From 08fdf170d51768125fc104ff964bb3bad29f3891 Mon Sep 17 00:00:00 2001
From: heav-4 <heavpoot@gmail.com>
Date: Mon, 7 Feb 2022 03:48:44 +0000
Subject: Added #add directive and flags table. Hi citrons

---
 zzcxz.cgi | 44 ++++++++++++++++++++++++++++++++++++--------
 1 file changed, 36 insertions(+), 8 deletions(-)

diff --git a/zzcxz.cgi b/zzcxz.cgi
index d5a62b6..74dbfc5 100755
--- a/zzcxz.cgi
+++ b/zzcxz.cgi
@@ -33,7 +33,8 @@ local function html_encode(x)
 	return escaped
 end
 
-local function parse_qs(str)
+local function parse_qs(str,sep)
+	sep = sep or "&"
 	local function decode(str, path)
 		local str = str
 		if not path then
@@ -45,7 +46,7 @@ local function parse_qs(str)
 	end
 
 	local values = {}
-	for key,val in str:gmatch(string.format('([^%q=]+)(=*[^%q=]*)', '&', '&')) do
+	for key,val in str:gmatch(string.format('([^%q=]+)(=*[^%q=]*)', sep, sep)) do
 		local key = decode(key)
 		local keys = {}
 		key = key:gsub('%[([^%]]*)%]', function(v)
@@ -91,6 +92,14 @@ local function parse_qs(str)
 	return values
 end
 
+local cookies = parse_qs(env "HTTP_COOKIE","; ")
+local flags = {}
+for k,v in pairs(cookies) do
+	if k:sub(1,5) == "flag_" then
+		flags[k:sub(6)] = v
+	end
+end
+
 local function redirect(to)
 	return "", {
 		status = '303 see other',
@@ -153,6 +162,16 @@ local function parse_directive(line, directives)
 		local redirect = args:match "^%s*(%w%w%w%w%w)%s*$"
 		if not redirect then return end
 		directives.redirect = redirect
+	elseif directive == "set" then
+		if args:match "^%s*$" then return end
+		local flagname = args:match "^%s*(%w+)%s*$"
+		local text = ""
+		if not flagname then
+			flagname, text = args:match "^%s*(%w+)%s*(%w+)%s*$"
+			if not flagname or not text or utf8.len(text) > 1000 then return end
+		end
+		if utf8.len(flagname) > 150 then return end
+		directives.flags["flag_"..flagname] = url_encode(text)
 	else
 		return
 	end
@@ -162,7 +181,7 @@ end
 local load_page
 local function convert_markup(m)
 	local result = {}
-	local directives = {}
+	local directives = {flags={}}
 	local code_block = false
 	for line in (m..'\n'):gmatch "(.-)\n" do
 		if not code_block then
@@ -301,7 +320,10 @@ map["^/g/(%w%w%w%w%w)$"] = function(p)
 	local page = load_page(p)
 	if not page then return not_found() end
 	local _, directives = convert_markup(page.content)
-
+	local cookies = {}
+	for k,v in pairs(directives.flags) do
+		table.insert(cookies,k.."="..v.."; Secure; Max-Age=1000000000")
+	end
 	if env "REQUEST_METHOD" ~= "POST" then
 		local actions = {}
 		for _,a in ipairs(page.actions) do
@@ -324,8 +346,8 @@ map["^/g/(%w%w%w%w%w)$"] = function(p)
 				title = html_encode(page.title),
 				content = convert_markup(page.content),
 				actions = table.concat(actions),
-			},
-		}
+			}
+		}, {headers = {["set-cookie"] = cookies, bee = "apio form"}}
 	else
 		if directives.deadend then
 			return base {
@@ -471,10 +493,16 @@ resp.content_type = resp.content_type or 'text/html'
 resp.status = resp.status or '200 OK'
 resp.headers = resp.headers or {}
 resp.headers['content-type'] = resp.content_type
-
+resp.headers.apioform = 3.5
 print("status: "..resp.status)
 for k,v in pairs(resp.headers) do
-	print(("%s: %s"):format(k, v))
+	if type(v) == "table" then
+		for _,v2 in ipairs(v) do
+			print(("%s: %s"):format(k, v2))
+		end
+	else
+		print(("%s: %s"):format(k, v))
+	end
 end
 
 print ""
-- 
cgit v1.2.3