X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/0d3fcf0e34902845852297696024204919ffc164..c2b18d37a29420fc5b1e33c19a0e69d00016c621:/modules/Command.pm?ds=inline diff --git a/modules/Command.pm b/modules/Command.pm index 1718982..431eb4d 100644 --- a/modules/Command.pm +++ b/modules/Command.pm @@ -5,38 +5,53 @@ package Command; # # Execute Dev-Editor's commands # -# Author: Patrick Canterino -# Last modified: 2003-12-18 +# Author: Patrick Canterino +# Last modified: 2010-05-24 +# +# Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann +# Copyright (C) 2003-2009 Patrick Canterino +# All Rights Reserved. +# +# This file can be distributed and/or modified under the terms of +# of the Artistic License 1.0 (see also the LICENSE file found at +# the top level of the Dev-Editor distribution). # use strict; use vars qw(@EXPORT); +use Fcntl; use File::Access; use File::Copy; use File::Path; -use HTML::Entities; -use Output; +use Digest::MD5 qw(md5_hex); use POSIX qw(strftime); use Tool; -my $script = $ENV{'SCRIPT_NAME'}; +use CGI qw(header + escape); + +use Output; +use Template; + +my $script = encode_html($ENV{'SCRIPT_NAME'}); +my $users = eval('getpwuid(0)') && eval('getgrgid(0)'); my %dispatch = ('show' => \&exec_show, 'beginedit' => \&exec_beginedit, - 'canceledit' => \&exec_unlock, 'endedit' => \&exec_endedit, + 'download' => \&exec_download, 'mkdir' => \&exec_mkdir, 'mkfile' => \&exec_mkfile, - 'workwithfile' => \&exec_workwithfile, - 'workwithdir' => \&exec_workwithdir, + 'upload' => \&exec_upload, 'copy' => \&exec_copy, 'rename' => \&exec_rename, 'remove' => \&exec_remove, - 'rmdir' => \&exec_rmdir, - 'unlock' => \&exec_unlock + 'remove_multi' => \&exec_remove_multi, + 'chprop' => \&exec_chprop, + 'about' => \&exec_about ); ### Export ### @@ -59,10 +74,16 @@ sub exec_command($$$) { my ($command,$data,$config) = @_; - return error("Unknown command: $command") unless($dispatch{$command}); + foreach(keys(%dispatch)) + { + if(lc($_) eq lc($command)) + { + my $output = &{$dispatch{$_}}($data,$config); + return $output; + } + } - my $output = &{$dispatch{$command}}($data,$config); - return $output; + return error($config->{'errors'}->{'command_unknown'},'/',{COMMAND => encode_html($command)}); } # exec_show() @@ -79,183 +100,193 @@ sub exec_show($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $output; + my $upper_path = multi_string(upper_path($virtual)); - if(-d $physical) + my $tpl = new Template; + + if(-d $physical && not -l $physical) { # Create directory listing + return error($config->{'errors'}->{'no_dir_access'},$upper_path->{'normal'}) unless(-r $physical && -x $physical); + my $direntries = dir_read($physical); - return error("Reading of directory $virtual failed.",upper_path($virtual)) unless($direntries); + return error($config->{'errors'}->{'dir_read_failed'},$upper_path->{'normal'},{DIR => encode_html($virtual)}) unless($direntries); my $files = $direntries->{'files'}; my $dirs = $direntries->{'dirs'}; - $output .= htmlhead("Directory listing of $virtual"); - $output .= equal_url($config->{'httproot'},$virtual); - $output .= "
\n\n
\n";
+  my $dirlist = '';
+
+  my $count = 0;
+
+  my $filter1 = $data->{'cgi'}->param('filter') || '*';        # The real wildcard
+  my $filter2 = ($filter1 && $filter1 ne '*') ? $filter1 : ''; # Wildcard for output
 
   # Create the link to the upper directory
-  # (only if we are not in the root directory)
+  # (only if the current directory is not the root directory)
 
-  unless($virtual eq "/")
+  unless($virtual eq '/')
   {
-   my $upper = $physical."/..";
-   my @stat  = stat($upper);
+   $count++;
 
-   $output .= "  [SUBDIR]  ";
-   $output .= strftime("%d.%m.%Y %H:%M",localtime($stat[9]));
-   $output .= " " x 10;
-   $output .= "../\n";
-  }
+   my @stat  = stat($physical.'/..');
 
-  # Get the length of the longest file/directory name
+   my $udtpl = new Template;
+   $udtpl->read_file($config->{'templates'}->{'dirlist_up'});
 
-  my $max_name_len = 0;
+   $udtpl->fillin('UPPER_DIR',$upper_path->{'html'});
+   $udtpl->fillin('UPPER_DIR_URL',$upper_path->{'url'});
+   $udtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
 
