modules/Tool.pm

   1 package Tool;
   2
   3 #
   4 # Dev-Editor - Module Tool
   5 #
   6 # Some shared sub routines
   7 #
   8 # Author:        Patrick Canterino <patrick@patshaping.de>
   9 # Last modified: 2008-04-25
  10 #
  11
  12 use strict;
  13
  14 use vars qw(@EXPORT);
  15
  16 use CGI qw(redirect
  17            escape
  18            virtual_host
  19            https);
  20
  21 use Cwd qw(abs_path);
  22 use File::Spec;
  23
  24 ### Export ###
  25
  26 use base qw(Exporter);
  27
  28 @EXPORT = qw(check_path
  29              clean_path
  30              devedit_reload
  31              dos_wildcard_match
  32              encode_html
  33              equal_url
  34              file_name
  35              is_forbidden_file
  36              mode_string
  37              multi_string
  38              upper_path);
  39
  40 # check_path()
  41 #
  42 # Check if a virtual path is above a virtual root directory
  43 # (currently no check if the path exists - check otherwise!)
  44 #
  45 # Params: 1. Virtual root directory
  46 #         2. Virtual path to check
  47 #
  48 # Return: Array with the physical and the cleaned virtual path;
  49 #         false, if the submitted path is above the root directory
  50
  51 sub check_path($$)
  52 {
  53  my ($root,$path) = @_;
  54
  55  # Clean root path
  56
  57  $root = abs_path($root);
  58  $root = File::Spec->canonpath($root);
  59
  60  $path =~ tr!\\!/!;
  61  $path =~ s!^/+!!;
  62  $path =  $root.'/'.$path;
  63
  64  # We extract the last part of the path and create the absolute path
  65
  66  my $first = upper_path($path);
  67  $first    = File::Spec->canonpath($first);
  68  $first    = abs_path($first);
  69
  70  my $last  = file_name($path);
  71  $last     = '' if($last eq '.');
  72
  73  if($last eq '..' || ($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!))
  74  {
  75   $first = abs_path($first.'/'.$last);
  76   $last  = '';
  77  }
  78
  79  $path = File::Spec->canonpath($first.'/'.$last);
  80
  81  # Check if the path is above the root directory
  82
  83  return if(index($path,$root) != 0);
  84  return if(substr($path,length($root)) && not File::Spec->file_name_is_absolute(substr($path,length($root))));
  85
  86  # Create short path name
  87
  88  my $short_path = substr($path,length($root));
  89  $short_path =~ tr!\\!/!;
  90  $short_path = '/'.$short_path if($short_path !~ m!^/!);
  91  $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path && not -l $path);
  92
  93  return ($path,$short_path);
  94 }
  95
  96 # clean_path()
  97 #
  98 # Clean up a path logically and replace backslashes with
  99 # normal slashes
 100 #
 101 # Params: Path
 102 #
 103 # Return: Cleaned path
 104
 105 sub clean_path($)
 106 {
 107  my $path =  shift;
 108  $path    =  File::Spec->canonpath($path);
 109  $path    =~ tr!\\!/!;
 110
 111  return $path;
 112 }
 113
 114 # devedit_reload()
 115 #
 116 # Create a HTTP redirection header to load Dev-Editor
 117 # with some other parameters
 118 #
 119 # Params: Hash Reference (will be merged to a query string)
 120 #         (optional)
 121 #
 122 # Return: HTTP redirection header (Scalar Reference)
 123
 124 sub devedit_reload(;$)
 125 {
 126  my $params = shift;
 127
 128  # Detect the protocol (simple HTTP or SSL encrypted HTTP)
 129  # and check if the server listens on the default port
 130
 131  my $protocol = '';
 132  my $port     = '';
 133
 134  if(https)
 135  {
 136   # SSL encrypted HTTP (HTTPS)
 137
 138   $protocol = 'https';
 139   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 443);
 140  }
 141  else
 142  {
 143   # Simple HTTP
 144
 145   $protocol = 'http';
 146   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 80);
 147  }
 148
 149  # The following code is grabbed from Template::_query of
 150  # Andre Malo's selfforum (http://sourceforge.net/projects/selfforum/)
 151  # and modified by Patrick Canterino
 152
 153  my $query = '';
 154
 155  if(ref($params) eq 'HASH')
 156  {
 157   $query = '?'.join ('&' =>
 158     map {
 159       (ref)
 160       ? map{escape ($_).'='.escape ($params -> {$_})} @{$params -> {$_}}
 161       : escape ($_).'='.escape ($params -> {$_})
 162     } keys %$params
 163   );
 164  }
 165
 166  # Create the redirection header
 167
 168  my $header = redirect($protocol.'://'.virtual_host.$port.$ENV{'SCRIPT_NAME'}.$query);
 169
 170  return \$header;
 171 }
 172
 173 # dos_wildcard_match()
 174 #
