modules/Tool.pm

   1 package Tool;
   2
   3 #
   4 # Dev-Editor - Module Tool
   5 #
   6 # Some shared sub routines
   7 #
   8 # Author:        Patrick Canterino <patrick@patshaping.de>
   9 # Last modified: 2008-04-25
  10 #
  11 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
  12 # Copyright (C) 2003-2009 Patrick Canterino
  13 # All Rights Reserved.
  14 #
  15 # This file can be distributed and/or modified under the terms of
  16 # of the Artistic License 1.0 (see also the LICENSE file found at
  17 # the top level of the Dev-Editor distribution).
  18 #
  19
  20 use strict;
  21
  22 use vars qw(@EXPORT);
  23
  24 use CGI qw(redirect
  25            escape
  26            virtual_host
  27            https);
  28
  29 use Cwd qw(abs_path);
  30 use File::Spec;
  31
  32 ### Export ###
  33
  34 use base qw(Exporter);
  35
  36 @EXPORT = qw(check_path
  37              clean_path
  38              devedit_reload
  39              dos_wildcard_match
  40              encode_html
  41              equal_url
  42              file_name
  43              is_forbidden_file
  44              mode_string
  45              multi_string
  46              upper_path);
  47
  48 # check_path()
  49 #
  50 # Check if a virtual path is above a virtual root directory
  51 # (currently no check if the path exists - check otherwise!)
  52 #
  53 # Params: 1. Virtual root directory
  54 #         2. Virtual path to check
  55 #
  56 # Return: Array with the physical and the cleaned virtual path;
  57 #         false, if the submitted path is above the root directory
  58
  59 sub check_path($$)
  60 {
  61  my ($root,$path) = @_;
  62
  63  # Clean root path
  64
  65  $root = abs_path($root);
  66  $root = File::Spec->canonpath($root);
  67
  68  $path =~ tr!\\!/!;
  69  $path =~ s!^/+!!;
  70  $path =  $root.'/'.$path;
  71
  72  # We extract the last part of the path and create the absolute path
  73
  74  my $first = upper_path($path);
  75  $first    = File::Spec->canonpath($first);
  76  $first    = abs_path($first);
  77
  78  my $last  = file_name($path);
  79  $last     = '' if($last eq '.');
  80
  81  if($last eq '..' || ($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!))
  82  {
  83   $first = abs_path($first.'/'.$last);
  84   $last  = '';
  85  }
  86
  87  $path = File::Spec->canonpath($first.'/'.$last);
  88
  89  # Check if the path is above the root directory
  90
  91  return if(index($path,$root) != 0);
  92  return if(substr($path,length($root)) && not File::Spec->file_name_is_absolute(substr($path,length($root))));
  93
  94  # Create short path name
  95
  96  my $short_path = substr($path,length($root));
  97  $short_path =~ tr!\\!/!;
  98  $short_path = '/'.$short_path if($short_path !~ m!^/!);
  99  $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path && not -l $path);
 100
 101  return ($path,$short_path);
 102 }
 103
 104 # clean_path()
 105 #
 106 # Clean up a path logically and replace backslashes with
 107 # normal slashes
 108 #
 109 # Params: Path
 110 #
 111 # Return: Cleaned path
 112
 113 sub clean_path($)
 114 {
 115  my $path =  shift;
 116  $path    =  File::Spec->canonpath($path);
 117  $path    =~ tr!\\!/!;
 118
 119  return $path;
 120 }
 121
 122 # devedit_reload()
 123 #
 124 # Create a HTTP redirection header to load Dev-Editor
 125 # with some other parameters
 126 #
 127 # Params: Hash Reference (will be merged to a query string)
 128 #         (optional)
 129 #
 130 # Return: HTTP redirection header (Scalar Reference)
 131
 132 sub devedit_reload(;$)
 133 {
 134  my $params = shift;
 135
 136  # Detect the protocol (simple HTTP or SSL encrypted HTTP)
 137  # and check if the server listens on the default port
 138
 139  my $protocol = '';
 140  my $port     = '';
 141
 142  if(https)
 143  {
 144   # SSL encrypted HTTP (HTTPS)
 145
 146   $protocol = 'https';
 147   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 443);
 148  }
 149  else
 150  {
 151   # Simple HTTP
 152
 153   $protocol = 'http';
 154   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 80);
 155  }
 156
 157  # The following code is grabbed from Template::_query of
 158  # Andre Malo's selfforum (http://sourceforge.net/projects/selfforum/)
 159  # and modified by Patrick Canterino
 160
 161  my $query = '';
 162
 163  if(ref($params) eq 'HASH')
 164  {
 165   $query = '?'.join ('&' =>
 166     map {
 167       (ref)
 168       ? map{escape ($_).'='.escape ($params -> {$_})} @{$params -> {$_}}
 169       : escape ($_).'='.escape ($params -> {$_})
 170     } keys %$params
 171   );
 172  }
 173
 174  # Create the redirection header
 175