-  foreach(@$dirs,@$files)
-  {
-   my $length    = length($_);
-   $max_name_len = $length if($length > $max_name_len);
+   $dirlist .= $udtpl->get_template;
   }
 
   # Directories
 
   foreach my $dir(@$dirs)
   {
-   my @stat      = stat($physical."/".$dir);
-   my $virt_path = encode_entities($virtual.$dir."/");
-
-   $output .= "  ";
-   $output .= "[SUBDIR]  ";
-   $output .= strftime($config->{'timeformat'},localtime($stat[9]));
-   $output .= " " x 10;
-   $output .= "".encode_entities($dir)."/";
-   $output .= " " x ($max_name_len - length($dir) - 1)."\t  (";
-   $output .= "Work with directory)\n";
+   next if($config->{'hide_dot_files'} && substr($dir,0,1) eq '.');
+   next unless(dos_wildcard_match($filter1,$dir));
+
+   $count++;
+
+   my $phys_path = $physical.'/'.$dir;
+   my $virt_path = multi_string($virtual.$dir.'/');
+
+   my @stat      = stat($phys_path);
+
+   my $dtpl = new Template;
+   $dtpl->read_file($config->{'templates'}->{'dirlist_dir'});
+
+   $dtpl->fillin('DIR',$virt_path->{'html'});
+   $dtpl->fillin('DIR_URL',$virt_path->{'url'});
+   $dtpl->fillin('DIR_NAME',encode_html($dir));
+   $dtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
+   $dtpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'}));
+
+   $dtpl->parse_if_block('forbidden',is_forbidden_file($config->{'forbidden'},$virt_path->{'normal'}));
+   $dtpl->parse_if_block('readable',-r $phys_path && -x $phys_path);
+   $dtpl->parse_if_block('users',$users && -o $phys_path);
+   $dtpl->parse_if_block('even',($count % 2) == 0);
+
+   $dirlist .= $dtpl->get_template;
   }
 
   # Files
 
   foreach my $file(@$files)
   {
-   my $phys_path = $physical."/".$file;
-   my $virt_path = encode_entities($virtual.$file);
+   next if($config->{'hide_dot_files'} && substr($file,0,1) eq '.');
+   next unless(dos_wildcard_match($filter1,$file));
 
-   my @stat      = stat($phys_path);
-   my $in_use    = $data->{'uselist'}->in_use($virtual.$file);
+   $count++;
 
-   $output .= " " x (10 - length($stat[7]));
-   $output .= $stat[7];
-   $output .= "  ";
-   $output .= strftime($config->{'timeformat'},localtime($stat[9]));
-   $output .= " " x 10;
-   $output .= encode_entities($file);
-   $output .= " " x ($max_name_len - length($file))."\t  (";
+   my $phys_path = $physical.'/'.$file;
+   my $virt_path = multi_string($virtual.$file);
 
-   # Link "View"
+   my @stat      = lstat($phys_path);
+   my $too_large = $config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'};
 
-   if(-r $phys_path && -T $phys_path)
-   {
-    $output .= "View";
-   }
-   else
-   {
-    $output .= 'fillin('FILE',$virt_path->{'html'});
+   $ftpl->fillin('FILE_URL',$virt_path->{'url'});
+   $ftpl->fillin('FILE_NAME',encode_html($file));
+   $ftpl->fillin('FILE_URL',$virt_path->{'url'});
+   $ftpl->fillin('SIZE',$stat[7]);
+   $ftpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
+   $ftpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'}));
 
-    $output .= '">View';
-   }
+   $ftpl->parse_if_block('link',-l $phys_path);
+   $ftpl->parse_if_block('readable',-r $phys_path);
+   $ftpl->parse_if_block('writeable',-w $phys_path);
+   $ftpl->parse_if_block('binary',-B $phys_path);
 
-   $output .= " | ";
+   $ftpl->parse_if_block('forbidden',is_forbidden_file($config->{'forbidden'},$virt_path->{'normal'}));
+   $ftpl->parse_if_block('viewable',(-r $phys_path && -T $phys_path && not $too_large) || -l $phys_path);
+   $ftpl->parse_if_block('editable',(-r $phys_path && -w $phys_path && -T $phys_path && not $too_large) && not -l $phys_path);
 
-   # Link "Edit"
+   $ftpl->parse_if_block('too_large',$config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'});
 
-   if(-w $phys_path && -r $phys_path && -T $phys_path && not $in_use)
-   {
-    $output .= "Edit";
-   }
-   else
-   {
-    $output .= 'parse_if_block('even',($count % 2) == 0);
 
-    $output .= '">Edit';
-   }
+   $dirlist .= $ftpl->get_template;
+  }
 
-   # Link "Do other stuff"
+  $tpl->read_file($config->{'templates'}->{'dirlist'});
 
