X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/0fb9dcffcc2a1be81de150bae084e195c5f66658..ce10babcb8d07587e9bf95496e22e9b4e801f207:/modules/Tool.pm diff --git a/modules/Tool.pm b/modules/Tool.pm index 0b1159d..3ef4a10 100644 --- a/modules/Tool.pm +++ b/modules/Tool.pm @@ -6,7 +6,7 @@ package Tool; # Some shared sub routines # # Author: Patrick Canterino -# Last modified: 2005-01-07 +# Last modified: 2005-07-23 # use strict; @@ -29,9 +29,12 @@ use base qw(Exporter); clean_path devedit_reload dos_wildcard_match + encode_html equal_url file_name + is_forbidden_file mode_string + multi_string upper_path); # check_path() @@ -61,36 +64,18 @@ sub check_path($$) # We extract the last part of the path and create the absolute path my $first = upper_path($path); + $first = File::Spec->canonpath($first); $first = abs_path($first); my $last = file_name($path); - $last = '' if($last eq '.'); - if($last eq '..') + if(-d $first.'/'.$last && (not -l $first.'/'.$last) && -r $first.'/'.$last && -x $first.'/'.$last) { - $first = upper_path($first); + $first = abs_path($first.'/'.$last); $last = ''; } - elsif($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!) - { - # Windows allows to go upwards in a path using things like - # "..." and "...." and so on - - for(my $x=0;$xcanonpath($first); - $path = File::Spec->canonpath($path); + $path = File::Spec->canonpath($first.'/'.$last); # Check if the path is above the root directory @@ -101,7 +86,7 @@ sub check_path($$) my $short_path = substr($path,length($root)); $short_path =~ tr!\\!/!; $short_path = '/'.$short_path if($short_path !~ m!^/!); - $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path); + $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path && not -l $path); return ($path,$short_path); } @@ -207,6 +192,26 @@ sub dos_wildcard_match($$) return ($string =~ m|^$pattern$|is); } +# encode_html() +# +# Encode HTML control characters (< > " &) +# +# Params: String to encode +# +# Return: Encoded string + +sub encode_html($) +{ + my $string = shift; + + $string =~ s/&/&/g; + $string =~ s//>/g; + $string =~ s/"/"/g; + + return $string; +} + # equal_url() # # Create URL equal to a file or directory @@ -241,7 +246,7 @@ sub file_name($) my $path = shift; $path =~ tr!\\!/!; - unless($path eq '/') + unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i)) { $path =~ s!/+$!!; $path = substr($path,rindex($path,'/')+1); @@ -250,6 +255,29 @@ sub file_name($) return $path; } +# is_forbidden_file() +# +# Check if a file is in the list of forbidden files +# +# Params: 1. Array Reference containing the list +# 2. Filename to check +# +# Return: Status code (Boolean) + +sub is_forbidden_file($$) +{ + my ($list,$file) = @_; + $file =~ s!/+$!!g; + + foreach my $entry(@$list) + { + return 1 if($file eq $entry); + return 1 if(index($file,$entry.'/') == 0); + } + + return; +} + # mode_string() # # Convert a file mode number into a human readable string (rwxr-x-r-x) @@ -288,9 +316,33 @@ sub mode_string($) return $string; } +# multi_string() +# +# Create a Hash Reference containing three forms of a string +# +# Params: String +# +# Return: Hash Reference: +# normal => Normal form of the string +# html => HTML encoded form (see encode_html()) +# url => URL encoded form + +sub multi_string($) +{ + my $string = shift; + my %multi; + + $multi{'normal'} = $string; + $multi{'html'} = encode_html($string); + $multi{'url'} = escape($string); + + return \%multi; +} + # upper_path() # -# Cut away the last part of a path +# Remove the last part of a path +# (the resulting path contains a trailing slash) # # Params: Path # @@ -301,7 +353,7 @@ sub upper_path($) my $path = shift; $path =~ tr!\\!/!; - unless($path eq '/') + unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i)) { $path =~ s!/+$!!; $path = substr($path,0,rindex($path,'/')+1);