modules/Tool.pm

   1 package Tool;
   2
   3 #
   4 # Dev-Editor - Module Tool
   5 #
   6 # Some shared sub routines
   7 #
   8 # Author:        Patrick Canterino <patrick@patshaping.de>
   9 # Last modified: 2005-11-10
  10 #
  11
  12 use strict;
  13
  14 use vars qw(@EXPORT);
  15
  16 use CGI qw(redirect
  17            escape
  18            virtual_host
  19            https);
  20
  21 use Cwd qw(abs_path);
  22 use File::Spec;
  23
  24 ### Export ###
  25
  26 use base qw(Exporter);
  27
  28 @EXPORT = qw(check_path
  29              clean_path
  30              devedit_reload
  31              dos_wildcard_match
  32              encode_html
  33              equal_url
  34              file_name
  35              is_forbidden_file
  36              mode_string
  37              multi_string
  38              upper_path);
  39
  40 # check_path()
  41 #
  42 # Check if a virtual path is above a virtual root directory
  43 # (currently no check if the path exists - check otherwise!)
  44 #
  45 # Params: 1. Virtual root directory
  46 #         2. Virtual path to check
  47 #
  48 # Return: Array with the physical and the cleaned virtual path;
  49 #         false, if the submitted path is above the root directory
  50
  51 sub check_path($$)
  52 {
  53  my ($root,$path) = @_;
  54
  55  # Clean root path
  56
  57  $root = abs_path($root);
  58  $root = File::Spec->canonpath($root);
  59
  60  $path =~ tr!\\!/!;
  61  $path =~ s!^/+!!;
  62  $path =  $root.'/'.$path;
  63
  64  # We extract the last part of the path and create the absolute path
  65
  66  my $first = upper_path($path);
  67  $first    = File::Spec->canonpath($first);
  68  $first    = abs_path($first);
  69
  70  my $last  = file_name($path);
  71  $last     = '' if($last eq '.');
  72
  73  if($last eq '..' || ($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!))
  74  {
  75   $first = abs_path($first.'/'.$last);
  76   $last  = '';
  77  }
  78
  79  $path = File::Spec->canonpath($first.'/'.$last);
  80
  81  # Check if the path is above the root directory
  82
  83  return if(index($path,$root) != 0);
  84  return if(substr($path,length($root)) && not File::Spec->file_name_is_absolute(substr($path,length($root))));
  85
  86  # Create short path name
  87
  88  my $short_path = substr($path,length($root));
  89  $short_path =~ tr!\\!/!;
  90  $short_path = '/'.$short_path if($short_path !~ m!^/!);
  91  $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path && not -l $path);
  92
  93  return ($path,$short_path);
  94 }
  95
  96 # clean_path()
  97 #
  98 # Clean up a path logically and replace backslashes with
  99 # normal slashes
 100 #
 101 # Params: Path
 102 #
 103 # Return: Cleaned path
 104
 105 sub clean_path($)
 106 {
 107  my $path =  shift;
 108  $path    =  File::Spec->canonpath($path);
 109  $path    =~ tr!\\!/!;
 110
 111  return $path;
 112 }
 113
 114 # devedit_reload()
 115 #
 116 # Create a HTTP redirection header to load Dev-Editor
 117 # with some other parameters
 118 #
 119 # Params: Hash Reference (will be merged to a query string)
 120 #         (optional)
 121 #
 122 # Return: HTTP redirection header (Scalar Reference)
 123
 124 sub devedit_reload(;$)
 125 {
 126  my $params = shift;
 127
 128  # Detect the protocol (simple HTTP or SSL encrypted HTTP)
 129  # and check if the server listens on the default port
 130
 131  my $protocol = '';
 132  my $port     = '';
 133
 134  if(https)
 135  {
 136   # SSL encrypted HTTP (HTTPS)
 137
 138   $protocol = 'https';
 139   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 443);
 140  }
 141  else
 142  {
 143   # Simple HTTP
 144
 145   $protocol = 'http';
 146   $port     = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 80);
 147  }
 148
 149  # The following code is grabbed from Template::_query of
 150  # Andre Malo's selfforum (http://sourceforge.net/projects/selfforum/)
 151  # and modified by Patrick Canterino
 152
 153  my $query = '';
 154
 155  if(ref($params) eq 'HASH')
 156  {
 157   $query = '?'.join ('&' =>
 158     map {
 159       (ref)
 160       ? map{escape ($_).'='.escape ($params -> {$_})} @{$params -> {$_}}
 161       : escape ($_).'='.escape ($params -> {$_})
 162     } keys %$params
 163   );
 164  }
 165
 166  # Create the redirection header
 167
 168  my $header = redirect($protocol.'://'.virtual_host.$port.$ENV{'SCRIPT_NAME'}.$query);
 169
 170  return \$header;
 171 }
 172
 173 # dos_wildcard_match()