-   $output .= " | Work with file)\n";
-  }
+  $tpl->fillin('DIRLIST',$dirlist);
+  $tpl->fillin('DIR',encode_html($virtual));
+  $tpl->fillin('DIR_URL',escape($virtual));
+  $tpl->fillin('SCRIPT',$script);
+  $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual)));
 
-  $output .= "
\n\n
\n\n"; - - # Bottom of directory listing - # (Fields for creating files and directories) - - $output .= < - -
- - -Create new directory: -$virtual -
- - -Create new file: -
- - -$virtual -
- - - -
-END - $output .= htmlfoot; + $tpl->fillin('FILTER',encode_html($filter2)); + $tpl->fillin('FILTER_URL',escape($filter2)); + + $tpl->parse_if_block('empty',$dirlist eq ''); + $tpl->parse_if_block('dir_writeable',-w $physical); + $tpl->parse_if_block('filter',$filter2); + $tpl->parse_if_block('gmt',$config->{'use_gmt'}); + } + elsif(-l $physical) + { + # Show the target of a symbolic link + + my $link_target = readlink($physical); + + $tpl->read_file($config->{'templates'}->{'viewlink'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',$upper_path->{'html'}); + $tpl->fillin('DIR_URL',$upper_path->{'url'}); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + $tpl->fillin('LINK_TARGET',encode_html($link_target)); } else { # View a file - return error("You have not enough permissions to view this file.",upper_path($virtual)) unless(-r $physical); + return error($config->{'errors'}->{'no_view'},$upper_path->{'normal'}) unless(-r $physical); # Check on binary files - # We have to do it in this way, or empty files - # will be recognized as binary files + # We have to do it in this way or empty files will be recognized + # as binary files - unless(-T $physical) - { - # Binary file + return error($config->{'errors'}->{'binary_file'},$upper_path->{'normal'}) unless(-T $physical); - return error("This editor is not able to view/edit binary files.",upper_path($virtual)); - } - else - { - # Text file + # Is the file too large? - $output = htmlhead("Contents of file ".encode_entities($virtual)); - $output .= equal_url($config->{'httproot'},$virtual); - $output .= dir_link($virtual); + return error($config->{'errors'}->{'file_too_large'},$upper_path->{'normal'},{SIZE => $config->{'max_file_size'}}) if($config->{'max_file_size'} && -s $physical > $config->{'max_file_size'}); - $output .= '
'."\n"; - $output .= '
'."\n";
-   $output .= encode_entities(${file_read($physical)});
-   $output .= "\n
\n
"; + # View the file - $output .= htmlfoot; - } + my $content = file_read($physical); + $$content =~ s/\015\012|\012|\015/\n/g; + + $tpl->read_file($config->{'templates'}->{'viewfile'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',$upper_path->{'html'}); + $tpl->fillin('DIR_URL',$upper_path->{'url'}); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + $tpl->parse_if_block('editable',-w $physical); + + $tpl->fillin('CONTENT',encode_html($$content)); } + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + return \$output; } @@ -273,70 +304,44 @@ sub exec_beginedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $uselist = $data->{'uselist'}; + my $dir = upper_path($virtual); - return error("You cannot edit directories.",upper_path($virtual)) if(-d $physical); - return error_in_use($virtual) if($uselist->in_use($virtual)); - return error("You have not enough permissions to edit this file.",upper_path($virtual)) unless(-r $physical && -w $physical); + return error($config->{'errors'}->{'link_edit'},$dir) if(-l $physical); + return error($config->{'errors'}->{'dir_edit'}, $dir) if(-d $physical); + return error($config->{'errors'}->{'no_edit'}, $dir) unless(-r $physical && -w $physical); # Check on binary files - unless(-T $physical) - { - # Binary file - - return error("This editor is not able to view/edit binary files.",upper_path($virtual)); - } - else - { - # Text file - - $uselist->add_file($virtual); - $uselist->save; - - my $dir = upper_path($virtual); - my $content = encode_entities(${file_read($physical)}); + return error($config->{'errors'}->{'binary_file'},$dir) unless(-T $physical); - my $equal_url = equal_url($config->{'httproot'},$virtual); + # Is the file too large? - $virtual = encode_entities($virtual); + return error($config->{'errors'}->{'file_too_large'},$dir,{SIZE => $config->{'max_file_size'}}) if($config->{'max_file_size'} && -s $physical > $config->{'max_file_size'}); - my $output = htmlhead("Edit file $virtual"); - $output .= $equal_url; - $output .= <Caution! This file is locked for other users while you are editing it. To unlock it, click Save and exit or Exit WITHOUT saving. Please don't click the Reload button in your browser! This will confuse the editor.

