]> git.p6c8.net - devedit.git/blob - devedit.pl
Changed license to Artistic License 2.0
[devedit.git] / devedit.pl
1 #!C:/Programme/Perl/bin/perl.exe -w
2
3 #
4 # Dev-Editor 3.1
5 #
6 # Dev-Editor's main program
7 #
8 # Author: Patrick Canterino <patrick@patshaping.de>
9 # Last modified: 2011-02-11
10 #
11 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
12 # Copyright (C) 2003-2011 Patrick Canterino
13 # All Rights Reserved.
14 #
15 # This file can be distributed and/or modified under the terms of
16 # of the Artistic License 2.0 (see also the LICENSE file found at
17 # the top level of the Dev-Editor distribution).
18 #
19
20 use strict;
21 use CGI::Carp qw(fatalsToBrowser);
22
23 use vars qw($VERSION);
24 use lib 'modules';
25
26 use CGI;
27 use Config::DevEdit;
28
29 use Command;
30 use Output;
31 use Tool;
32
33 $VERSION = '3.2-dev';
34
35 # Path to configuration file
36 # Change if necessary!
37
38 use constant CONFIGFILE => 'devedit.conf';
39
40 # Read the configuration file
41
42 my $config = read_config(CONFIGFILE);
43 error_template($config->{'templates'}->{'error'}); # Yes, I'm lazy...
44
45 # Check if the root directory exists
46
47 abort($config->{'errors'}->{'no_root_dir'}) unless(-d $config->{'fileroot'} && not -l $config->{'fileroot'});
48
49 # Check if we are able to access the root directory
50
51 abort($config->{'errors'}->{'no_root_access'}) unless(-r $config->{'fileroot'} && -x $config->{'fileroot'});
52
53 # Read the most important form data
54
55 my $cgi = new CGI;
56
57 my $command = $cgi->param('command') || 'show';
58 my $file = $cgi->param('file') || $config->{'startdir'} || '/';
59 my $curdir = $cgi->param('curdir') || '';
60 my $newfile = $cgi->param('newfile') || '';
61
62 # Check if the command is disabled
63
64 if(is_disabled_command($config->{'disable_commands'},$command))
65 {
66 abort($config->{'errors'}->{'command_disabled'},'/',{COMMAND => encode_html($command)});
67 }
68
69 # Create physical and virtual path for the new file
70
71 my $new_physical = '';
72 my $new_virtual = '';
73
74 if($newfile ne '' && $newfile !~ /^\s+$/)
75 {
76 my $path = $curdir.'/'.$newfile;
77
78 # Extract file and directory name...
79
80 my $file = file_name($path);
81 my $dir = upper_path($path);
82
83 # ... check if the directory exists ...
84
85 my $temp_path = clean_path($config->{'fileroot'}.'/'.$dir);
86
87 unless(-d $temp_path && not -l $temp_path)
88 {
89 abort($config->{'errors'}->{'dir_not_exist'},'/');
90 }
91
92 # ... and check if the path is above the root directory
93
94 unless(($new_physical,$new_virtual) = check_path($config->{'fileroot'},$dir))
95 {
96 abort($config->{'errors'}->{'create_above_root'},'/');
97 }
98
99 # Check if we have enough permissions to create a file
100 # in this directory
101
102 unless(-r $new_physical && -w $new_physical && -x $new_physical)
103 {
104 abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => encode_html($new_virtual)});
105 }
106
107 # Create the physical and the virtual path
108
109 $new_physical = File::Spec->canonpath($new_physical.'/'.$file);
110 $new_virtual .= $file;
111
112 # Check if accessing this file is forbidden
113
114 if(is_forbidden_file($config->{'forbidden'},$new_virtual))
115 {
116 abort($config->{'errors'}->{'forbidden_file'},'/');
117 }
118 }
119
120 # This check has to be performed first or abs_path() will be confused
121
122 my $temp_path = clean_path($config->{'fileroot'}.'/'.$file);
123
124 if(-e $temp_path || -l $temp_path)
125 {
126 if(my ($physical,$virtual) = check_path($config->{'fileroot'},$file))
127 {
128 if(is_forbidden_file($config->{'forbidden'},$virtual))
129 {
130 abort($config->{'errors'}->{'forbidden_file'},'/');
131 }
132 else
133 {
134 # Create a hash containing data submitted by the user
135 # (some other necessary information are also included)
136
137 my %data = (physical => $physical,
138 virtual => $virtual,
139 new_physical => $new_physical,
140 new_virtual => $new_virtual,
141 cgi => $cgi,
142 version => $VERSION,
143 configfile => CONFIGFILE);
144
145 # Execute the command...
146
147 my $output = exec_command($command,\%data,$config);
148
149 # ... and show its output
150
151 print $$output;
152 }
153 }
154 else
155 {
156 abort($config->{'errors'}->{'above_root'},'/');
157 }
158 }
159 else
160 {
161 abort($config->{'errors'}->{'not_found'},'/');
162 }
163
164 #
165 ### End ###

patrick-canterino.de