 176  my $header = redirect($protocol.'://'.virtual_host.$port.$ENV{'SCRIPT_NAME'}.$query);
 177
 178  return \$header;
 179 }
 180
 181 # dos_wildcard_match()
 182 #
 183 # Check if a string matches against a DOS-style wildcard
 184 #
 185 # Params: 1. Pattern
 186 #         2. String
 187 #
 188 # Return: Status code (Boolean)
 189
 190 sub dos_wildcard_match($$)
 191 {
 192  my ($pattern,$string) = @_;
 193
 194  return 1 if($pattern eq '*');
 195
 196  # The following part is stolen from File::DosGlob
 197
 198  # escape regex metachars but not glob chars
 199  $pattern =~ s:([].+^\-\${}[|]):\\$1:g;
 200  # and convert DOS-style wildcards to regex
 201  $pattern =~ s/\*/.*/g;
 202  $pattern =~ s/\?/.?/g;
 203
 204  return ($string =~ m|^$pattern$|is);
 205 }
 206
 207 # encode_html()
 208 #
 209 # Encode HTML control characters (< > " &)
 210 #
 211 # Params: String to encode
 212 #
 213 # Return: Encoded string
 214
 215 sub encode_html($)
 216 {
 217  my $string = shift;
 218
 219  $string =~ s/&/&amp;/g;
 220  $string =~ s/</&lt;/g;
 221  $string =~ s/>/&gt;/g;
 222  $string =~ s/"/&quot;/g;
 223
 224  return $string;
 225 }
 226
 227 # equal_url()
 228 #
 229 # Create URL equal to a file or directory
 230 #
 231 # Params: 1. HTTP root
 232 #         2. Relative path
 233 #
 234 # Return: Formatted link (String)
 235
 236 sub equal_url($$)
 237 {
 238  my ($root,$path) = @_;
 239  my $url;
 240
 241  $root =~ s!/+$!!;
 242  $path =~ s!^/+!!;
 243  $url  =  $root.'/'.$path;
 244
 245  return $url;
 246 }
 247
 248 # file_name()
 249 #
 250 # Return the last part of a path
 251 #
 252 # Params: Path
 253 #
 254 # Return: Last part of the path
 255
 256 sub file_name($)
 257 {
 258  my $path =  shift;
 259  $path    =~ tr!\\!/!;
 260
 261  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 262  {
 263   $path =~ s!/+$!!;
 264   $path =  substr($path,rindex($path,'/')+1);
 265  }
 266
 267  return $path;
 268 }
 269
 270 # is_forbidden_file()
 271 #
 272 # Check if a file is in the list of forbidden files
 273 #
 274 # Params: 1. Array Reference containing the list
 275 #         2. Filename to check
 276 #
 277 # Return: Status code (Boolean)
 278
 279 sub is_forbidden_file($$)
 280 {
 281  my ($list,$file) = @_;
 282  $file =~ s!/+$!!g;
 283
 284  foreach my $entry(@$list)
 285  {
 286   return 1 if($file eq $entry);
 287   return 1 if(index($file,$entry.'/') == 0);
 288  }
 289
 290  return;
 291 }
 292
 293 # mode_string()
 294 #
 295 # Convert a file mode number into a human readable string (rwxr-x-r-x)
 296 # (also supports SetUID, SetGID and Sticky Bit)
 297 #
 298 # Params: File mode number
 299 #
 300 # Return: Human readable mode string
 301
 302 sub mode_string($)
 303 {
 304  my $mode   = shift;
 305  my $string = '';
 306
 307  # User
 308
 309  $string  = ($mode & 00400) ? 'r' : '-';
 310  $string .= ($mode & 00200) ? 'w' : '-';
 311  $string .= ($mode & 00100) ? (($mode & 04000) ? 's' : 'x') :
 312                                ($mode & 04000) ? 'S' : '-';
 313
 314  # Group
 315
 316  $string .= ($mode & 00040) ? 'r' : '-';
 317  $string .= ($mode & 00020) ? 'w' : '-';
 318  $string .= ($mode & 00010) ? (($mode & 02000) ? 's' : 'x') :
 319                                ($mode & 02000) ? 'S' : '-';
 320
 321  # Other
 322
 323  $string .= ($mode & 00004) ? 'r' : '-';
 324  $string .= ($mode & 00002) ? 'w' : '-';
 325  $string .= ($mode & 00001) ? (($mode & 01000) ? 't' : 'x') :
 326                                ($mode & 01000) ? 'T' : '-';
 327
 328  return $string;
 329 }
 330
 331 # multi_string()
 332 #
 333 # Create a Hash Reference containing three forms of a string
 334 #
 335 # Params: String
 336 #
 337 # Return: Hash Reference:
 338 #         normal => Normal form of the string
 339 #         html   => HTML encoded form (see encode_html())
 340 #         url    => URL encoded form
 341
 342 sub multi_string($)
 343 {
 344  my $string = shift;
 345  my %multi;
 346
 347  $multi{'normal'} = $string;
 348  $multi{'html'}   = encode_html($string);
 349  $multi{'url'}    = escape($string);
 350
 351  return \%multi;
 352 }
 353
 354 # upper_path()
 355 #
 356 # Remove the last part of a path
 357 # (the resulting path contains a trailing slash)
 358 #
 359 # Params: Path
 360 #
 361 # Return: Truncated path
 362
 363 sub upper_path($)
 364 {
 365  my $path =  shift;
 366  $path    =~ tr!\\!/!;
 367
 368  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 369  {
 370   $path =~ s!/+$!!;
 371   $path =  substr($path,0,rindex($path,'/')+1);
 372  }
 373
 374  return $path;
 375 }
 376
 377 # it's true, baby ;-)
 378
 379 1;
 380
 381 #
 382 ### End ###