+ # Show the editing form -
- - -

-
+ my $content = file_read($physical); + my $md5sum = md5_hex($$content); + $$content =~ s/\015\012|\012|\015/\n/g; -
- - + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'editfile'}); - - - - - - - - - -
- - Save as new file: $dir Encode ISO-8859-1 special chars
+ $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + $tpl->fillin('MD5SUM',$md5sum); + $tpl->fillin('CONTENT',encode_html($$content)); - -
-END + $tpl->parse_if_block('error',0); - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - return \$output; - } + return \$output; } # exec_endedit() @@ -353,40 +358,117 @@ sub exec_endedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $content = $data->{'cgi'}->param('filecontent'); + my $dir = upper_path($virtual); + my $cgi = $data->{'cgi'}; + my $content = $cgi->param('filecontent'); + my $md5sum = $cgi->param('md5sum'); + my $output; - return error("You cannot edit directories.") if(-d $physical); - return error("You have not enough permissions to edit this file.",upper_path($virtual)) unless(-r $physical && -w $physical); + if(defined $content && $md5sum) + { + # Normalize newlines - # Normalize newlines + $content =~ s/\015\012|\012|\015/\n/g; - $content =~ s/\015\012|\012|\015/\n/g; + if($cgi->param('saveas') && $data->{'new_physical'} ne '' && $data->{'new_virtual'} ne '') + { + # Create the new filename - if($data->{'cgi'}->param('encode_iso')) - { - # Encode all ISO-8859-1 special chars + $physical = $data->{'new_physical'}; + $virtual = $data->{'new_virtual'}; + } - $content = encode_entities($content,"\200-\377"); - } + return error($config->{'errors'}->{'link_edit'},$dir) if(-l $physical); + return error($config->{'errors'}->{'dir_edit'},$dir) if(-d $physical); + return error($config->{'errors'}->{'no_edit'},$dir) if(-e $physical && !(-r $physical && -w $physical)); + return error($config->{'errors'}->{'text_to_binary'},$dir) if(-e $physical && not -T $physical); - if($data->{'cgi'}->param('saveas')) - { - # Create the new filename + # For technical reasons, we can't use file_save() for + # saving the file... - $physical = $data->{'new_physical'}; - $virtual = $data->{'new_virtual'}; - } + local *FILE; - if(file_save($physical,\$content)) - { - # Saving of the file was successful - so unlock it! + sysopen(FILE,$physical,O_RDWR | O_CREAT) or return error($config->{'errors'}->{'edit_failed'},$dir,{FILE => encode_html($virtual)}); + file_lock(*FILE,LOCK_EX) or do { close(FILE); return error($config->{'errors'}->{'edit_failed'},$dir,{FILE => encode_html($virtual)}) }; - return exec_unlock($data,$config); - } - else - { - return error("Saving of file '".encode_entities($virtual)."' failed'. The file could be damaged, please check it's integrity.",upper_path($virtual)); + my $md5 = new Digest::MD5; + $md5->addfile(*FILE); + + my $md5file = $md5->hexdigest; + my $md5data = md5_hex($content); + + if($md5file ne $md5sum && $md5data ne $md5file && not $cgi->param('saveas')) + { + # The file changed meanwhile + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'editfile'}); + + $tpl->fillin('ERROR',$config->{'errors'}->{'edit_file_changed'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + $tpl->fillin('MD5SUM',$md5file); + $tpl->fillin('CONTENT',encode_html($content)); + + $tpl->parse_if_block('error',1); + + my $data = header(-type => 'text/html'); + $data .= $tpl->get_template; + + $output = \$data; + } + else + { + if($md5data ne $md5file) + { + seek(FILE,0,0); + truncate(FILE,0); + + print FILE $content; + } + + $output = ($cgi->param('continue')) + ? devedit_reload({command => 'beginedit', file => $virtual}) + : devedit_reload({command => 'show', file => $dir}); + } + + close(FILE); + + return $output; } + + return devedit_reload({command => 'beginedit', file => $virtual}); +} + +# exec_download() +# +# Execute a HTTP download of a file +# +# Params: 1. Reference to user input hash +# 2. Reference to config hash +# +# Return: Output of the command (Scalar Reference) + +sub exec_download($$) +{ + my ($data,$config) = @_; + my $physical = $data->{'physical'}; + my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + + return return error($config->{'errors'}->{'no_download'},$dir,{FILE => $virtual}) if(-d $physical || -l $physical); + + my $filename = file_name($virtual); + + my $output = header(-type => 'application/octet-stream', -attachment => $filename); + $output .= ${ file_read($physical,1) }; + + return \$output; } # exec_mkfile() @@ -404,12 +486,36 @@ sub exec_mkfile($$) my $new_physical = $data->{'new_physical'}; my $new_virtual = $data->{'new_virtual'}; my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + $new_virtual = encode_html($new_virtual); - return error("A file or directory called '$new_virtual' already exists.",$dir) if(-e $new_physical); + if($new_physical) + { + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - file_create($new_physical) or return error("Could not create file '$new_virtual'.",$dir); - return devedit_reload({command => 'show', file => $dir}); + file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual}); + + if($data->{'cgi'}->param('edit')) + { + return devedit_reload({command => 'beginedit', file => $new_virtual}); + } + else + { + return devedit_reload({command => 'show', file => $dir}); + } + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkfile'}); + + $tpl->fillin('DIR','/'); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } # exec_mkdir() @@ -427,366 +533,708 @@ sub exec_mkdir($$) my $new_physical = $data->{'new_physical'}; my $new_virtual = $data->{'new_virtual'}; my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + $new_virtual = encode_html($new_virtual); + + if($new_physical) + { + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - return error("A file or directory called '$new_virtual' already exists.",$dir) if(-e $new_physical); + mkdir($new_physical,0777) or return error($config->{'errors'}->{'mkdir_failed'},$dir,{DIR => $new_virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkdir'}); - mkdir($new_physical,0777) or return error("Could not create directory '$new_virtual'.",$dir); - return devedit_reload({command => 'show', file => $dir}); + $tpl->fillin('DIR','/'); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } -# exec_workwithfile() +# exec_upload() # -# Display a form for renaming/copying/removing/unlocking a file +# Process a file upload # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_workwithfile($$) +sub exec_upload($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $unused = $data->{'uselist'}->unused($virtual); + my $cgi = $data->{'cgi'}; - my $dir = encode_entities(upper_path($virtual)); + return error($config->{'errors'}->{'no_directory'},upper_path($virtual),{FILE => encode_html($virtual)}) unless(-d $physical && not -l $physical); + return error($config->{'errors'}->{'dir_no_create'},$virtual,{DIR => encode_html($virtual)}) unless(-w $physical); - my $output = htmlhead("Work with file ".encode_entities($virtual)); - $output .= equal_url($config->{'httproot'},$virtual); + if(my $uploaded_file = $cgi->param('uploaded_file')) + { + if($cgi->param('remote_file')) + { + $uploaded_file = $cgi->param('remote_file'); + + $uploaded_file =~ s!/!!g; + $uploaded_file =~ s!\\!!g; + } + + # Process file upload + + my $filename = file_name($uploaded_file); + my $file_phys = $physical.'/'.$filename; + my $file_virt = encode_html($virtual.$filename); - $virtual = encode_entities($virtual); + if(-e $file_phys) + { + return error($config->{'errors'}->{'link_replace'},$virtual) if(-l $file_phys); + return error($config->{'errors'}->{'dir_replace'},$virtual) if(-d $file_phys); + return error($config->{'errors'}->{'exist_no_write'},$virtual,{FILE => $file_virt}) unless(-w $file_phys); + return error($config->{'errors'}->{'file_exists'},$virtual,{FILE => $file_virt}) unless($cgi->param('overwrite')); + } - $output .= dir_link($virtual); - $output .= "

