Catch error of trying to download a non-readable file using URL manipulation

[devedit.git] / modules / Command.pm

diff --git a/modules/Command.pm b/modules/Command.pm
index c4e7f120d94d60827d3e6c7583b2875c8e206aca..5d0e653e3fb22b1aff97f9027c035ff1ea10bffd 100644 (file)
--- a/modules/Command.pm
+++ b/modules/Command.pm
@@ -6,7 +6,7 @@ package Command;
 # Execute Dev-Editor's commands
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>
 # Execute Dev-Editor's commands
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>

-# Last modified: 2009-05-04
+# Last modified: 2010-10-26

 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino
 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino


@@ -42,6 +42,7 @@ my $users  = eval('getpwuid(0)') && eval('getgrgid(0)');
 my %dispatch = ('show'         => \&exec_show,
                 'beginedit'    => \&exec_beginedit,
                 'endedit'      => \&exec_endedit,
 my %dispatch = ('show'         => \&exec_show,
                 'beginedit'    => \&exec_beginedit,
                 'endedit'      => \&exec_endedit,

+                'download'     => \&exec_download,

                 'mkdir'        => \&exec_mkdir,
                 'mkfile'       => \&exec_mkfile,
                 'upload'       => \&exec_upload,
                 'mkdir'        => \&exec_mkdir,
                 'mkfile'       => \&exec_mkfile,
                 'upload'       => \&exec_upload,


@@ -444,6 +445,32 @@ sub exec_endedit($$)
  return devedit_reload({command => 'beginedit', file => $virtual});
 }
 
  return devedit_reload({command => 'beginedit', file => $virtual});
 }
 

+# exec_download()
+#
+# Execute a HTTP download of a file
+#
+# Params: 1. Reference to user input hash
+#         2. Reference to config hash
+#
+# Return: Output of the command (Scalar Reference)
+
+sub exec_download($$)
+{
+ my ($data,$config) = @_;
+ my $physical       = $data->{'physical'};
+ my $virtual        = $data->{'virtual'};
+ my $dir            = upper_path($virtual);
+
+ return return error($config->{'errors'}->{'no_download'},$dir,{FILE => $virtual}) if((not -r $physical) || (-d $physical || -l $physical));
+
+ my $filename = file_name($virtual);
+
+ my $output = header(-type => 'application/octet-stream', -attachment => $filename);
+ $output   .= ${ file_read($physical,1) };
+
+ return \$output;
+}
+

 # exec_mkfile()
 #
 # Create a file and return to directory view
 # exec_mkfile()
 #
 # Create a file and return to directory view


@@ -466,7 +493,15 @@ sub exec_mkfile($$)
   return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical);
 
   file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual});
   return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical);
 
   file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual});

-  return devedit_reload({command => 'show', file => $dir});
+  
+  if($data->{'cgi'}->param('edit'))
+  {
+   return devedit_reload({command => 'beginedit', file => $new_virtual});
+  }
+  else
+  {
+   return devedit_reload({command => 'show', file => $dir});
+  }

  }
  else
  {
  }
  else
  {


@@ -935,12 +970,21 @@ sub exec_remove_multi($$)
 
    if(scalar(@success) > 0)
    {
 
    if(scalar(@success) > 0)
    {

-    $tpl->parse_if_block('success',1);
-
-    foreach my $file_success(@success)
+    if(scalar(@success) == scalar(@new_files) && scalar(@failed) == 0)
+    {
+     return devedit_reload({command => 'show', file => $virtual});
+    }
+    else

     {
     {

-     $tpl->add_loop_data('SUCCESS',{FILE => encode_html($file_success),
-                                    FILE_PATH => encode_html(clean_path($virtual.'/'.$file_success))});
+     $tpl->parse_if_block('success',1);
+
+     foreach my $file_success(@success)
+     {
+      $tpl->add_loop_data('SUCCESS',{FILE => encode_html($file_success),
+                                     FILE_PATH => encode_html(clean_path($virtual.'/'.$file_success))});
+     }
+
+     $tpl->parse_loop('SUCCESS');

     }
    }
    else
     }
    }
    else


@@ -957,6 +1001,8 @@ sub exec_remove_multi($$)
      $tpl->add_loop_data('FAILED',{FILE => encode_html($file_failed),
                                    FILE_PATH => encode_html(clean_path($virtual.'/'.$file_failed))});
     }
      $tpl->add_loop_data('FAILED',{FILE => encode_html($file_failed),
                                    FILE_PATH => encode_html(clean_path($virtual.'/'.$file_failed))});
     }

+
+    $tpl->parse_loop('FAILED');

    }
    else
    {
    }
    else
    {


@@ -964,10 +1010,8 @@ sub exec_remove_multi($$)
    }
 
 
    }
 
 

-   $tpl->set_var('DIR',encode_html($virtual));
-   $tpl->set_var('SCRIPT',$script);
-
-   $tpl->parse;
+   $tpl->fillin('DIR',encode_html($virtual));
+   $tpl->fillin('SCRIPT',$script);

 
    my $output = header(-type => 'text/html');
    $output   .= $tpl->get_template;
 
    my $output = header(-type => 'text/html');
    $output   .= $tpl->get_template;


@@ -985,12 +1029,12 @@ sub exec_remove_multi($$)
                                  FILE_PATH => encode_html(clean_path($virtual.'/'.$file))});
    }
 
                                  FILE_PATH => encode_html(clean_path($virtual.'/'.$file))});
    }
 

-   $tpl->set_var('COUNT',scalar(@new_files));
+   $tpl->parse_loop('FILES');

 
 

-   $tpl->set_var('DIR',encode_html($virtual));
-   $tpl->set_var('SCRIPT',$script);
+   $tpl->fillin('COUNT',scalar(@new_files));

 
 

-   $tpl->parse;
+   $tpl->fillin('DIR',encode_html($virtual));
+   $tpl->fillin('SCRIPT',$script);

 
    my $output = header(-type => 'text/html');
    $output   .= $tpl->get_template;
 
    my $output = header(-type => 'text/html');
    $output   .= $tpl->get_template;