Query[256];
@@ -4642,6 +4655,7 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo
struct SocialPublishing SocPub;
struct SocialNote SocNot;
char Content[Cns_MAX_BYTES_LONG_TEXT+1];
+ size_t Length;
bool ContentCopied = false;
/***** Return nothing on error *****/
@@ -4695,15 +4709,18 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo
/***** Copy content string *****/
if (GetContent)
- if ((*ContentStr = (char *) malloc (strlen (Content)+1)) != NULL)
+ {
+ Length = strlen (Content);
+ if ((*ContentStr = (char *) malloc (Length + 1)) != NULL)
{
- strcpy (*ContentStr,Content);
+ Str_Copy (*ContentStr,Content,Length);
ContentCopied = true;
}
+ }
/***** Copy summary string *****/
Str_LimitLengthHTMLStr (Content,MaxChars);
- strcpy (SummaryStr,Content);
+ Str_Copy (SummaryStr,Content,Cns_MAX_BYTES_TEXT);
}
else
Soc_GetNoteSummary (&SocNot,SummaryStr,Soc_MAX_BYTES_SUMMARY);
@@ -4728,15 +4745,18 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo
/***** Copy content string *****/
if (GetContent)
- if ((*ContentStr = (char *) malloc (strlen (Content)+1)) != NULL)
+ {
+ Length = strlen (Content);
+ if ((*ContentStr = (char *) malloc (Length + 1)) != NULL)
{
- strcpy (*ContentStr,Content);
+ Str_Copy (*ContentStr,Content,Length);
ContentCopied = true;
}
+ }
/***** Copy summary string *****/
Str_LimitLengthHTMLStr (Content,MaxChars);
- strcpy (SummaryStr,Content);
+ Str_Copy (SummaryStr,Content,Cns_MAX_BYTES_TEXT);
break;
}
diff --git a/swad_social.h b/swad_social.h
index aa443cd1..2b5a2c07 100644
--- a/swad_social.h
+++ b/swad_social.h
@@ -165,7 +165,8 @@ void Soc_RemoveUsrSocialContent (long UsrCod);
void Soc_ClearOldTimelinesDB (void);
-void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCod,
+void Soc_GetNotifSocialPublishing (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
+ char **ContentStr,long PubCod,
unsigned MaxChars,bool GetContent);
#endif
diff --git a/swad_statistic.c b/swad_statistic.c
index 209768fe..a98c91b4 100644
--- a/swad_statistic.c
+++ b/swad_statistic.c
@@ -804,7 +804,9 @@ void Sta_SeeCrsAccesses (void)
/******************** Compute and show access statistics ********************/
/*****************************************************************************/
-#define MAX_LENGTH_QUERY_ACCESS (1024 + (10+ID_MAX_LENGTH_USR_ID)*5000)
+#define Sta_MAX_LENGTH_QUERY_ACCESS (1024 + (10+ID_MAX_LENGTH_USR_ID)*5000)
+
+#define Sta_MAX_LENGTH_COUNT_TYPE (256 - 1)
static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse)
{
@@ -816,7 +818,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse)
extern const char *Txt_List_of_detailed_clicks;
extern const char *Txt_STAT_TYPE_COUNT_CAPS[Sta_NUM_COUNT_TYPES];
extern const char *Txt_Time_zone_used_in_the_calculation_of_these_statistics;
- char Query[MAX_LENGTH_QUERY_ACCESS+1];
+ char Query[Sta_MAX_LENGTH_QUERY_ACCESS+1];
char QueryAux[512];
long LengthQuery;
MYSQL_RES *mysql_res;
@@ -830,7 +832,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse)
unsigned NumUsr = 0;
const char *Ptr;
char StrRole[256];
- char StrQueryCountType[256];
+ char StrQueryCountType[Sta_MAX_LENGTH_COUNT_TYPE + 1];
unsigned NumDays;
bool ICanQueryWholeRange;
@@ -980,7 +982,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse)
switch (Gbl.Stat.CountType)
{
case Sta_TOTAL_CLICKS:
- strcpy (StrQueryCountType,"COUNT(*)");
+ Str_Copy (StrQueryCountType,"COUNT(*)",Sta_MAX_LENGTH_COUNT_TYPE);
break;
case Sta_DISTINCT_USRS:
sprintf (StrQueryCountType,"COUNT(DISTINCT(%s.UsrCod))",LogTable);
@@ -1253,7 +1255,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse)
if (UsrDat.UsrCod > 0)
{
LengthQuery = LengthQuery + 25 + 10 + 1;
- if (LengthQuery > MAX_LENGTH_QUERY_ACCESS - 128)
+ if (LengthQuery > Sta_MAX_LENGTH_QUERY_ACCESS - 128)
Lay_ShowErrorAndExit ("Query is too large.");
sprintf (QueryAux,
NumUsr ? " OR %s.UsrCod='%ld'" :
@@ -5425,17 +5427,17 @@ static void Sta_WriteStatsExpTreesTableHead (void)
static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char *NameOfFileZones)
{
- char StrNumCrss[10+1];
- char StrNumGrps[10+1];
- char StrNumUsrs[10+1];
- char StrNumFoldersPerCrs[10+1];
- char StrNumFoldersPerUsr[10+1];
- char StrNumFilesPerCrs[10+1];
- char StrNumFilesPerUsr[10+1];
+ char StrNumCrss[10 + 1];
+ char StrNumGrps[10 + 1];
+ char StrNumUsrs[10 + 1];
+ char StrNumFoldersPerCrs[10 + 1];
+ char StrNumFoldersPerUsr[10 + 1];
+ char StrNumFilesPerCrs[10 + 1];
+ char StrNumFilesPerUsr[10 + 1];
struct Sta_SizeOfFileZones SizeOfFileZones;
- char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING];
- char FileSizePerCrsStr[Fil_MAX_BYTES_FILE_SIZE_STRING];
- char FileSizePerUsrStr[Fil_MAX_BYTES_FILE_SIZE_STRING];
+ char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1];
+ char FileSizePerCrsStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1];
+ char FileSizePerUsrStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1];
char *Class = (FileZone == Brw_UNKNOWN) ? "DAT_N_LINE_TOP" :
"DAT";
@@ -5445,10 +5447,10 @@ static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char
if (SizeOfFileZones.NumCrss == -1)
{
- strcpy (StrNumCrss ,"-");
- strcpy (StrNumFoldersPerCrs,"-");
- strcpy (StrNumFilesPerCrs ,"-");
- strcpy (FileSizePerCrsStr ,"-");
+ Str_Copy (StrNumCrss ,"-",10);
+ Str_Copy (StrNumFoldersPerCrs,"-",10);
+ Str_Copy (StrNumFilesPerCrs ,"-",10);
+ Str_Copy (FileSizePerCrsStr ,"-",Fil_MAX_BYTES_FILE_SIZE_STRING);
}
else
{
@@ -5468,16 +5470,16 @@ static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char
}
if (SizeOfFileZones.NumGrps == -1)
- strcpy (StrNumGrps,"-");
+ Str_Copy (StrNumGrps,"-",10);
else
sprintf (StrNumGrps,"%d",SizeOfFileZones.NumGrps);
if (SizeOfFileZones.NumUsrs == -1)
{
- strcpy (StrNumUsrs ,"-");
- strcpy (StrNumFoldersPerUsr,"-");
- strcpy (StrNumFilesPerUsr ,"-");
- strcpy (FileSizePerUsrStr ,"-");
+ Str_Copy (StrNumUsrs ,"-",10);
+ Str_Copy (StrNumFoldersPerUsr,"-",10);
+ Str_Copy (StrNumFilesPerUsr ,"-",10);
+ Str_Copy (FileSizePerUsrStr ,"-",Fil_MAX_BYTES_FILE_SIZE_STRING);
}
else
{
diff --git a/swad_string.c b/swad_string.c
index 8897eda1..12e1fad1 100644
--- a/swad_string.c
+++ b/swad_string.c
@@ -316,7 +316,7 @@ void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScre
Anchor1NickLength = strlen (Anchor1Nick);
if ((Links[NumLinks].Anchor1Nick = (char *) malloc (Anchor1NickLength + 1)) == NULL)
Lay_ShowErrorAndExit ("Not enough memory to insert link.");
- strcpy (Links[NumLinks].Anchor1Nick,Anchor1Nick);
+ Str_Copy (Links[NumLinks].Anchor1Nick,Anchor1Nick,Anchor1NickLength);
Links[NumLinks].Anchor1NickLength = Anchor1NickLength;
/* Store second part of anchor */
@@ -329,7 +329,7 @@ void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScre
Anchor2NickLength = strlen (Anchor2Nick);
if ((Links[NumLinks].Anchor2Nick = (char *) malloc (Anchor2NickLength + 1)) == NULL)
Lay_ShowErrorAndExit ("Not enough memory to insert link.");
- strcpy (Links[NumLinks].Anchor2Nick,Anchor2Nick);
+ Str_Copy (Links[NumLinks].Anchor2Nick,Anchor2Nick,Anchor2NickLength);
Links[NumLinks].Anchor2NickLength = Anchor2NickLength;
AnchorNickTotalLength = Anchor1NickLength + Anchor2NickLength + Anchor3NickLength;
@@ -954,6 +954,8 @@ For example the string "Nueva++de+San+Ant%F3n"
"Nueva de San Antón" if ChangeTo == Str_TO_HTML
"Nueva de San Antón" if ChangeTo == Str_TO_TEXT
*/
+#define Str_MAX_LENGTH_SPECIAL_CHAR (256 - 1)
+
void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
char *Str,size_t MaxLengthStr,bool RemoveLeadingAndTrailingSpaces)
{
@@ -970,7 +972,7 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
unsigned NumPrintableCharsFromReturn = 0; // To substitute tabs for spaces
bool IsSpecialChar = false;
bool ThereIsSpaceChar = true; // Indicates if the character before was a space. Set to true to respect the initial spaces.