Note: On UNIX systems, filenames are case-sensitive!

\n\n"; + my $ascii = $cgi->param('ascii'); + my $handle = $cgi->upload('uploaded_file'); - $output .= "

Someone else is currently editing this file. So not all features are available.

\n\n" unless($unused); + return error($config->{'errors'}->{'invalid_upload'},$virtual) unless($handle); - $output .= "
\n\n"; + # Read transferred file and write it to disk - # Copying of the file is always allowed - but we need read access + read($handle, my $data, -s $handle); + $data =~ s/\015\012|\012|\015/\n/g if($ascii); # Replace line separators if transferring in ASCII mode + file_save($file_phys,\$data,not $ascii) or return error($config->{'errors'}->{'mkfile_failed'},$virtual,{FILE => $file_virt}); - if(-r $physical) + return devedit_reload({command => 'show', file => $virtual}); + } + else { - $output .= <Copy + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'upload'}); -
- - -

Copy file '$virtual' to:
$dir

-
+ $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); -
+ my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; -END + return \$output; } +} - if($unused) - { - # File is not locked - # Allow renaming and deleting the file +# exec_copy() +# +# Copy a file and return to directory view +# +# Params: 1. Reference to user input hash +# 2. Reference to config hash +# +# Return: Output of the command (Scalar Reference) - $output .= <Move/rename +sub exec_copy($$) +{ + my ($data,$config) = @_; + my $physical = $data->{'physical'}; + my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + my $new_physical = $data->{'new_physical'}; -
- - -

