X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/3e6b9e338fe5ea06b487202fe54217f2082cd13d..e0908395cdd9b40466f297055222545ab245ef95:/devedit.pl?ds=sidebyside diff --git a/devedit.pl b/devedit.pl index 42e1d40..3fd8641 100644 --- a/devedit.pl +++ b/devedit.pl @@ -1,38 +1,46 @@ #!C:/Programme/Perl/bin/perl.exe -w # -# Dev-Editor +# Dev-Editor 3.0 (CVS) # # Dev-Editor's main program # -# Author: Patrick Canterino -# Last modified: 09-22-2003 +# Author: Patrick Canterino +# Last modified: 2005-04-22 # use strict; use CGI::Carp qw(fatalsToBrowser); +use vars qw($VERSION); use lib 'modules'; use CGI; +use Config::DevEdit; + use Command; -use File::UseList; use Output; use Tool; -our $VERSION = '0.7'; +$VERSION = '3.0 (CVS)'; + +# Path to configuration file +# Change if necessary! + +use constant CONFIGFILE => 'devedit.conf'; + +# Read the configuration file -### Settings ### +my $config = read_config(CONFIGFILE); +error_template($config->{'templates'}->{'error'}); # Yes, I'm lazy... -our %config = ( - fileroot => 'D:/Server/WWW/Root', - httproot => '/', - uselist_file => 'uselist', - lock_file => 'uselist.lock', - lock_timeout => '10' - ); +# Check if the root directory exists -### End Settings ### +abort($config->{'errors'}->{'no_root_dir'}) unless(-d $config->{'fileroot'} && not -l $config->{'fileroot'}); + +# Check if we are able to access the root directory + +abort($config->{'errors'}->{'no_root_access'}) unless(-r $config->{'fileroot'} && -x $config->{'fileroot'}); # Read the most important form data @@ -40,66 +48,89 @@ my $cgi = new CGI; my $command = $cgi->param('command') || 'show'; my $file = $cgi->param('file') || '/'; +my $curdir = $cgi->param('curdir') || ''; +my $newfile = $cgi->param('newfile') || ''; + +# Create physical and virtual path for the new file -# This check has to be performed first, or abs_path() will be confused +my $new_physical = ''; +my $new_virtual = ''; -if(-e clean_path($config{'fileroot'}."/".$file)) +if($newfile ne '' && $newfile !~ /^\s+$/) { - if(my ($physical,$virtual) = check_path($config{'fileroot'},$file)) + $curdir = upper_path($file) if($curdir eq ''); + my $path = $curdir.'/'.$newfile; + + # Extract file and directory name... + + my $file = file_name($path); + my $dir = upper_path($path); + + # ... check if the directory exists ... + + my $temp_path = clean_path($config->{'fileroot'}.'/'.$dir); + + unless(-d $temp_path && not -l $temp_path) { - # Copied from old Dev-Editor (great idea) + abort($config->{'errors'}->{'dir_not_exist'},'/'); + } - my %dispatch = ('show' => \&exec_show, - 'beginedit' => \&exec_beginedit, - 'canceledit' => \&exec_unlock, - 'endedit' => \&exec_endedit, - # 'mkdir' => \&exec_mkdir, - # 'mkfile' => \&exec_mkfile, - 'workwithfile' => \&exec_workwithfile, - # 'copy' => \&exec_copy, - # 'rename' => \&exec_rename, - 'remove' => \&exec_remove, - 'unlock' => \&exec_unlock - ); + # ... and check if the path is above the root directory - # Create a File::UseList object and load the list + unless(($new_physical,$new_virtual) = check_path($config->{'fileroot'},$dir)) + { + abort($config->{'errors'}->{'create_above_root'},'/'); + } + + # Check if we have enough permissions to create a file + # in this directory + + unless(-r $new_physical && -w $new_physical && -x $new_physical) + { + abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => encode_html($new_virtual)}); + } - my $uselist = new File::UseList(listfile => $config{'uselist_file'}, - lockfile => $config{'lock_file'}, - timeout => $config{'lock_timeout'}); + # Create the physical and the virtual path - $uselist->lock or abort("Locking failed. Try it again in a moment. If the problem persists, ask someone to recreate the lockfile ($config{'lock_file'})."); - $uselist->load; + $new_physical = File::Spec->canonpath($new_physical.'/'.$file); + $new_virtual .= $file; +} + +# This check has to be performed first or abs_path() will be confused + +my $temp_path = clean_path($config->{'fileroot'}.'/'.$file); - # Create a hash with data submitted by user - # (the CGI and the File::UseList objects will also be included) +if(-e $temp_path || -l $temp_path) +{ + if(my ($physical,$virtual) = check_path($config->{'fileroot'},$file)) + { + # Create a hash containing data submitted by the user + # (some other necessary information are also included) my %data = (physical => $physical, virtual => $virtual, - new_physical => '', - new_virtual => '', - uselist => $uselist, - cgi => $cgi); + new_physical => $new_physical, + new_virtual => $new_virtual, + cgi => $cgi, + version => $VERSION, + configfile => CONFIGFILE); + + # Execute the command... - unless($dispatch{$command}) - { - $uselist->unlock; - abort("Unknown command: $command"); - } + my $output = exec_command($command,\%data,$config); - my $output = &{$dispatch{$command}}(\%data,\%config); # Execute the command... + # ... and show its output - $uselist->unlock; # ... unlock the list with used files... - print $$output; # ... and print the output of the command + print $$output; } else { - abort("Accessing files and directories above the virtual root directory is forbidden."); + abort($config->{'errors'}->{'above_root'},'/'); } } else { - abort("File/directory does not exist."); + abort($config->{'errors'}->{'not_found'},'/'); } #