- char StrSpecialChar[256];
+ char StrSpecialChar[Str_MAX_LENGTH_SPECIAL_CHAR + 1];
/*
if (Gbl.Usrs.Me.LoggedRole == Rol_ROLE_SYS_ADM)
@@ -1110,27 +1112,44 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
NumPrintableCharsFromReturn += NumSpacesTab;
}
else
- strcpy (StrSpecialChar,"\t");
+ {
+ StrSpecialChar[0] = '\t';
+ StrSpecialChar[1] = '\0';
+ }
ThereIsSpaceChar = true;
break;
case 0x0A: /* \n */
- strcpy (StrSpecialChar,
- ChangeTo == Str_TO_RIGOROUS_HTML ? "
" :
- Str_LF);
+ if (ChangeTo == Str_TO_RIGOROUS_HTML)
+ Str_Copy (StrSpecialChar,"
",
+ Str_MAX_LENGTH_SPECIAL_CHAR);
+ else
+ {
+ StrSpecialChar[0] = Str_LF[0];
+ StrSpecialChar[1] = '\0';
+ }
NumPrintableCharsFromReturn = 0;
ThereIsSpaceChar = true;
break;
case 0x0D: /* "%0D" --> "" */
- strcpy (StrSpecialChar,
- ChangeTo == Str_TO_RIGOROUS_HTML ? "" :
- Str_CR);
+ if (ChangeTo == Str_TO_RIGOROUS_HTML)
+ StrSpecialChar[0] = '\0';
+ else
+ {
+ StrSpecialChar[0] = Str_CR[0];
+ StrSpecialChar[1] = '\0';
+ }
NumPrintableCharsFromReturn = 0;
ThereIsSpaceChar = true;
break;
case 0x20: /* Space */
- strcpy (StrSpecialChar,
- (ChangeTo == Str_TO_RIGOROUS_HTML && ThereIsSpaceChar) ? " " :
- " ");
+ if (ChangeTo == Str_TO_RIGOROUS_HTML && ThereIsSpaceChar)
+ Str_Copy (StrSpecialChar," ",
+ Str_MAX_LENGTH_SPECIAL_CHAR);
+ else
+ {
+ StrSpecialChar[0] = ' ';
+ StrSpecialChar[1] = '\0';
+ }
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = true;
break;
@@ -1147,12 +1166,14 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
ThereIsSpaceChar = false;
break;
case 0x23: /* "%23" --> "#" */
- strcpy (StrSpecialChar,"#");
+ StrSpecialChar[0] = '#';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x26: /* "%26" --> "&" (&) */
- strcpy (StrSpecialChar,"&");
+ StrSpecialChar[0] = '&';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
@@ -1169,48 +1190,62 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
ThereIsSpaceChar = false;
break;
case 0x2C: /* "%2C" --> "," */
- strcpy (StrSpecialChar,",");
+ StrSpecialChar[0] = ',';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x2F: /* "%2F" --> "/" */
- strcpy (StrSpecialChar,"/");
+ StrSpecialChar[0] = '/';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x3A: /* "%3A" --> ":" */
- strcpy (StrSpecialChar,":");
+ StrSpecialChar[0] = ':';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x3B: /* "%3B" --> ";" */
- strcpy (StrSpecialChar,";");
+ StrSpecialChar[0] = ';';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x3C: /* "%3C" --> "<" (<) */
if (ChangeTo == Str_TO_MARKDOWN)
- strcpy (StrSpecialChar,"<");
+ {
+ StrSpecialChar[0] = '<';
+ StrSpecialChar[1] = '\0';
+ }
else
- strcpy (StrSpecialChar,"<"); // "<" is stored as HTML code to avoid problems when displaying it
+ Str_Copy (StrSpecialChar,"<", // "<" is stored as HTML code to avoid problems when displaying it
+ Str_MAX_LENGTH_SPECIAL_CHAR);
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x3E: /* "%3E" --> ">" (>) */
if (ChangeTo == Str_TO_MARKDOWN)
- strcpy (StrSpecialChar,">");
+ {
+ StrSpecialChar[0] = '>';
+ StrSpecialChar[1] = '\0';
+ }
else
- strcpy (StrSpecialChar,">"); // ">" is stored as HTML code to avoid problems when displaying it
+ Str_Copy (StrSpecialChar,">", // ">" is stored as HTML code to avoid problems when displaying it
+ Str_MAX_LENGTH_SPECIAL_CHAR);
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x3F: /* "%3F" --> "?" */
- strcpy (StrSpecialChar,"?");
+ StrSpecialChar[0] = '?';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0x40: /* "%40" --> "@" */
- strcpy (StrSpecialChar,"@");
+ StrSpecialChar[0] = '@';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
@@ -1222,77 +1257,92 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo,
StrSpecialChar[2] = '\0'; // End of string
}
else
- strcpy (StrSpecialChar,"\"); // "\" is stored as HTML code to avoid problems when displaying it
+ Str_Copy (StrSpecialChar,"\", // "\" is stored as HTML code to avoid problems when displaying it
+ Str_MAX_LENGTH_SPECIAL_CHAR);
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xC1: /* "%C1" --> "Á" */
- strcpy (StrSpecialChar,"Á");
+ StrSpecialChar[0] = 'Á';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xC9: /* "%C9" --> "É" */
- strcpy (StrSpecialChar,"É");
+ StrSpecialChar[0] = 'É';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xCD: /* "%CD" --> "Í" */
- strcpy (StrSpecialChar,"Í");
+ StrSpecialChar[0] = 'Í';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xD3: /* "%D3" --> "Ó" */
- strcpy (StrSpecialChar,"Ó");
+ StrSpecialChar[0] = 'Ó';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xDA: /* "%DA" --> "Ú" */
- strcpy (StrSpecialChar,"Ú");
+ StrSpecialChar[0] = 'Ú';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xD1: /* "%D1" --> "Ñ" */
- strcpy (StrSpecialChar,"Ñ");
+ StrSpecialChar[0] = 'Ñ';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xC7: /* "%C7" --> "Ç" */
- strcpy (StrSpecialChar,"Ç");
+ StrSpecialChar[0] = 'Ç';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xE1: /* "%E1" --> "á" */
- strcpy (StrSpecialChar,"á");
+ StrSpecialChar[0] = 'á';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xE9: /* "%E9" --> "é" */
- strcpy (StrSpecialChar,"é");
+ StrSpecialChar[0] = 'é';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xED: /* "%ED" --> "í" */
- strcpy (StrSpecialChar,"í");
+ StrSpecialChar[0] = 'í';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xF3: /* "%F3" --> "ó" */
- strcpy (StrSpecialChar,"ó");
+ StrSpecialChar[0] = 'ó';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xFA: /* "%FA" --> "ú" */
- strcpy (StrSpecialChar,"ú");
+ StrSpecialChar[0] = 'ú';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xF1: /* "%F1" --> "ñ" */
- strcpy (StrSpecialChar,"ñ");
+ StrSpecialChar[0] = 'ñ';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
case 0xE7: /* "%E7" --> "ç" */
- strcpy (StrSpecialChar,"ç");
+ StrSpecialChar[0] = 'ç';
+ StrSpecialChar[1] = '\0';
NumPrintableCharsFromReturn++;
ThereIsSpaceChar = false;
break;
diff --git a/swad_survey.c b/swad_survey.c
index 0858f27f..eb4e35f6 100644
--- a/swad_survey.c
+++ b/swad_survey.c
@@ -111,7 +111,7 @@ static void Svy_PutParams (void);
static void Svy_SetAllowedAndHiddenScopes (unsigned *ScopesAllowed,
unsigned *HiddenAllowed);
-static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt);