Move/Rename file '$virtual' to:
$dir

-
+ return error($config->{'errors'}->{'link_copy'},$dir) if(-l $physical); + return error($config->{'errors'}->{'no_copy'},$dir) unless(-r $physical); -
+ if($new_physical) + { + my $new_virtual = multi_string($data->{'new_virtual'}); + my $new_dir = upper_path($new_virtual->{'normal'}); -

Remove

+ if(-d $physical) + { + return error($config->{'errors'}->{'no_copy'},$dir) unless(-x $physical); + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual->{'html'}}) if(-e $new_physical); + return error($config->{'errors'}->{'dir_copy_self'},$dir) if(index($new_virtual->{'normal'},$virtual) == 0); -

Click on the button below to remove the file '$virtual'.

+ dir_copy($physical,$new_physical) or return error($config->{'errors'}->{'copy_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } + else + { + if(-e $new_physical) + { + return error($config->{'errors'}->{'link_replace'},$new_dir) if(-l $new_physical); + return error($config->{'errors'}->{'dir_replace'},$new_dir) if(-d $new_physical); + return error($config->{'errors'}->{'exist_no_write'},$new_dir,{FILE => $new_virtual->{'html'}}) unless(-w $new_physical); + + if(not $data->{'cgi'}->param('confirmed')) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_replace'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('NEW_FILE',$new_virtual->{'html'}); + $tpl->fillin('NEW_FILENAME',file_name($new_virtual->{'html'})); + $tpl->fillin('NEW_DIR',encode_html($new_dir)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + + $tpl->fillin('COMMAND','copy'); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } -
- - -

-
-END + copy($physical,$new_physical) or return error($config->{'errors'}->{'copy_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } } else { - # File is locked - # Just display a button for unlocking it + if(-d $physical) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'copydir'}); - $output .= <Unlock file + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); -

Someone else is currently editing this file. At least, the file is marked so. Maybe, someone who was editing the file has forgotten to unlock it. In this case (and only in this case) you can unlock the file using this button:

+ my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; -
- - -

-
-END - } + return \$output; + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'copyfile'}); - $output .= "\n
"; - $output .= htmlfoot; + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - return \$output; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } } -# exec_workwithdir() +# exec_rename() # -# Display a form for renaming/removing a directory +# Rename/move a file and return to directory view # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_workwithdir($$) +sub exec_rename($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + my $new_physical = $data->{'new_physical'}; - my $dir = encode_entities(upper_path($virtual)); + return error($config->{'errors'}->{'rename_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'no_rename'},$dir) unless(-w upper_path($physical)); - my $output = htmlhead("Work with directory ".encode_entities($virtual)); - $output .= equal_url($config->{'httproot'},$virtual); + if($new_physical) + { + my $new_virtual = multi_string($data->{'new_virtual'}); + my $new_dir = upper_path($new_virtual->{'normal'}); - $virtual = encode_entities($virtual); + if(-e $new_physical) + { + return error($config->{'errors'}->{'dir_replace'},$new_dir) if(-d $new_physical && not -l $new_physical); + return error($config->{'errors'}->{'exist_no_write'},$new_dir,{FILE => $new_virtual}) unless(-w $new_physical); - $output .= dir_link($virtual); - $output .= "

Note: On UNIX systems, filenames are case-sensitive!

\n\n"; - $output .= "
\n\n"; + if(not $data->{'cgi'}->param('confirmed')) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_replace'}); - $output .= <Move/rename + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('NEW_FILE',$new_virtual->{'html'}); + $tpl->fillin('NEW_FILENAME',file_name($new_virtual->{'html'})); + $tpl->fillin('NEW_DIR',encode_html($new_dir)); + $tpl->fillin('DIR',encode_html($dir)); -
- - -

Move/Rename directory '$virtual' to: $dir

-
+ $tpl->fillin('COMMAND','rename'); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); -
+ my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; -

Remove

+ return \$output; + } + } -

Click on the button below to completely remove the directory '$virtual' and oll of it's files and sub directories.

+ move($physical,$new_physical) or return error($config->{'errors'}->{'rename_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'renamefile'}); -
- - -

-
-END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= "\n
"; - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - return \$output; + return \$output; + } } -# exec_copy() +# exec_remove() # -# Copy a file and return to directory view +# Remove a file or a directory and return to directory view # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_copy($$) +sub exec_remove($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; - my $virtual = encode_entities($data->{'virtual'}); - my $new_physical = $data->{'new_physical'}; - my $new_virtual = $data->{'new_virtual'}; - my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); - return error("This editor is not able to copy directories.") if(-d $physical); - return error("You have not enough permissions to copy this file.") unless(-r $physical); + return error($config->{'errors'}->{'remove_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'no_delete'},$dir) unless(-w upper_path($physical)); - if(-e $new_physical) + if(-d $physical && not -l $physical) { - if(-d $new_physical) + # Remove a directory + + if($data->{'cgi'}->param('confirmed')) { - return error("A directory called '$new_virtual' already exists. You cannot replace a directory by a file!",$dir); + rmtree($physical); + return devedit_reload({command => 'show', file => $dir}); } - elsif(not $data->{'cgi'}->param('confirmed')) + else { - $dir = encode_entities($dir); + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmdir'}); - my $output = htmlhead("Replace existing file"); - $output .= <<"END"; -

A file called '$new_virtual' already exists. Do you want to replace it?

