#include #include "cgi_post.h" using namespace std; namespace { string make_presentable(const string& str); string encode_all(const string& s); struct cgi_variables { string name; string sex; string humor; string fish; string glycol; string svga; string angst; string catcon; string vitamin; cgi_variables(cgi_post& cgi) { name = encode_all(cgi["name"]); sex = encode_all(cgi["sex"]); humor = cgi["humor"]; fish = cgi["fish"]; glycol = cgi["glycol"]; svga = cgi["svga"]; angst = cgi["angst"]; catcon = cgi["catcon"]; vitamin = cgi["vitamin"]; } bool contains_things() { if( humor.length() > 0 || fish.length() > 0 || glycol.length() > 0 || svga.length() > 0 || angst.length() > 0 || catcon.length() > 0 || vitamin.length() > 0 ) { return true; } return false; } }; string make_presentable(const string& s) { // // For the ISO-8859-1 character set, these are the known // metacharacters for basic presentation. There are other // contexts where there are different metacharacters. See the // following URL: // // http://www.cert.org/tech_tips/malicious_code_mitigation.html // string rv; string::size_type len = s.length(); for( unsigned i = 0 ; i < len ; ++i ) { switch( s[i] ) { case '<': rv += "<"; break; case '>': rv += ">"; break; case '&': rv += "&"; break; default: rv += s[i]; break; } } return rv; } string encode_all(const string& s) { // // Sometimes the easiest thing to do is to just encoded everything // in the untrusted string. // static char* encode_all_map[] = { "�", "", "", "", "", "", "", "", "", " ", " ", " ", " ", " ", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", " ", "!", """, "#", "$", "%", "&", "'", "(", ")", "*", "+", ",", "-", ".", "/", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", ":", ";", "<", "=", ">", "?", "@", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "[", "\", "]", "^", "_", "`", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "{", "|", "}", "~", "", "€", "", "‚", "ƒ", "„", "…", "†", "‡", "ˆ", "‰", "Š", "‹", "Œ", "", "Ž", "", "", "‘", "’", "“", "”", "•", "–", "—", "˜", "™", "š", "›", "œ", "", "ž", "Ÿ", " ", "¡", "¢", "£", "¤", "¥", "¦", "§", "¨", "©", "ª", "«", "¬", "­", "®", "¯", "°", "±", "²", "³", "´", "µ", "¶", "·", "¸", "¹", "º", "»", "¼", "½", "¾", "¿", "À", "Á", "Â", "Ã", "Ä", "Å", "Æ", "Ç", "È", "É", "Ê", "Ë", "Ì", "Í", "Î", "Ï", "Ð", "Ñ", "Ò", "Ó", "Ô", "Õ", "Ö", "×", "Ø", "Ù", "Ú", "Û", "Ü", "Ý", "Þ", "ß", "à", "á", "â", "ã", "ä", "å", "æ", "ç", "è", "é", "ê", "ë", "ì", "í", "î", "ï", "ð", "ñ", "ò", "ó", "ô", "õ", "ö", "÷", "ø", "ù", "ú", "û", "ü", "ý", "þ", "ÿ" }; string rv; string::size_type len = s.length(); for( unsigned i = 0 ; i < len ; ++i ) { unsigned s_value = s[i]; if( s_value < 256 ) { rv += encode_all_map[s_value]; } } return rv; } } int main(int argc, char* argv[]) { try { cgi_post cgi; cgi_variables vars(cgi); // This is where you put your HTML headers. Notice that a double // space separates the headers from the HTML you see. They've // added a meta tag for Content-Type, but it seems you still need // this header. cout << "Content-Type: text/html" << "\n"; cout << "\n"; cout << "" << "\n"; cout << " " << "\n"; cout << " " << "\n"; cout << " The Surrealist's Survey: Thank You" << "\n"; cout << " " << "\n"; cout << " " << "\n"; cout << "

Thank You for Participating

" << "\n"; cout << "
" << "\n"; cout << "

Your responses were:

" << "\n"; cout << " " << "\n"; cout << "
" << "\n"; cout << "
" << "\n"; // For serice.net: cout << " " << "\n"; // For local: //cout << " " << "\n"; cout << "
" << "\n"; cout << " " << "\n"; cout << "" << "\n"; } catch( exception& e) { cerr << e.what() << "\n"; return 1; } return 0; }