+static void Svy_GetSurveyTxtFromDB (long SvyCod,char Txt[Cns_MAX_BYTES_TEXT + 1]);
static void Svy_PutParamSvyCod (long SvyCod);
static long Svy_GetParamSvyCod (void);
@@ -426,7 +426,7 @@ static void Svy_ShowOneSurvey (long SvyCod,struct SurveyQuestion *SvyQst,
extern const char *Txt_View_survey_results;
static unsigned UniqueId = 0;
struct Survey Svy;
- char Txt[Cns_MAX_BYTES_TEXT+1];
+ char Txt[Cns_MAX_BYTES_TEXT + 1];
/***** Start frame *****/
if (ShowOnlyThisSvyComplete)
@@ -690,8 +690,8 @@ static void Svy_WriteAuthor (struct Survey *Svy)
"PHOTO15x20",Pho_ZOOM,false);
/***** Write name *****/
- strcpy (FirstName,UsrDat.FirstName);
- strcpy (Surnames,UsrDat.Surname1);
+ Str_Copy (FirstName,UsrDat.FirstName,Usr_MAX_BYTES_NAME);
+ Str_Copy (Surnames,UsrDat.Surname1,Usr_MAX_BYTES_SURNAMES);
if (UsrDat.Surname2[0])
{
strcat (Surnames," ");
@@ -1247,7 +1247,7 @@ void Svy_GetDataOfSurveyByCod (struct Survey *Svy)
Svy->Status.Open = (row[8][0] == '1');
/* Get the title of the survey (row[9]) */
- strcpy (Svy->Title,row[9]);
+ Str_Copy (Svy->Title,row[9],Svy_MAX_LENGTH_SURVEY_TITLE);
/* Get number of questions and number of users who have already answer this survey */
Svy->NumQsts = Svy_GetNumQstsSvy (Svy->SvyCod);
@@ -1411,7 +1411,7 @@ void Svy_FreeListSurveys (void)
/********************** Get survey text from database ************************/
/*****************************************************************************/
-static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt)
+static void Svy_GetSurveyTxtFromDB (long SvyCod,char Txt[Cns_MAX_BYTES_TEXT + 1])
{
char Query[512];
MYSQL_RES *mysql_res;
@@ -1427,7 +1427,7 @@ static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt)
{
/* Get info text */
row = mysql_fetch_row (mysql_res);
- strcpy (Txt,row[0]);
+ Str_Copy (Txt,row[0],Cns_MAX_BYTES_TEXT);
}
else
Txt[0] = '\0';
@@ -1444,11 +1444,13 @@ static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt)
/*****************************************************************************/
// This function may be called inside a web service, so don't report error
-void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent)
+void Svy_GetNotifSurvey (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
+ char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent)
{
char Query[512];
MYSQL_RES *mysql_res;
MYSQL_ROW row;
+ size_t Length;
SummaryStr[0] = '\0'; // Return nothing on error
@@ -1465,16 +1467,17 @@ void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned
row = mysql_fetch_row (mysql_res);
/***** Get summary *****/
- strcpy (SummaryStr,row[0]);
+ Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT);
if (MaxChars)
Str_LimitLengthHTMLStr (SummaryStr,MaxChars);
/***** Get content *****/
if (GetContent)
{
- if ((*ContentStr = (char *) malloc (512+Cns_MAX_BYTES_TEXT)) == NULL)
+ Length = strlen (row[1]);
+ if ((*ContentStr = (char *) malloc (Length + 1)) == NULL)
Lay_ShowErrorAndExit ("Error allocating memory for notification content.");
- strcpy (*ContentStr,row[1]);
+ Str_Copy (*ContentStr,row[1],Length);
}
}
mysql_free_result (mysql_res);
@@ -3371,16 +3374,16 @@ static void Svy_PutButtonToCreateNewQuestion (void)
static void Svy_WriteQstStem (const char *Stem)
{
- unsigned long LengthHeading;
char *HeadingRigorousHTML;
+ size_t Length;
/* Convert the stem, that is in HTML, to rigorous HTML */
- LengthHeading = strlen (Stem) * Str_MAX_LENGTH_SPEC_CHAR_HTML;
- if ((HeadingRigorousHTML = malloc (LengthHeading+1)) == NULL)
+ Length = strlen (Stem) * Str_MAX_LENGTH_SPEC_CHAR_HTML;
+ if ((HeadingRigorousHTML = malloc (Length + 1)) == NULL)
Lay_ShowErrorAndExit ("Not enough memory to store stem of question.");
- strcpy (HeadingRigorousHTML,Stem);
+ Str_Copy (HeadingRigorousHTML,Stem,Length);
Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML,
- HeadingRigorousHTML,LengthHeading,false);
+ HeadingRigorousHTML,Length,false);
/* Write the stem */
fprintf (Gbl.F.Out,"%s",HeadingRigorousHTML);
@@ -3420,10 +3423,10 @@ static void Svy_WriteAnswersOfAQst (struct Survey *Svy,struct SurveyQuestion *Sv
Lay_ShowErrorAndExit ("Error when getting number of users who have marked an answer.");
/* Convert the answer (row[2]), that is in HTML, to rigorous HTML */
- AnsLength = strlen (row[2]) * Str_MAX_LENGTH_SPEC_CHAR_HTML;
- if ((Answer = malloc (AnsLength+1)) == NULL)
+ AnsLength = strlen (row[2]);
+ if ((Answer = malloc (AnsLength + 1)) == NULL)
Lay_ShowErrorAndExit ("Not enough memory to store answer.");
- strcpy (Answer,row[2]);
+ Str_Copy (Answer,row[2],AnsLength);
Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML,
Answer,AnsLength,false);
diff --git a/swad_survey.h b/swad_survey.h
index eafac453..c2083b45 100644
--- a/swad_survey.h
+++ b/swad_survey.h
@@ -33,7 +33,7 @@
/************************** Public types and constants ***********************/
/*****************************************************************************/
-#define Svy_MAX_LENGTH_SURVEY_TITLE 255
+#define Svy_MAX_LENGTH_SURVEY_TITLE (256 - 1)
#define Svy_NUM_DATES 2
typedef enum
@@ -49,7 +49,7 @@ struct Survey
long Cod; // Country, institution, centre, degree or course code
unsigned Roles; // Example: if survey can be made by students and teachers, Roles == (1 << Rol_ROLE_STUDENT) | (1 << Rol_ROLE_TEACHER)
long UsrCod;
- char Title[Svy_MAX_LENGTH_SURVEY_TITLE+1];
+ char Title[Svy_MAX_LENGTH_SURVEY_TITLE + 1];
time_t TimeUTC[Svy_NUM_DATES];
unsigned NumQsts; // Number of questions in the survey
unsigned NumUsrs; // Number of distinct users who have already answered the survey
@@ -87,7 +87,8 @@ void Svy_GetListSurveys (void);
void Svy_GetDataOfSurveyByCod (struct Survey *Svy);
void Svy_GetDataOfSurveyByFolder (struct Survey *Svy);
void Svy_FreeListSurveys (void);
-void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent);
+void Svy_GetNotifSurvey (char SummaryStr[Cns_MAX_BYTES_TEXT + 1],
+ char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent);
void Svy_AskRemSurvey (void);
void Svy_RemoveSurvey (void);
void Svy_AskResetSurvey (void);
diff --git a/swad_test.c b/swad_test.c
index 9ee33ee3..1cb0abab 100644
--- a/swad_test.c
+++ b/swad_test.c
@@ -1738,7 +1738,7 @@ static void Tst_ShowFormEditTags (void)
fprintf (Gbl.F.Out,"",
- Tst_MAX_TAG_LENGTH,row[1],Gbl.Form.Id);
+ Tst_MAX_LENGTH_TAG,row[1],Gbl.Form.Id);
Act_FormEnd ();
fprintf (Gbl.F.Out,""
"");