+ $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('UPPER_DIR',encode_html($dir)); + $tpl->fillin('UPPER_DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); -
- - - - + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; -

-
+ return \$output; + } + } + else + { + # Remove a file -
- - + if($data->{'cgi'}->param('confirmed')) + { + unlink($physical) or return error($config->{'errors'}->{'delete_failed'},$dir,{FILE => $virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmfile'}); -

-
-END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; return \$output; } } - - if($data->{'uselist'}->in_use($data->{'new_virtual'})) - { - return error("The target file '$new_virtual' already exists and it is edited by someone else.",$dir); - } - - copy($physical,$new_physical) or return error("Could not copy '$virtual' to '$new_virtual'",upper_path($virtual)); - return devedit_reload({command => 'show', file => $dir}); } -# exec_rename() +# exec_remove_multi() # -# Rename/move a file and return to directory view +# Remove a file or a directory and return to directory view # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_rename($$) +sub exec_remove_multi($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $new_physical = $data->{'new_physical'}; - my $new_virtual = $data->{'new_virtual'}; - my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + my $cgi = $data->{'cgi'}; - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + my @files = $cgi->param('files');# + my @new_files; - if(-e $new_physical) + if(@files) { - return error("A file or directory called '$new_virtual' already exists and this editor is currently not able to ask to overwrite the existing file or directory.",upper_path($virtual)); + foreach my $file(@files) + { + # Filter out some "bad" files (e.g. files going up in the + # directory hierarchy or files containing slashes (it's too + # dangerous...) + + next if($file =~ m!^\.+$!); + next if($file =~ m!/!); + next if($file =~ m!\\!); + + push(@new_files,$file); + } } - rename($physical,$new_physical) or return error("Could not move/rename '".encode_entities($virtual)."' to '$new_virtual'.",upper_path($virtual)); - return devedit_reload({command => 'show', file => $dir}); -} + if(@new_files) + { + if($cgi->param('confirmed')) + { + my @success; + my @failed; -# exec_remove() -# -# Remove a file and return to directory view -# -# Params: 1. Reference to user input hash -# 2. Reference to config hash -# -# Return: Output of the command (Scalar Reference) + foreach my $file(@new_files) + { + my $file_path = clean_path($physical.'/'.$file); + + if(-e $file_path) + { + if(-d $file_path && not -l $file_path) + { + # Remove a directory + + if(rmtree($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + else + { + # Remove a file + + if(unlink($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + } + else + { + push(@failed,clean_path($file)); + } + } -sub exec_remove($$) -{ - my ($data,$config) = @_; - my $physical = $data->{'physical'}; - my $virtual = $data->{'virtual'}; + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'rmmulti'}); + + if(scalar(@success) > 0) + { + if(scalar(@success) == scalar(@new_files) && scalar(@failed) == 0) + { + return devedit_reload({command => 'show', file => $virtual}); + } + else + { + $tpl->parse_if_block('success',1); + + foreach my $file_success(@success) + { + $tpl->add_loop_data('SUCCESS',{FILE => encode_html($file_success), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file_success))}); + } + + $tpl->parse_loop('SUCCESS'); + } + } + else + { + $tpl->parse_if_block('success',0); + } + + if(scalar(@failed) > 0) + { + $tpl->parse_if_block('failed',1); + + foreach my $file_failed(@failed) + { + $tpl->add_loop_data('FAILED',{FILE => encode_html($file_failed), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file_failed))}); + } + + $tpl->parse_loop('FAILED'); + } + else + { + $tpl->parse_if_block('failed',0); + } + + + $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmmulti'}); + + foreach my $file(@new_files) + { + $tpl->add_loop_data('FILES',{FILE => encode_html($file), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file))}); + } + + $tpl->parse_loop('FILES'); + + $tpl->fillin('COUNT',scalar(@new_files)); - return exec_rmdir($data,$config) if(-d $physical); - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('SCRIPT',$script); - unlink($physical) or return error("Could not delete file '".encode_entities($virtual)."'.",upper_path($virtual)); - return devedit_reload({command => 'show', file => upper_path($virtual)}); + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } + else + { + return devedit_reload({command => 'show', file => $virtual}); + } } -# exec_rmdir() +# exec_chprop() # -# Remove a directory and return to directory view +# Change the mode and the group of a file or a directory # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_rmdir($$) +sub exec_chprop($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + + return error($config->{'errors'}->{'no_users'},$dir,{FILE => encode_html($virtual)}) unless($users); + return error($config->{'errors'}->{'chprop_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'not_owner'},$dir,{FILE => encode_html($virtual)}) unless(-o $physical); + return error($config->{'errors'}->{'chprop_link'},$dir) if(-l $physical); - return exec_remove($data,$config) if(not -d $physical); + my $cgi = $data->{'cgi'}; + my $mode = $cgi->param('mode'); + my $group = $cgi->param('group'); - if($data->{'cgi'}->param('confirmed')) + if($mode || $group) { - rmtree($physical); - return devedit_reload({command => 'show', file => upper_path($virtual)}); + if($mode) + { + # Change the mode + + return error($config->{'errors'}->{'invalid_mode'},$dir) unless($mode =~ /^[0-7]{3,}$/); + chmod(oct($mode),$physical); + } + + if($group) + { + # Change the group using the `chgrp` system command + + return error($config->{'errors'}->{'invalid_group'},$dir,{GROUP => encode_html($group)}) unless($group =~ /^[a-z0-9_]+[a-z0-9_-]*$/i); + system('chgrp',$group,$physical); + } + + return devedit_reload({command => 'show', file => $dir}); } else { - my $dir = encode_entities(upper_path($virtual)); - my $output; + # Display the form - $output = htmlhead("Remove directory $virtual"); - $output .= equal_url($config->{'httproot'},$virtual); + my @stat = stat($physical); + my $mode = $stat[2]; + my $gid = $stat[5]; - $virtual = encode_entities($virtual); + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'chprop'}); - $output .= dir_link($virtual); + # Insert file properties into the template - $output .= <<"END"; -

