#!C:/Programme/Perl/bin/perl.exe -w
#
-# Dev-Editor 3.0 (CVS)
+# Dev-Editor 3.1
#
# Dev-Editor's main program
#
# Author: Patrick Canterino <patrick@patshaping.de>
-# Last modified: 2005-04-16
+# Last modified: 2006-08-24
+#
+# Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
+# Copyright (C) 2003-2009 Patrick Canterino
+# All Rights Reserved.
+#
+# This file can be distributed and/or modified under the terms of
+# of the Artistic License 1.0 (see also the LICENSE file found at
+# the top level of the Dev-Editor distribution).
#
use strict;
use Output;
use Tool;
-$VERSION = '3.0 (CVS)';
+$VERSION = '3.2-dev';
# Path to configuration file
# Change if necessary!
if($newfile ne '' && $newfile !~ /^\s+$/)
{
- $curdir = upper_path($file) if($curdir eq '');
my $path = $curdir.'/'.$newfile;
# Extract file and directory name...
unless(-r $new_physical && -w $new_physical && -x $new_physical)
{
- abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => $new_virtual});
+ abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => encode_html($new_virtual)});
}
# Create the physical and the virtual path
$new_physical = File::Spec->canonpath($new_physical.'/'.$file);
$new_virtual .= $file;
+
+ # Check if accessing this file is forbidden
+
+ if(is_forbidden_file($config->{'forbidden'},$new_virtual))
+ {
+ abort($config->{'errors'}->{'forbidden_file'},'/');
+ }
}
# This check has to be performed first or abs_path() will be confused
{
if(my ($physical,$virtual) = check_path($config->{'fileroot'},$file))
{
- # Create a hash containing data submitted by the user
- # (some other necessary information are also included)
-
- my %data = (physical => $physical,
- virtual => $virtual,
- new_physical => $new_physical,
- new_virtual => $new_virtual,
- cgi => $cgi,
- version => $VERSION,
- configfile => CONFIGFILE);
-
- # Execute the command...
-
- my $output = exec_command($command,\%data,$config);
-
- # ... and show its output
-
- print $$output;
+ if(is_forbidden_file($config->{'forbidden'},$virtual))
+ {
+ abort($config->{'errors'}->{'forbidden_file'},'/');
+ }
+ else
+ {
+ # Create a hash containing data submitted by the user
+ # (some other necessary information are also included)
+
+ my %data = (physical => $physical,
+ virtual => $virtual,
+ new_physical => $new_physical,
+ new_virtual => $new_virtual,
+ cgi => $cgi,
+ version => $VERSION,
+ configfile => CONFIGFILE);
+
+ # Execute the command...
+
+ my $output = exec_command($command,\%data,$config);
+
+ # ... and show its output
+
+ print $$output;
+ }
}
else
{