@@ -3697,7 +3697,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res,
{
unsigned NumOpt;
MYSQL_ROW row;
- char TextAnsUsr[Tst_MAX_SIZE_ANSWERS_ONE_QST],TextAnsOK[Tst_MAX_SIZE_ANSWERS_ONE_QST];
+ char TextAnsUsr[Tst_MAX_SIZE_ANSWERS_ONE_QST + 1];
+ char TextAnsOK[Tst_MAX_SIZE_ANSWERS_ONE_QST + 1];
bool Correct = false;
/*
row[ 0] AnsInd
@@ -3755,7 +3756,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res,
if (Gbl.Test.StrAnswersOneQst[NumQst][0]) // If user has answered the question
{
/* Filter the user answer */
- strcpy (TextAnsUsr,Gbl.Test.StrAnswersOneQst[NumQst]);
+ Str_Copy (TextAnsUsr,Gbl.Test.StrAnswersOneQst[NumQst],
+ Tst_MAX_SIZE_ANSWERS_ONE_QST);
/* In order to compare student answer to stored answer,
the text answers are stored avoiding two or more consecurive spaces */
@@ -3768,7 +3770,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res,
NumOpt++)
{
/* Filter this correct answer */
- strcpy (TextAnsOK,Gbl.Test.Answer.Options[NumOpt].Text);
+ Str_Copy (TextAnsOK,Gbl.Test.Answer.Options[NumOpt].Text,
+ Tst_MAX_SIZE_ANSWERS_ONE_QST);
Str_ConvertToComparable (TextAnsOK);
/* Check is user answer is correct */
@@ -4561,7 +4564,7 @@ static void Tst_PutFormEditOneQst (char *Stem,char *Feedback)
" class=\"TAG_TXT\" maxlength=\"%u\" value=\"%s\""
" onchange=\"changeSelTag('%u')\" />"
"",
- NumTag,NumTag,Tst_MAX_TAG_LENGTH,Gbl.Test.Tags.Txt[NumTag],NumTag);
+ NumTag,NumTag,Tst_MAX_LENGTH_TAG,Gbl.Test.Tags.Txt[NumTag],NumTag);
fprintf (Gbl.F.Out,"");
}
@@ -5748,13 +5751,13 @@ static long Tst_GetTagCodFromTagTxt (const char *TagTxt)
row = mysql_fetch_row (mysql_res);
if ((TagCod = Str_ConvertStrCodToLongCod (row[0])) < 0)
{
- strcpy (Gbl.Message,"Wrong code of tag.");
+ Str_Copy (Gbl.Message,"Wrong code of tag.",Lay_MAX_BYTES_ALERT);
Error = true;
}
}
else if (NumRows > 1)
{
- strcpy (Gbl.Message,"Duplicated tag.");
+ Str_Copy (Gbl.Message,"Duplicated tag.",Lay_MAX_BYTES_ALERT);
Error = true;
}
diff --git a/swad_test.h b/swad_test.h
index da9fe610..ae8f8e07 100644
--- a/swad_test.h
+++ b/swad_test.h
@@ -35,8 +35,8 @@
#define Tst_MAX_QUESTIONS_PER_TEST 100 // Absolute maximum number of questions in a test
#define Tst_MAX_TAGS_PER_QUESTION 5
-#define Tst_MAX_TAG_LENGTH 255
-#define Tst_MAX_BYTES_TAG (Tst_MAX_TAG_LENGTH*Str_MAX_CHARACTER)
+#define Tst_MAX_LENGTH_TAG (256 -1)
+#define Tst_MAX_BYTES_TAG (Tst_MAX_LENGTH_TAG*Str_MAX_CHARACTER)
#define Tst_MAX_OPTIONS_PER_QUESTION 10
#define Tst_MAX_SIZE_INDEXES_ONE_QST (Tst_MAX_OPTIONS_PER_QUESTION*(10+1))
#define Tst_MAX_SIZE_ANSWERS_ONE_QST (Tst_MAX_OPTIONS_PER_QUESTION*(10+1))
diff --git a/swad_timetable.c b/swad_timetable.c
index a4270ad8..4d3d723d 100644
--- a/swad_timetable.c
+++ b/swad_timetable.c
@@ -99,8 +99,8 @@ struct TimeTableColumn
TT_HourType_t HourType;
TT_ClassType_t ClassType;
unsigned Duration;
- char Place[TT_MAX_BYTES_PLACE+1];
- char Group[TT_MAX_BYTES_GROUP+1];
+ char Place[TT_MAX_BYTES_PLACE + 1];
+ char Group[TT_MAX_BYTES_GROUP + 1];
};
struct
{
@@ -742,11 +742,13 @@ static void TT_CreatTimeTableFromDB (long UsrCod)
TimeTable[Day][Hour].Columns[FirstFreeColumn].CrsCod =
(Gbl.TimeTable.Type == TT_MY_TIMETABLE ? Str_ConvertStrCodToLongCod (row[7]) :
Gbl.CurrentCrs.Crs.CrsCod);
- strcpy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Group,row[5]);
+ Str_Copy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Group,
+ row[5],TT_MAX_BYTES_GROUP);
TimeTable[Day][Hour].Columns[FirstFreeColumn].GrpCod = GrpCod;
// no break;
case TT_TUTOR_TIMETABLE:
- strcpy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Place,row[3]);
+ Str_Copy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Place,
+ row[3],TT_MAX_BYTES_PLACE);
break;
}
@@ -795,8 +797,10 @@ static void TT_ModifTimeTable (void)
TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].HourType = TT_FIRST_HOUR;
TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].ClassType = Gbl.TimeTable.ClassType;
TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Duration = Gbl.TimeTable.Duration;
- strcpy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Group,Gbl.TimeTable.Group);
- strcpy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Place,Gbl.TimeTable.Place);
+ Str_Copy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Group,
+ Gbl.TimeTable.Group,TT_MAX_BYTES_GROUP);
+ Str_Copy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Place,
+ Gbl.TimeTable.Place,TT_MAX_BYTES_PLACE);
}
}
diff --git a/swad_timetable.h b/swad_timetable.h
index de70972c..1421dc63 100644
--- a/swad_timetable.h
+++ b/swad_timetable.h
@@ -33,8 +33,8 @@
/************************* Public constants and types ************************/
/*****************************************************************************/
-#define TT_MAX_BYTES_PLACE 127
-#define TT_MAX_BYTES_GROUP 255
+#define TT_MAX_BYTES_PLACE (128 - 1)
+#define TT_MAX_BYTES_GROUP (256 - 1)
#define TT_NUM_TIMETABLE_TYPES 3
typedef enum
diff --git a/swad_user.c b/swad_user.c
index 0e963d20..d87525ce 100644
--- a/swad_user.c
+++ b/swad_user.c
@@ -458,13 +458,13 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat)
Ico_IconSet_t IconSet;
Txt_Language_t Lan;
unsigned UnsignedNum;
- char StrBirthday[4+1+2+1+2+1];
/***** Get user's data from database *****/
sprintf (Query,"SELECT EncryptedUsrCod,Password,Surname1,Surname2,FirstName,Sex,"
"Theme,IconSet,Language,FirstDayOfWeek,Photo,PhotoVisibility,ProfileVisibility,"
"CtyCod,InsCtyCod,InsCod,DptCod,CtrCod,Office,OfficePhone,"
- "LocalAddress,LocalPhone,FamilyAddress,FamilyPhone,OriginPlace,Birthday,Comments,"
+ "LocalAddress,LocalPhone,FamilyAddress,FamilyPhone,OriginPlace,"
+ "DATE_FORMAT(Birthday,'%%Y%%m%%d'),Comments,"
"Menu,SideCols,NotifNtfEvents,EmailNtfEvents"
" FROM usr_data WHERE UsrCod='%ld'",
UsrDat->UsrCod);
@@ -558,9 +558,8 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat)
Str_Copy (UsrDat->FamilyAddress,row[22],Cns_MAX_BYTES_STRING);
Str_Copy (UsrDat->FamilyPhone ,row[23],Usr_MAX_BYTES_PHONE);
Str_Copy (UsrDat->OriginPlace ,row[24],Cns_MAX_BYTES_STRING);
- strcpy (StrBirthday,
- row[25] ? row[25] :
- "0000-00-00");
+
+ Dat_GetDateFromYYYYMMDD (&(UsrDat->Birthday),row[25]);
Usr_GetUsrCommentsFromString (row[26] ? row[26] :
"",
@@ -597,11 +596,6 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat)
/* Create full name using FirstName, Surname1 and Surname2 */
Usr_BuildFullName (UsrDat);