Do you really want to remove the directory '$virtual' and all of it's files and sub directories?

+ $tpl->fillin('MODE_OCTAL',substr(sprintf('%04o',$mode),-4)); + $tpl->fillin('MODE_STRING',mode_string($mode)); + $tpl->fillin('GID',$gid); -
- - - - -

-
+ if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } -
- - + # Insert other information -

-
-END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; return \$output; } } -# exec_unlock() +# exec_about() # -# Remove a file from the list of used files and -# return to directory view +# Display some information about Dev-Editor # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_unlock($$) +sub exec_about($$) { my ($data,$config) = @_; - my $virtual = $data->{'virtual'}; - my $uselist = $data->{'uselist'}; - $uselist->remove_file($virtual); - $uselist->save; + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'about'}); + + $tpl->fillin('SCRIPT',$script); + + # Dev-Editor's version number + + $tpl->fillin('VERSION',$data->{'version'}); + + # Some path information + + $tpl->fillin('SCRIPT_PHYS',encode_html($ENV{'SCRIPT_FILENAME'})); + $tpl->fillin('CONFIG_PATH',encode_html($data->{'configfile'})); + $tpl->fillin('FILE_ROOT', encode_html($config->{'fileroot'})); + $tpl->fillin('HTTP_ROOT', encode_html($config->{'httproot'})); + + # Perl + + $tpl->fillin('PERL_PROG',encode_html($^X)); + $tpl->fillin('PERL_VER', sprintf('%vd',$^V)); + + # Information about the server + + $tpl->fillin('HTTPD',encode_html($ENV{'SERVER_SOFTWARE'})); + $tpl->fillin('OS', encode_html($^O)); + $tpl->fillin('TIME', encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime : localtime))); + + $tpl->parse_if_block('gmt',$config->{'use_gmt'}); + + # Process information + + $tpl->fillin('PID',$$); + + # The following information is only available on systems supporting + # users and groups + + if($users) + { + # Dev-Editor is running on a system which allows users and groups + # So we display the user and the group of our process + + my $uid = POSIX::getuid; + my $gid = POSIX::getgid; + + $tpl->parse_if_block('users',1); + + # IDs of user and group + + $tpl->fillin('UID',$uid); + $tpl->fillin('GID',$gid); - return devedit_reload({command => 'show', file => upper_path($virtual)}); + # Names of user and group + + if(my $user = getpwuid($uid)) + { + $tpl->fillin('USER',encode_html($user)); + $tpl->parse_if_block('user_detected',1); + } + else + { + $tpl->parse_if_block('user_detected',0); + } + + if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } + + # Process umask + + $tpl->fillin('UMASK',sprintf('%04o',umask)); + } + else + { + $tpl->parse_if_block('users',0); + } + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; } # it's true, baby ;-)