iens

Manager of links to read
git clone https://git.instinctive.eu/iens.git
Log | Files | Refs | README | LICENSE
commit 0a4b2cc208843e2b18ec6613b00fbaeb7fbeb3c4
parent 11850cdbfb55e797c621981a9cbf55c4b54be930
Author: Natasha Kerensikova <natgh@instinctive.eu>
Date:   Thu, 19 Mar 2026 20:25:31 +0000

Parameters are percent-decoded
Diffstat:

Msrc/cgi.scm | 46+++++++++++++++++++++++++++++++++++++---------


1 file changed, 37 insertions(+), 9 deletions(-)

diff --git a/src/cgi.scm b/src/cgi.scm
@@ -84,13 +84,41 @@ END-OF-CSS
     (if ct (string->number ct) 0)))
 (define input-text (read-string content-length))
 (define input-list
-  (map
-    (lambda (s)
-      (let ((index (substring-index "=" s)))
-        (if index
-            (list (substring s 0 index) (substring s (+ 1 index)))
-            s)))
-    (string-split input-text "&")))
+  (let* ((hdigit* (any-of (preceded-by (is #\0) (result  0))
+                          (preceded-by (is #\1) (result  1))
+                          (preceded-by (is #\2) (result  2))
+                          (preceded-by (is #\3) (result  3))
+                          (preceded-by (is #\4) (result  4))
+                          (preceded-by (is #\5) (result  5))
+                          (preceded-by (is #\6) (result  6))
+                          (preceded-by (is #\7) (result  7))
+                          (preceded-by (is #\8) (result  8))
+                          (preceded-by (is #\9) (result  9))
+                          (preceded-by (is #\a) (result 10))
+                          (preceded-by (is #\A) (result 10))
+                          (preceded-by (is #\b) (result 11))
+                          (preceded-by (is #\B) (result 11))
+                          (preceded-by (is #\c) (result 12))
+                          (preceded-by (is #\C) (result 12))
+                          (preceded-by (is #\d) (result 13))
+                          (preceded-by (is #\D) (result 13))
+                          (preceded-by (is #\e) (result 14))
+                          (preceded-by (is #\E) (result 14))
+                          (preceded-by (is #\f) (result 15))
+                          (preceded-by (is #\F) (result 15))))
+         (pct*    (sequence* ((_ (is #\%))
+                              (h hdigit*)
+                              (l hdigit*))
+                    (result (integer->char (+ (* 16 h) l)))))
+         (value*  (as-string (repeated (any-of pct* item) until: (is #\&))))
+         (name*   (as-string (repeated item until: (is #\=))))
+         (pair*   (sequence* ((n name*)
+                              (_ (is #\=))
+                              (v value*)
+                              (_ (is #\&)))
+                    (result (list n (string-translate v "\r")))))
+         (parser  (zero-or-more pair*)))
+    (parse parser (string-append input-text "&"))))
 (define (input-var name)
   (let loop ((rest input-list))
     (cond ((null? rest) #f)
@@ -325,8 +353,8 @@ END-OF-CSS
         (sql/transient db
           "UPDATE gruik SET mtime=?,notes=trim(notes||char(10)||?,char(10)),description=? WHERE mark=1 AND id=?;")
         (current-seconds)
-        (string-translate (required-input-var "notes") "\r")
-        (string-translate (required-input-var "description") "\r")
+        (required-input-var "notes")
+        (required-input-var "description")
         id))
     id))