- if (sscanf (StrBirthday,"%u-%u-%u",
- &(UsrDat->Birthday.Year),
- &(UsrDat->Birthday.Month),
- &(UsrDat->Birthday.Day)) != 3)
- Lay_ShowErrorAndExit ("Wrong date.");
Dat_ConvDateToDateStr (&(UsrDat->Birthday),UsrDat->StrBirthday);
/***** Free structure that stores the query result *****/
@@ -707,7 +701,7 @@ static Usr_Sex_t Usr_GetSexFromStr (const char *Str)
void Usr_BuildFullName (struct UsrData *UsrDat)
{
- strcpy (UsrDat->FullName,UsrDat->FirstName);
+ Str_Copy (UsrDat->FullName,UsrDat->FirstName,Usr_MAX_BYTES_FULL_NAME);
if (UsrDat->Surname1[0])
{
strcat (UsrDat->FullName," ");
@@ -730,8 +724,8 @@ void Usr_RestrictLengthAndWriteName (const struct UsrData *UsrDat,unsigned MaxCh
char Surnames[Usr_MAX_BYTES_SURNAMES + 1];
/***** Restrict length of firstname and surnames *****/
- strcpy (FirstName,UsrDat->FirstName);
- strcpy (Surnames,UsrDat->Surname1);
+ Str_Copy (FirstName,UsrDat->FirstName,Usr_MAX_BYTES_NAME);
+ Str_Copy (Surnames,UsrDat->Surname1,Usr_MAX_BYTES_SURNAMES);
if (UsrDat->Surname2[0])
{
strcat (Surnames," ");
@@ -1993,12 +1987,12 @@ void Usr_WelcomeUsr (void)
/*****************************************************************************/
void Usr_CreateBirthdayStrDB (const struct UsrData *UsrDat,
- char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1])
+ char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1])
{
if (UsrDat->Birthday.Year == 0 ||
UsrDat->Birthday.Month == 0 ||
UsrDat->Birthday.Day == 0)
- strcpy (BirthdayStrDB,"NULL");
+ Str_Copy (BirthdayStrDB,"NULL",Usr_BIRTHDAY_STR_DB_LENGTH);
else
sprintf (BirthdayStrDB,"'%04u-%02u-%02u'",
UsrDat->Birthday.Year,
@@ -2107,7 +2101,7 @@ void Usr_WriteLoggedUsrHead (void)
/* Name */
if (Gbl.Usrs.Me.UsrDat.FullName[0])
{
- strcpy (UsrName,Gbl.Usrs.Me.UsrDat.FirstName);
+ Str_Copy (UsrName,Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME);
Str_LimitLengthHTMLStr (UsrName,12);
fprintf (Gbl.F.Out,"%s",UsrName);
}
@@ -2958,13 +2952,15 @@ static void Usr_InsertMyLastData (void)
/*********** Write a row of a table with the main data of a user *************/
/*****************************************************************************/
+#define Usr_MAX_LENGTH_BG_COLOR (16 - 1)
+
void Usr_WriteRowUsrMainData (unsigned NumUsr,struct UsrData *UsrDat,
bool PutCheckBoxToSelectUsr)
{
extern const char *Txt_Enrollment_confirmed;
extern const char *Txt_Enrollment_not_confirmed;
- char BgColor[16];
- char PhotoURL[PATH_MAX+1];
+ char BgColor[Usr_MAX_LENGTH_BG_COLOR + 1];
+ char PhotoURL[PATH_MAX + 1];
bool ShowPhoto;
bool UsrIsTheMsgSender = PutCheckBoxToSelectUsr &&
(UsrDat->UsrCod == Gbl.Usrs.Other.UsrDat.UsrCod);
@@ -2976,7 +2972,7 @@ void Usr_WriteRowUsrMainData (unsigned NumUsr,struct UsrData *UsrDat,
/***** Checkbox to select user *****/
// Two colors are used alternatively to better distinguish the rows
if (UsrIsTheMsgSender)
- strcpy (BgColor,"LIGHT_GREEN");
+ Str_Copy (BgColor,"LIGHT_GREEN",Usr_MAX_LENGTH_BG_COLOR);
else
sprintf (BgColor,"COLOR%u",Gbl.RowEvenOdd);
@@ -3156,7 +3152,7 @@ static void Usr_WriteRowStdAllData (struct UsrData *UsrDat,char *GroupNames)
unsigned NumGrpTyp,NumField;
MYSQL_RES *mysql_res;
MYSQL_ROW row;
- char Text[Cns_MAX_BYTES_TEXT+1];
+ char Text[Cns_MAX_BYTES_TEXT + 1];
struct Instit Ins;
bool ShowData = (Gbl.Usrs.Me.LoggedRole == Rol_TEACHER && UsrDat->Accepted) ||
Gbl.Usrs.Me.LoggedRole >= Rol_DEG_ADM;
@@ -3246,7 +3242,7 @@ static void Usr_WriteRowStdAllData (struct UsrData *UsrDat,char *GroupNames)
if (Rec_GetFieldFromCrsRecord (UsrDat->UsrCod,Gbl.CurrentCrs.Records.LstFields.Lst[NumField].FieldCod,&mysql_res))
{
row = mysql_fetch_row (mysql_res);
- strcpy (Text,row[0]);
+ Str_Copy (Text,row[0],Cns_MAX_BYTES_TEXT);
Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML,
Text,Cns_MAX_BYTES_TEXT,false); // Se convierte of HTML a HTML respetuoso
}
@@ -4780,12 +4776,14 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop
void Usr_CopyBasicUsrDataFromList (struct UsrData *UsrDat,const struct UsrInList *UsrInList)
{
UsrDat->UsrCod = UsrInList->UsrCod;
- strcpy (UsrDat->EncryptedUsrCod,UsrInList->EncryptedUsrCod);
- strcpy (UsrDat->Surname1 ,UsrInList->Surname1);
- strcpy (UsrDat->Surname2 ,UsrInList->Surname2);
- strcpy (UsrDat->FirstName ,UsrInList->FirstName);
+ Str_Copy (UsrDat->EncryptedUsrCod,UsrInList->EncryptedUsrCod,
+ Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
+ Str_Copy (UsrDat->Surname1 ,UsrInList->Surname1 ,Usr_MAX_BYTES_NAME);
+ Str_Copy (UsrDat->Surname2 ,UsrInList->Surname2 ,Usr_MAX_BYTES_NAME);
+ Str_Copy (UsrDat->FirstName,UsrInList->FirstName,Usr_MAX_BYTES_NAME);
UsrDat->Sex = UsrInList->Sex;
- strcpy (UsrDat->Photo ,UsrInList->Photo);
+ Str_Copy (UsrDat->Photo,UsrInList->Photo,
+ Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
UsrDat->PhotoVisibility = UsrInList->PhotoVisibility;
UsrDat->InsCod = UsrInList->InsCod;
UsrDat->RoleInCurrentCrsDB = UsrInList->RoleInCurrentCrsDB;
@@ -5120,7 +5118,8 @@ bool Usr_GetListMsgRecipientsWrittenExplicitelyBySender (bool WriteErrorMsgs)
if (LengthSelectedUsrsCods == 0) // First user in list
{
if (strlen (UsrDat.EncryptedUsrCod) < Usr_MAX_BYTES_LIST_ENCRYPTED_USR_CODS)
- strcpy (Gbl.Usrs.Select.All,UsrDat.EncryptedUsrCod); // Add first user
+ Str_Copy (Gbl.Usrs.Select.All,UsrDat.EncryptedUsrCod,
+ Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); // Add first user
}
else // Not first user in list
{
diff --git a/swad_user.h b/swad_user.h
index 3757a915..c313db2e 100644
--- a/swad_user.h
+++ b/swad_user.h
@@ -62,10 +62,11 @@
#define Usr_MAX_BYTES_SURNAMES (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME)
// Surname1 +' '+ Surname2
-#define Usr_MAX_BYTES_FULL_NAME (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME + 1 + 1 + Usr_MAX_BYTES_NAME)
- // Surname1 +' '+ Surname2 +','+' '+ FirstName
+#define Usr_MAX_BYTES_FULL_NAME (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME + 6 + Usr_MAX_BYTES_NAME)
+ // Surname1 +' '+ Surname2 + ','+' ' + FirstName
+ // Surname1 +' '+ Surname2 + '
' + FirstName
-#define Usr_BIRTHDAY_STR_DB_LENGTH (1+4+1+2+1+2+1) // "'%04u-%02u-%02u'"
+#define Usr_BIRTHDAY_STR_DB_LENGTH (4+1+2+1+2) // "'%04u-%02u-%02u'"
#define Usr_MAX_LENGTH_PHONE 16
#define Usr_MAX_BYTES_PHONE 16
@@ -292,7 +293,7 @@ void Usr_WriteFormLogin (Act_Action_t NextAction,void (*FuncParams) ());
void Usr_WelcomeUsr (void);