 175 # Check if a string matches against a DOS-style wildcard
 176 #
 177 # Params: 1. Pattern
 178 #         2. String
 179 #
 180 # Return: Status code (Boolean)
 181
 182 sub dos_wildcard_match($$)
 183 {
 184  my ($pattern,$string) = @_;
 185
 186  return 1 if($pattern eq '*');
 187
 188  # The following part is stolen from File::DosGlob
 189
 190  # escape regex metachars but not glob chars
 191  $pattern =~ s:([].+^\-\${}[|]):\\$1:g;
 192  # and convert DOS-style wildcards to regex
 193  $pattern =~ s/\*/.*/g;
 194  $pattern =~ s/\?/.?/g;
 195
 196  return ($string =~ m|^$pattern$|is);
 197 }
 198
 199 # encode_html()
 200 #
 201 # Encode HTML control characters (< > " &)
 202 #
 203 # Params: String to encode
 204 #
 205 # Return: Encoded string
 206
 207 sub encode_html($)
 208 {
 209  my $string = shift;
 210
 211  $string =~ s/&/&amp;/g;
 212  $string =~ s/</&lt;/g;
 213  $string =~ s/>/&gt;/g;
 214  $string =~ s/"/&quot;/g;
 215
 216  return $string;
 217 }
 218
 219 # equal_url()
 220 #
 221 # Create URL equal to a file or directory
 222 #
 223 # Params: 1. HTTP root
 224 #         2. Relative path
 225 #
 226 # Return: Formatted link (String)
 227
 228 sub equal_url($$)
 229 {
 230  my ($root,$path) = @_;
 231  my $url;
 232
 233  $root =~ s!/+$!!;
 234  $path =~ s!^/+!!;
 235  $url  =  $root.'/'.$path;
 236
 237  return $url;
 238 }
 239
 240 # file_name()
 241 #
 242 # Return the last part of a path
 243 #
 244 # Params: Path
 245 #
 246 # Return: Last part of the path
 247
 248 sub file_name($)
 249 {
 250  my $path =  shift;
 251  $path    =~ tr!\\!/!;
 252
 253  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 254  {
 255   $path =~ s!/+$!!;
 256   $path =  substr($path,rindex($path,'/')+1);
 257  }
 258
 259  return $path;
 260 }
 261
 262 # is_forbidden_file()
 263 #
 264 # Check if a file is in the list of forbidden files
 265 #
 266 # Params: 1. Array Reference containing the list
 267 #         2. Filename to check
 268 #
 269 # Return: Status code (Boolean)
 270
 271 sub is_forbidden_file($$)
 272 {
 273  my ($list,$file) = @_;
 274  $file =~ s!/+$!!g;
 275
 276  foreach my $entry(@$list)
 277  {
 278   return 1 if($file eq $entry);
 279   return 1 if(index($file,$entry.'/') == 0);
 280  }
 281
 282  return;
 283 }
 284
 285 # mode_string()
 286 #
 287 # Convert a file mode number into a human readable string (rwxr-x-r-x)
 288 # (also supports SetUID, SetGID and Sticky Bit)
 289 #
 290 # Params: File mode number
 291 #
 292 # Return: Human readable mode string
 293
 294 sub mode_string($)
 295 {
 296  my $mode   = shift;
 297  my $string = '';
 298
 299  # User
 300
 301  $string  = ($mode & 00400) ? 'r' : '-';
 302  $string .= ($mode & 00200) ? 'w' : '-';
 303  $string .= ($mode & 00100) ? (($mode & 04000) ? 's' : 'x') :
 304                                ($mode & 04000) ? 'S' : '-';
 305
 306  # Group
 307
 308  $string .= ($mode & 00040) ? 'r' : '-';
 309  $string .= ($mode & 00020) ? 'w' : '-';
 310  $string .= ($mode & 00010) ? (($mode & 02000) ? 's' : 'x') :
 311                                ($mode & 02000) ? 'S' : '-';
 312
 313  # Other
 314
 315  $string .= ($mode & 00004) ? 'r' : '-';
 316  $string .= ($mode & 00002) ? 'w' : '-';
 317  $string .= ($mode & 00001) ? (($mode & 01000) ? 't' : 'x') :
 318                                ($mode & 01000) ? 'T' : '-';
 319
 320  return $string;
 321 }
 322
 323 # multi_string()
 324 #
 325 # Create a Hash Reference containing three forms of a string
 326 #
 327 # Params: String
 328 #
 329 # Return: Hash Reference:
 330 #         normal => Normal form of the string
 331 #         html   => HTML encoded form (see encode_html())
 332 #         url    => URL encoded form
 333
 334 sub multi_string($)
 335 {
 336  my $string = shift;
 337  my %multi;
 338
 339  $multi{'normal'} = $string;
 340  $multi{'html'}   = encode_html($string);
 341  $multi{'url'}    = escape($string);
 342
 343  return \%multi;
 344 }
 345
 346 # upper_path()
 347 #
 348 # Remove the last part of a path
 349 # (the resulting path contains a trailing slash)
 350 #
 351 # Params: Path
 352 #
 353 # Return: Truncated path
 354
 355 sub upper_path($)
 356 {
 357  my $path =  shift;
 358  $path    =~ tr!\\!/!;
 359
 360  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 361  {
 362   $path =~ s!/+$!!;
 363   $path =  substr($path,0,rindex($path,'/')+1);
 364  }
 365
 366  return $path;
 367 }
 368
 369 # it's true, baby ;-)
 370
 371 1;
 372
 373 #
 374 ### End ###