#!C:/Programme/Perl/bin/perl.exe -w
#
-# Dev-Editor
+# Dev-Editor 3.0.1
#
# Dev-Editor's main program
#
-# Author: Patrick Canterino <patshaping@gmx.net>
-# Last modified: 09-22-2003
+# Author: Patrick Canterino <patrick@patshaping.de>
+# Last modified: 2006-08-24
+#
+# Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
+# Copyright (C) 2003-2009 Patrick Canterino
+# All Rights Reserved.
+#
+# This file can be distributed and/or modified under the terms of
+# of the Artistic License 1.0 (see also the LICENSE file found at
+# the top level of the Dev-Editor distribution).
#
use strict;
use CGI::Carp qw(fatalsToBrowser);
+use vars qw($VERSION);
use lib 'modules';
use CGI;
+use Config::DevEdit;
+
use Command;
-use File::UseList;
use Output;
use Tool;
-our $VERSION = '0.7';
+$VERSION = '3.0.1';
+
+# Path to configuration file
+# Change if necessary!
+
+use constant CONFIGFILE => 'devedit.conf';
-### Settings ###
+# Read the configuration file
-our %config = (
- fileroot => 'D:/Server/WWW/Root',
- httproot => '/',
- uselist_file => 'uselist',
- lock_file => 'uselist.lock',
- lock_timeout => '10'
- );
+my $config = read_config(CONFIGFILE);
+error_template($config->{'templates'}->{'error'}); # Yes, I'm lazy...
-### End Settings ###
+# Check if the root directory exists
+
+abort($config->{'errors'}->{'no_root_dir'}) unless(-d $config->{'fileroot'} && not -l $config->{'fileroot'});
+
+# Check if we are able to access the root directory
+
+abort($config->{'errors'}->{'no_root_access'}) unless(-r $config->{'fileroot'} && -x $config->{'fileroot'});
# Read the most important form data
my $command = $cgi->param('command') || 'show';
my $file = $cgi->param('file') || '/';
+my $curdir = $cgi->param('curdir') || '';
+my $newfile = $cgi->param('newfile') || '';
+
+# Create physical and virtual path for the new file
+
+my $new_physical = '';
+my $new_virtual = '';
+
+if($newfile ne '' && $newfile !~ /^\s+$/)
+{
+ my $path = $curdir.'/'.$newfile;
+
+ # Extract file and directory name...
+
+ my $file = file_name($path);
+ my $dir = upper_path($path);
+
+ # ... check if the directory exists ...
+
+ my $temp_path = clean_path($config->{'fileroot'}.'/'.$dir);
+
+ unless(-d $temp_path && not -l $temp_path)
+ {
+ abort($config->{'errors'}->{'dir_not_exist'},'/');
+ }
+
+ # ... and check if the path is above the root directory
-# This check has to be performed first, or abs_path() will be confused
+ unless(($new_physical,$new_virtual) = check_path($config->{'fileroot'},$dir))
+ {
+ abort($config->{'errors'}->{'create_above_root'},'/');
+ }
+
+ # Check if we have enough permissions to create a file
+ # in this directory
+
+ unless(-r $new_physical && -w $new_physical && -x $new_physical)
+ {
+ abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => encode_html($new_virtual)});
+ }
+
+ # Create the physical and the virtual path
+
+ $new_physical = File::Spec->canonpath($new_physical.'/'.$file);
+ $new_virtual .= $file;
+
+ # Check if accessing this file is forbidden
+
+ if(is_forbidden_file($config->{'forbidden'},$new_virtual))
+ {
+ abort($config->{'errors'}->{'forbidden_file'},'/');
+ }
+}
+
+# This check has to be performed first or abs_path() will be confused
+
+my $temp_path = clean_path($config->{'fileroot'}.'/'.$file);
-if(-e clean_path($config{'fileroot'}."/".$file))
+if(-e $temp_path || -l $temp_path)
{
- if(my ($physical,$virtual) = check_path($config{'fileroot'},$file))
+ if(my ($physical,$virtual) = check_path($config->{'fileroot'},$file))
{
- # Copied from old Dev-Editor (great idea)
-
- my %dispatch = ('show' => \&exec_show,
- 'beginedit' => \&exec_beginedit,
- 'canceledit' => \&exec_unlock,
- 'endedit' => \&exec_endedit,
- # 'mkdir' => \&exec_mkdir,
- # 'mkfile' => \&exec_mkfile,
- 'workwithfile' => \&exec_workwithfile,
- # 'copy' => \&exec_copy,
- # 'rename' => \&exec_rename,
- 'remove' => \&exec_remove,
- 'unlock' => \&exec_unlock
- );
-
- # Create a File::UseList object and load the list
-
- my $uselist = new File::UseList(listfile => $config{'uselist_file'},
- lockfile => $config{'lock_file'},
- timeout => $config{'lock_timeout'});
-
- $uselist->lock or abort("Locking failed. Try it again in a moment. If the problem persists, ask someone to recreate the lockfile ($config{'lock_file'}).");
- $uselist->load;
-
- # Create a hash with data submitted by user
- # (the CGI and the File::UseList objects will also be included)
-
- my %data = (physical => $physical,
- virtual => $virtual,
- new_physical => '',
- new_virtual => '',
- uselist => $uselist,
- cgi => $cgi);
-
- unless($dispatch{$command})
+ if(is_forbidden_file($config->{'forbidden'},$virtual))
{
- $uselist->unlock;
- abort("Unknown command: $command");
+ abort($config->{'errors'}->{'forbidden_file'},'/');
}
+ else
+ {
+ # Create a hash containing data submitted by the user
+ # (some other necessary information are also included)
+
+ my %data = (physical => $physical,
+ virtual => $virtual,
+ new_physical => $new_physical,
+ new_virtual => $new_virtual,
+ cgi => $cgi,
+ version => $VERSION,
+ configfile => CONFIGFILE);
+
+ # Execute the command...
- my $output = &{$dispatch{$command}}(\%data,\%config); # Execute the command...
+ my $output = exec_command($command,\%data,$config);
- $uselist->unlock; # ... unlock the list with used files...
- print $$output; # ... and print the output of the command
+ # ... and show its output
+
+ print $$output;
+ }
}
else
{
- abort("Accessing files and directories above the virtual root directory is forbidden.");
+ abort($config->{'errors'}->{'above_root'},'/');
}
}
else
{
- abort("File/directory does not exist.");
+ abort($config->{'errors'}->{'not_found'},'/');
}
#