void Usr_CreateBirthdayStrDB (const struct UsrData *UsrDat,
- char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]);
+ char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]);
void Usr_PutFormLogIn (void);
void Usr_WriteLoggedUsrHead (void);
diff --git a/swad_web_service.c b/swad_web_service.c
index d11548c1..f158c978 100644
--- a/swad_web_service.c
+++ b/swad_web_service.c
@@ -204,10 +204,11 @@ Svc_Role_t Svc_RolRole_to_SvcRole[Rol_NUM_ROLES] =
static int Svc_GetPlgCodFromAppKey (const char *appKey);
static int Svc_CheckIdSession (const char *IdSession);
-static int Svc_CheckWSKey (char *WSKey);
+static int Svc_CheckWSKey (char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]);
static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod);
-static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey);
+static int Svc_GenerateNewWSKey (long UsrCod,
+ char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]);
static int Svc_RemoveOldWSKeys (void);
static int Svc_GetCurrentDegCodFromCurrentCrsCod (void);
static bool Svc_GetSomeUsrDataFromUsrCod (struct UsrData *UsrDat,long CrsCod);
@@ -370,7 +371,7 @@ static int Svc_CheckIdSession (const char *IdSession)
/************** Check if a web service key exists in database ****************/
/*****************************************************************************/
-static int Svc_CheckWSKey (char *WSKey)
+static int Svc_CheckWSKey (char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1])
{
char Query[512];
MYSQL_RES *mysql_res;
@@ -441,7 +442,8 @@ static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod)
/***** Generate a key used in subsequents calls to other web services ********/
/*****************************************************************************/
-static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey)
+static int Svc_GenerateNewWSKey (long UsrCod,
+ char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1])
{
int ReturnCode;
char Query[512];
@@ -451,7 +453,8 @@ static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey)
return ReturnCode;
/***** Create a unique name for the key *****/
- strcpy (WSKey,Gbl.UniqueNameEncrypted);
+ Str_Copy (WSKey,Gbl.UniqueNameEncrypted,
+ Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
/***** Check that key does not exist in database *****/
sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'",
@@ -558,10 +561,7 @@ static bool Svc_GetSomeUsrDataFromUsrCod (struct UsrData *UsrDat,long CrsCod)
Str_Copy (UsrDat->Photo,row[3],Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
/* Get user's brithday */
- if (row[4])
- Str_Copy (UsrDat->Birthday.YYYYMMDD,row[4],Dat_LENGTH_YYYYMMDD);
- else
- strcpy (UsrDat->Birthday.YYYYMMDD,"00000000");
+ Dat_GetDateFromYYYYMMDD (&(UsrDat->Birthday),row[4]);
/* Free structure that stores the query result */
DB_FreeMySQLResult (&mysql_res);
@@ -674,7 +674,8 @@ int swad__createAccount (struct soap *soap,
Gbl.Usrs.Me.UsrDat.IDs.List = NULL;
/***** Set password to the password typed by the user *****/
- strcpy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword);
+ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword,
+ Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64);
/***** User does not exist in the platform, so create him/her! *****/
Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat,
@@ -682,13 +683,14 @@ int swad__createAccount (struct soap *soap,
/***** Save nickname *****/
Nck_UpdateMyNick (NewNicknameWithoutArroba);
- strcpy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba);
+ Str_Copy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba,
+ Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA);
/***** Save email *****/
if (Mai_UpdateEmailInDB (&Gbl.Usrs.Me.UsrDat,userEmail))
{
/* Email updated sucessfully */
- strcpy (Gbl.Usrs.Me.UsrDat.Email,userEmail);
+ Str_Copy (Gbl.Usrs.Me.UsrDat.Email,userEmail,Usr_MAX_BYTES_USR_EMAIL);
Gbl.Usrs.Me.UsrDat.EmailConfirmed = false;
}
@@ -766,7 +768,7 @@ int swad__loginByUserPasswordKey (struct soap *soap,
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned NumRows;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
bool UsrFound;
/***** Initializations *****/
@@ -780,7 +782,7 @@ int swad__loginByUserPasswordKey (struct soap *soap,
loginByUserPasswordKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
loginByUserPasswordKeyOut->userSurname1 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
loginByUserPasswordKeyOut->userSurname2 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
- loginByUserPasswordKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ loginByUserPasswordKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
loginByUserPasswordKeyOut->userBirthday = (char *) soap_malloc (Gbl.soap,Dat_LENGTH_YYYYMMDD + 1);
/***** Default values returned on error *****/
@@ -885,7 +887,7 @@ int swad__loginByUserPasswordKey (struct soap *soap,
Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Me.UsrDat,PhotoURL);
- Str_Copy (loginByUserPasswordKeyOut->userPhoto,PhotoURL,Cns_MAX_BYTES_URL);
+ Str_Copy (loginByUserPasswordKeyOut->userPhoto,PhotoURL,Cns_MAX_LENGTH_WWW);
Str_Copy (loginByUserPasswordKeyOut->userBirthday,
Gbl.Usrs.Me.UsrDat.Birthday.YYYYMMDD,Dat_LENGTH_YYYYMMDD);
@@ -925,7 +927,7 @@ int swad__loginBySessionKey (struct soap *soap,
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned NumRows;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
bool UsrFound;
/***** Initializations *****/
@@ -939,7 +941,7 @@ int swad__loginBySessionKey (struct soap *soap,
loginBySessionKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
loginBySessionKeyOut->userSurname1 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
loginBySessionKeyOut->userSurname2 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1);
- loginBySessionKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ loginBySessionKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
loginBySessionKeyOut->userBirthday = (char *) soap_malloc (Gbl.soap,Dat_LENGTH_YYYYMMDD + 1);
loginBySessionKeyOut->degreeName = (char *) soap_malloc (Gbl.soap,Deg_MAX_LENGTH_DEGREE_FULL_NAME + 1);
loginBySessionKeyOut->courseName = (char *) soap_malloc (Gbl.soap,Crs_MAX_LENGTH_COURSE_FULL_NAME + 1);
@@ -1033,7 +1035,7 @@ int swad__loginBySessionKey (struct soap *soap,
Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Me.UsrDat,PhotoURL);