 174 #
 175 # Check if a string matches against a DOS-style wildcard
 176 #
 177 # Params: 1. Pattern
 178 #         2. String
 179 #
 180 # Return: Status code (Boolean)
 181
 182 sub dos_wildcard_match($$)
 183 {
 184  my ($pattern,$string) = @_;
 185
 186  # The following part is stolen from File::DosGlob
 187
 188  # escape regex metachars but not glob chars
 189  $pattern =~ s:([].+^\-\${}[|]):\\$1:g;
 190  # and convert DOS-style wildcards to regex
 191  $pattern =~ s/\*/.*/g;
 192  $pattern =~ s/\?/.?/g;
 193
 194  return ($string =~ m|^$pattern$|is);
 195 }
 196
 197 # encode_html()
 198 #
 199 # Encode HTML control characters (< > " &)
 200 #
 201 # Params: String to encode
 202 #
 203 # Return: Encoded string
 204
 205 sub encode_html($)
 206 {
 207  my $string = shift;
 208
 209  $string =~ s/&/&amp;/g;
 210  $string =~ s/</&lt;/g;
 211  $string =~ s/>/&gt;/g;
 212  $string =~ s/"/&quot;/g;
 213
 214  return $string;
 215 }
 216
 217 # equal_url()
 218 #
 219 # Create URL equal to a file or directory
 220 #
 221 # Params: 1. HTTP root
 222 #         2. Relative path
 223 #
 224 # Return: Formatted link (String)
 225
 226 sub equal_url($$)
 227 {
 228  my ($root,$path) = @_;
 229  my $url;
 230
 231  $root =~ s!/+$!!;
 232  $path =~ s!^/+!!;
 233  $url  =  $root.'/'.$path;
 234
 235  return $url;
 236 }
 237
 238 # file_name()
 239 #
 240 # Return the last part of a path
 241 #
 242 # Params: Path
 243 #
 244 # Return: Last part of the path
 245
 246 sub file_name($)
 247 {
 248  my $path =  shift;
 249  $path    =~ tr!\\!/!;
 250
 251  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 252  {
 253   $path =~ s!/+$!!;
 254   $path =  substr($path,rindex($path,'/')+1);
 255  }
 256
 257  return $path;
 258 }
 259
 260 # is_forbidden_file()
 261 #
 262 # Check if a file is in the list of forbidden files
 263 #
 264 # Params: 1. Array Reference containing the list
 265 #         2. Filename to check
 266 #
 267 # Return: Status code (Boolean)
 268
 269 sub is_forbidden_file($$)
 270 {
 271  my ($list,$file) = @_;
 272  $file =~ s!/+$!!g;
 273
 274  foreach my $entry(@$list)
 275  {
 276   return 1 if($file eq $entry);
 277   return 1 if(index($file,$entry.'/') == 0);
 278  }
 279
 280  return;
 281 }
 282
 283 # mode_string()
 284 #
 285 # Convert a file mode number into a human readable string (rwxr-x-r-x)
 286 # (also supports SetUID, SetGID and Sticky Bit)
 287 #
 288 # Params: File mode number
 289 #
 290 # Return: Human readable mode string
 291
 292 sub mode_string($)
 293 {
 294  my $mode   = shift;
 295  my $string = '';
 296
 297  # User
 298
 299  $string  = ($mode & 00400) ? 'r' : '-';
 300  $string .= ($mode & 00200) ? 'w' : '-';
 301  $string .= ($mode & 00100) ? (($mode & 04000) ? 's' : 'x') :
 302                                ($mode & 04000) ? 'S' : '-';
 303
 304  # Group
 305
 306  $string .= ($mode & 00040) ? 'r' : '-';
 307  $string .= ($mode & 00020) ? 'w' : '-';
 308  $string .= ($mode & 00010) ? (($mode & 02000) ? 's' : 'x') :
 309                                ($mode & 02000) ? 'S' : '-';
 310
 311  # Other
 312
 313  $string .= ($mode & 00004) ? 'r' : '-';
 314  $string .= ($mode & 00002) ? 'w' : '-';
 315  $string .= ($mode & 00001) ? (($mode & 01000) ? 't' : 'x') :
 316                                ($mode & 01000) ? 'T' : '-';
 317
 318  return $string;
 319 }
 320
 321 # multi_string()
 322 #
 323 # Create a Hash Reference containing three forms of a string
 324 #
 325 # Params: String
 326 #
 327 # Return: Hash Reference:
 328 #         normal => Normal form of the string
 329 #         html   => HTML encoded form (see encode_html())
 330 #         url    => URL encoded form
 331
 332 sub multi_string($)
 333 {
 334  my $string = shift;
 335  my %multi;
 336
 337  $multi{'normal'} = $string;
 338  $multi{'html'}   = encode_html($string);
 339  $multi{'url'}    = escape($string);
 340
 341  return \%multi;
 342 }
 343
 344 # upper_path()
 345 #
 346 # Remove the last part of a path
 347 # (the resulting path contains a trailing slash)
 348 #
 349 # Params: Path
 350 #
 351 # Return: Truncated path
 352
 353 sub upper_path($)
 354 {
 355  my $path =  shift;
 356  $path    =~ tr!\\!/!;
 357
 358  unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i))
 359  {
 360   $path =~ s!/+$!!;
 361   $path =  substr($path,0,rindex($path,'/')+1);
 362  }
 363
 364  return $path;
 365 }
 366
 367 # it's true, baby ;-)
 368
 369 1;
 370
 371 #
 372 ### End ###