- Str_Copy (loginBySessionKeyOut->userPhoto,PhotoURL,Cns_MAX_BYTES_URL);
+ Str_Copy (loginBySessionKeyOut->userPhoto,PhotoURL,Cns_MAX_LENGTH_WWW);
Str_Copy (loginBySessionKeyOut->userBirthday,
Gbl.Usrs.Me.UsrDat.Birthday.YYYYMMDD,Dat_LENGTH_YYYYMMDD);
@@ -1238,6 +1240,7 @@ int swad__getCourseInfo (struct soap *soap,
{
int ReturnCode;
Inf_InfoType_t InfoType;
+ size_t Length;
Inf_InfoSrc_t InfoSrc;
bool MustBeRead;
int Result = SOAP_OK;
@@ -1306,8 +1309,9 @@ int swad__getCourseInfo (struct soap *soap,
"Unknown requested info type");
Gbl.CurrentCrs.Info.Type = InfoType;
Inf_GetAndCheckInfoSrcFromDB (Gbl.CurrentCrs.Crs.CrsCod,Gbl.CurrentCrs.Info.Type,&InfoSrc,&MustBeRead);
- getCourseInfo->infoSrc = (char *) soap_malloc (Gbl.soap,strlen (NamesInWSForInfoSrc[InfoSrc]) + 1);
- strcpy (getCourseInfo->infoSrc,NamesInWSForInfoSrc[InfoSrc]);
+ Length = strlen (NamesInWSForInfoSrc[InfoSrc]);
+ getCourseInfo->infoSrc = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (getCourseInfo->infoSrc,NamesInWSForInfoSrc[InfoSrc],Length);
/***** Set paths *****/
Hie_InitHierarchy ();
@@ -1337,7 +1341,7 @@ int swad__getCourseInfo (struct soap *soap,
Result = Inf_WritePageIntoHTMLBuffer (&(getCourseInfo->infoTxt));
break;
case Inf_INFO_SRC_URL: // Link to a web page
- getCourseInfo->infoTxt = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ getCourseInfo->infoTxt = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
Inf_WriteURLIntoTxtBuffer (getCourseInfo->infoTxt);
break;
}
@@ -1984,40 +1988,47 @@ int swad__sendMyGroups (struct soap *soap,
static void Svc_CopyUsrData (struct swad__user *Usr,struct UsrData *UsrDat,bool UsrIDIsVisible)
{
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
const char *FirstID;
+ size_t Length;
/* Copy user's code */
Usr->userCode = UsrDat->UsrCod;
/* Copy user's nickname */
- Usr->userNickname = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Nickname) + 1);
- strcpy (Usr->userNickname,UsrDat->Nickname);
+ Length = strlen (UsrDat->Nickname);
+ Usr->userNickname = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userNickname,UsrDat->Nickname,Length);
/* Copy user's first ID */
if (UsrIDIsVisible && UsrDat->IDs.List)
FirstID = UsrDat->IDs.List[0].ID;
else // Hide user's ID
FirstID = "********";
- Usr->userID = (char *) soap_malloc (Gbl.soap,strlen (FirstID) + 1);
- strcpy (Usr->userID,FirstID);
+ Length = strlen (FirstID);
+ Usr->userID = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userID,FirstID,Length);
/* Copy user's surname1 */
- Usr->userSurname1 = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Surname1) + 1);
- strcpy (Usr->userSurname1,UsrDat->Surname1);
+ Length = strlen (UsrDat->Surname1);
+ Usr->userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userSurname1,UsrDat->Surname1,Length);
/* Copy user's surname2 */
- Usr->userSurname2 = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Surname2) + 1);
- strcpy (Usr->userSurname2,UsrDat->Surname2);
+ Length = strlen (UsrDat->Surname2);
+ Usr->userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userSurname2,UsrDat->Surname2,Length);
/* Copy user's first name */
- Usr->userFirstname = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->FirstName) + 1);
- strcpy (Usr->userFirstname,UsrDat->FirstName);
+ Length = strlen (UsrDat->FirstName);
+ Usr->userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userFirstname,UsrDat->FirstName,Length);
/* User's photo URL */
Pho_BuildLinkToPhoto (UsrDat,PhotoURL);
- Usr->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
- strcpy (Usr->userPhoto,PhotoURL);
+ Length = strlen (PhotoURL);
+ Usr->userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (Usr->userPhoto,PhotoURL,Length);
}
/*****************************************************************************/
@@ -2034,7 +2045,7 @@ int swad__getAttendanceEvents (struct soap *soap,
MYSQL_ROW row;
int NumAttEvent;
long AttCod;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
long StartTime;
long EndTime;
size_t Length;
@@ -2111,24 +2122,24 @@ int swad__getAttendanceEvents (struct soap *soap,
{
Length = strlen (Gbl.Usrs.Other.UsrDat.Surname1);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1,
- Gbl.Usrs.Other.UsrDat.Surname1);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1,
+ Gbl.Usrs.Other.UsrDat.Surname1,Length);
Length = strlen (Gbl.Usrs.Other.UsrDat.Surname2);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2,
- Gbl.Usrs.Other.UsrDat.Surname2);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2,
+ Gbl.Usrs.Other.UsrDat.Surname2,Length);
Length = strlen (Gbl.Usrs.Other.UsrDat.FirstName);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname,
- Gbl.Usrs.Other.UsrDat.FirstName);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname,
+ Gbl.Usrs.Other.UsrDat.FirstName,Length);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL);
Length = strlen (PhotoURL);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto,
- PhotoURL);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto,
+ PhotoURL,Length);
}
else
{
@@ -2157,14 +2168,14 @@ int swad__getAttendanceEvents (struct soap *soap,
/* Get title of the event (row[6]) */
Length = strlen (row[6]);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title,
- row[6]);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title,
+ row[6],Length);
/* Get Txt (row[7]) */
Length = strlen (row[7]);
getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text,
- row[7]);
+ Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text,
+ row[7],Length);
/* Get list of groups for this attendance event */
Svc_GetListGrpsInAttendanceEventFromDB (AttCod,&(getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].groups));
@@ -2450,7 +2461,7 @@ int swad__getAttendanceUsers (struct soap *soap,
MYSQL_RES *mysql_res;
MYSQL_ROW row;
unsigned NumRow,NumRows;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
size_t Length;
/***** Initializations *****/
@@ -2552,13 +2563,15 @@ int swad__getAttendanceUsers (struct soap *soap,
{
Length = strlen (Gbl.Usrs.Other.UsrDat.Nickname);
getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname,Gbl.Usrs.Other.UsrDat.Nickname);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname,
+ Gbl.Usrs.Other.UsrDat.Nickname,Length);
if (Gbl.Usrs.Other.UsrDat.IDs.Num)
{
Length = strlen (Gbl.Usrs.Other.UsrDat.IDs.List[0].ID); // TODO: What user's ID?
getAttendanceUsersOut->usersArray.__ptr[NumRow].userID = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userID,Gbl.Usrs.Other.UsrDat.IDs.List[0].ID);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userID,
+ Gbl.Usrs.Other.UsrDat.IDs.List[0].ID,Length);
}
else
{
@@ -2568,20 +2581,24 @@ int swad__getAttendanceUsers (struct soap *soap,
Length = strlen (Gbl.Usrs.Other.UsrDat.Surname1);
getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1,Gbl.Usrs.Other.UsrDat.Surname1);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1,
+ Gbl.Usrs.Other.UsrDat.Surname1,Length);
Length = strlen (Gbl.Usrs.Other.UsrDat.Surname2);
getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2,Gbl.Usrs.Other.UsrDat.Surname2);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2,
+ Gbl.Usrs.Other.UsrDat.Surname2,Length);
Length = strlen (Gbl.Usrs.Other.UsrDat.FirstName);
getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname,Gbl.Usrs.Other.UsrDat.FirstName);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname,
+ Gbl.Usrs.Other.UsrDat.FirstName,Length);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL);
Length = strlen (PhotoURL);
getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1);
- strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto,PhotoURL);
+ Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto,
+ PhotoURL,Length);
}
else
{
@@ -2749,7 +2766,7 @@ int swad__getNotifications (struct soap *soap,
long NtfCod;
Ntf_NotifyEvent_t NotifyEvent;
long EventTime;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
struct Instit Ins;
struct Centre Ctr;
struct Degree Deg;
@@ -2759,6 +2776,7 @@ int swad__getNotifications (struct soap *soap,
char SummaryStr[Cns_MAX_BYTES_TEXT + 1];
char *ContentStr;
Ntf_Status_t Status;
+ size_t Length;
/***** Initializations *****/
Gbl.soap = soap;
@@ -2848,9 +2866,9 @@ int swad__getNotifications (struct soap *soap,
Gbl.Usrs.Other.UsrDat.FirstName,Usr_MAX_BYTES_NAME);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL);
- getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto,
- PhotoURL,Cns_MAX_BYTES_URL);
+ PhotoURL,Cns_MAX_LENGTH_WWW);
}
else
{
@@ -2905,7 +2923,8 @@ int swad__getNotifications (struct soap *soap,
sprintf (getNotificationsOut->notificationsArray.__ptr[NumNotif].location,"%s: %s",
Txt_Institution,Ins.ShrtName);
else
- strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].location,"-");
+ Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].location,
+ "-",Ntf_MAX_LENGTH_NOTIFY_LOCATION);
/* Get status (row[9]) */
if (sscanf (row[9],"%u",&Status) != 1)
@@ -2918,8 +2937,10 @@ int swad__getNotifications (struct soap *soap,
Cod,Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod,
Cfg_MAX_CHARS_NOTIF_SUMMARY_WEB_SERVICE,true);
- getNotificationsOut->notificationsArray.__ptr[NumNotif].summary = (char *) soap_malloc (Gbl.soap,strlen (SummaryStr)+1);
- strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].summary,SummaryStr);
+ Length = strlen (SummaryStr);
+ getNotificationsOut->notificationsArray.__ptr[NumNotif].summary = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].summary,
+ SummaryStr,Length);
if (ContentStr == NULL)
{
@@ -2928,8 +2949,10 @@ int swad__getNotifications (struct soap *soap,
}
else
{
- getNotificationsOut->notificationsArray.__ptr[NumNotif].content = (char *) soap_malloc (Gbl.soap,strlen (ContentStr)+1);
- strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].content,ContentStr);
+ Length = strlen (ContentStr);
+ getNotificationsOut->notificationsArray.__ptr[NumNotif].content = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].content,
+ ContentStr,Length);
/* Free memory used by content string */
free ((void *) ContentStr);
@@ -4365,7 +4388,7 @@ static bool Svc_WriteRowFileBrowser (unsigned Level,Brw_FileType_t FileType,cons
extern const char *Txt_NEW_LINE;
extern const char *Txt_LICENSES[Brw_NUM_LICENSES];
struct FileMetadata FileMetadata;
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
/***** Is this row hidden or visible? *****/
if (Gbl.FileBrowser.Type == Brw_SHOW_DOCUM_CRS ||
@@ -4441,8 +4464,8 @@ int swad__getFile (struct soap *soap,
extern const char *Txt_LICENSES[Brw_NUM_LICENSES];
int ReturnCode;
struct FileMetadata FileMetadata;
- char URL[Cns_MAX_BYTES_URL + 1];
- char PhotoURL[Cns_MAX_BYTES_URL + 1];
+ char URL[Cns_MAX_LENGTH_WWW + 1];
+ char PhotoURL[Cns_MAX_LENGTH_WWW + 1];
/***** Initializations *****/
Gbl.soap = soap;
@@ -4450,10 +4473,10 @@ int swad__getFile (struct soap *soap,
/***** Allocate space for strings *****/
getFileOut->fileName = (char *) soap_malloc (Gbl.soap,NAME_MAX + 1);
- getFileOut->URL = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ getFileOut->URL = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
getFileOut->license = (char *) soap_malloc (Gbl.soap,Brw_MAX_LENGTH_LICENSE + 1);
getFileOut->publisherName = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_FULL_NAME + 1);
- getFileOut->publisherPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1);
+ getFileOut->publisherPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1);
/***** Default values returned on error *****/
getFileOut->fileName[0] = '\0';
@@ -4561,7 +4584,7 @@ int swad__getFile (struct soap *soap,
/***** Copy data into output structure *****/
Str_Copy (getFileOut->fileName,FileMetadata.FilFolLnkName,NAME_MAX);
- Str_Copy (getFileOut->URL,URL,Cns_MAX_BYTES_URL);
+ Str_Copy (getFileOut->URL,URL,Cns_MAX_LENGTH_WWW);
getFileOut->size = (int) FileMetadata.Size;
@@ -4579,7 +4602,7 @@ int swad__getFile (struct soap *soap,
Usr_MAX_BYTES_FULL_NAME);
Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL);
- Str_Copy (getFileOut->publisherPhoto,PhotoURL,Cns_MAX_BYTES_URL);
+ Str_Copy (getFileOut->publisherPhoto,PhotoURL,Cns_MAX_LENGTH_WWW);
}
return SOAP_OK;
@@ -4597,6 +4620,7 @@ int swad__getMarks (struct soap *soap,
struct FileMetadata FileMetadata;
char SummaryStr[NAME_MAX+1]; // Really not used
char *ContentStr;
+ size_t Length;
/***** Initializations *****/
Gbl.soap = soap;
@@ -4664,10 +4688,9 @@ int swad__getMarks (struct soap *soap,
0,true);
if (ContentStr != NULL)
{
- getMarksOut->content = (char *) soap_malloc (Gbl.soap,strlen (ContentStr)+1);
-
- strcpy (getMarksOut->content,ContentStr);
-
+ Length = strlen (ContentStr);
+ getMarksOut->content = (char *) soap_malloc (Gbl.soap,Length + 1);
+ Str_Copy (getMarksOut->content,ContentStr,Length);
free ((void *) ContentStr);
ContentStr = NULL;
}
diff --git a/swad_zip.c b/swad_zip.c
index 211a28ec..23f39168 100644
--- a/swad_zip.c
+++ b/swad_zip.c
@@ -29,7 +29,7 @@
#include // For errno
#include // For PATH_MAX
#include // For system...
-#include // For strcpy...
+#include // For string functions...
#include // For mkdir...
#include // For mkdir...
#include // For chdir...
@@ -272,7 +272,7 @@ static void ZIP_CreateTmpDirForCompression (void)
Fil_RemoveOldTmpFiles (PathZipPriv,Cfg_TIME_TO_DELETE_BROWSER_ZIP_FILES,false);
/***** Create a new temporary directory *****/
- strcpy (Gbl.FileBrowser.ZIP.TmpDir,Gbl.UniqueNameEncrypted);
+ Str_Copy (Gbl.FileBrowser.ZIP.TmpDir,Gbl.UniqueNameEncrypted,NAME_MAX);
sprintf (PathDirTmp,"%s/%s",PathZipPriv,Gbl.FileBrowser.ZIP.TmpDir);
if (mkdir (PathDirTmp,(mode_t) 0xFFF))
Lay_ShowErrorAndExit ("Can not create temporary folder for compression.");
@@ -283,14 +283,14 @@ static void ZIP_CreateTmpDirForCompression (void)
/**************** in the temporary directory of compression ******************/
/*****************************************************************************/
+#define ZIP_MAX_LENGTH_FULL_NAME_AND_ID (Usr_MAX_BYTES_FULL_NAME + 1 + ID_MAX_LENGTH_USR_ID + 10)
+
static void ZIP_CreateDirCompressionUsr (struct UsrData *UsrDat)
{
- char FullNameAndUsrID[(Usr_MAX_BYTES_NAME + 1)*3+
- ID_MAX_LENGTH_USR_ID+1+
- 10+1];
- char PathFolderUsrInsideCrs[PATH_MAX+1];
- char LinkTmpUsr[PATH_MAX+1];
- char Link[PATH_MAX+1];
+ char FullNameAndUsrID[ZIP_MAX_LENGTH_FULL_NAME_AND_ID + 1];
+ char PathFolderUsrInsideCrs[PATH_MAX + 1];
+ char LinkTmpUsr[PATH_MAX + 1];
+ char Link[PATH_MAX + 1];
unsigned NumTry;
bool Success;
@@ -298,7 +298,7 @@ static void ZIP_CreateDirCompressionUsr (struct UsrData *UsrDat)
with a name that identifies the owner
of the assignments and works *****/
/* Create link name for this user */
- strcpy (FullNameAndUsrID,UsrDat->Surname1);
+ Str_Copy (FullNameAndUsrID,UsrDat->Surname1,ZIP_MAX_LENGTH_FULL_NAME_AND_ID);
if (UsrDat->Surname1[0] &&
UsrDat->Surname2[0])
strcat (FullNameAndUsrID,"_"); // Separation between surname 1 and surname 2