X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/3e6b9e338fe5ea06b487202fe54217f2082cd13d..e5974d592e46bd102cecca71449431d01afdc1fa:/modules/Tool.pm?ds=sidebyside diff --git a/modules/Tool.pm b/modules/Tool.pm index 47b73e6..b143dcb 100644 --- a/modules/Tool.pm +++ b/modules/Tool.pm @@ -5,18 +5,28 @@ package Tool; # # Some shared sub routines # -# Author: Patrick Canterino -# Last modified: 09-22-2003 +# Author: Patrick Canterino +# Last modified: 2008-04-25 +# +# Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann +# Copyright (C) 2003-2009 Patrick Canterino +# All Rights Reserved. +# +# This file can be distributed and/or modified under the terms of +# of the Artistic License 1.0 (see also the LICENSE file found at +# the top level of the Dev-Editor distribution). # use strict; use vars qw(@EXPORT); -use Carp qw(croak); +use CGI qw(redirect + escape + virtual_host + https); use Cwd qw(abs_path); -use File::Basename; use File::Spec; ### Export ### @@ -25,12 +35,19 @@ use base qw(Exporter); @EXPORT = qw(check_path clean_path - filemode + devedit_reload + dos_wildcard_match + encode_html + equal_url + file_name + is_forbidden_file + mode_string + multi_string upper_path); # check_path() # -# Check, if a virtual path is above a virtual root directory +# Check if a virtual path is above a virtual root directory # (currently no check if the path exists - check otherwise!) # # Params: 1. Virtual root directory @@ -48,43 +65,38 @@ sub check_path($$) $root = abs_path($root); $root = File::Spec->canonpath($root); - $path =~ s!^/{1}!!; - $path = $root."/".$path; - - unless(-d $path) - { - # The path points to a file - # We have to extract the directory name and create the absolute path + $path =~ tr!\\!/!; + $path =~ s!^/+!!; + $path = $root.'/'.$path; - my @pathinfo = fileparse($path); + # We extract the last part of the path and create the absolute path - # This is only to avoid errors + my $first = upper_path($path); + $first = File::Spec->canonpath($first); + $first = abs_path($first); - my $basename = $pathinfo[0] || ''; - my $dir = $pathinfo[1] || ''; - my $ext = $pathinfo[2] || ''; + my $last = file_name($path); + $last = '' if($last eq '.'); - $dir = abs_path($dir); - - $path = $dir."/".$basename.$ext; - } - else + if($last eq '..' || ($^O eq 'MSWin32' && $last =~ m!^\.\.\.+$!)) { - $path = abs_path($path); + $first = abs_path($first.'/'.$last); + $last = ''; } - $path = File::Spec->canonpath($path); + $path = File::Spec->canonpath($first.'/'.$last); # Check if the path is above the root directory - return if(index($path,$root) == -1); + return if(index($path,$root) != 0); + return if(substr($path,length($root)) && not File::Spec->file_name_is_absolute(substr($path,length($root)))); # Create short path name my $short_path = substr($path,length($root)); - $short_path =~ tr!\\!\/!; - $short_path = "/".$short_path unless($short_path =~ m!^/!); - $short_path = $short_path."/" if($short_path !~ m!/$! && -d $path); + $short_path =~ tr!\\!/!; + $short_path = '/'.$short_path if($short_path !~ m!^/!); + $short_path = $short_path.'/' if($short_path !~ m!/$! && -d $path && not -l $path); return ($path,$short_path); } @@ -107,42 +119,242 @@ sub clean_path($) return $path; } -# filemode() +# devedit_reload() # -# Creates a readable string of a UNIX filemode number -# (copied from Tool.pm of Dev-Editor 0.1.4) +# Create a HTTP redirection header to load Dev-Editor +# with some other parameters # -# Params: Filemode as number +# Params: Hash Reference (will be merged to a query string) +# (optional) # -# Return: Filemode as readable string +# Return: HTTP redirection header (Scalar Reference) -sub filemode($) +sub devedit_reload(;$) { - my ($modestring, $ur, $uw, $ux, $gr, $gw, $gx, $or, $ow, $ox); - my $mode = shift; - - $ur = ($mode & 0400) ? "r" : "-"; # User Read - $uw = ($mode & 0200) ? "w" : "-"; # User Write - $ux = ($mode & 0100) ? "x" : "-"; # User eXecute - $gr = ($mode & 0040) ? "r" : "-"; # Group Read - $gw = ($mode & 0020) ? "w" : "-"; # Group Write - $gx = ($mode & 0010) ? "x" : "-"; # Group eXecute - $or = ($mode & 0004) ? "r" : "-"; # Other Read - $ow = ($mode & 0002) ? "w" : "-"; # Other Write - $ox = ($mode & 0001) ? "x" : "-"; # Other eXecute - - # build a readable mode string (rwxrwxrwx) - return $ur . $uw . $ux . $gr . $gw . $gx . $or . $ow . $ox; + my $params = shift; + + # Detect the protocol (simple HTTP or SSL encrypted HTTP) + # and check if the server listens on the default port + + my $protocol = ''; + my $port = ''; + + if(https) + { + # SSL encrypted HTTP (HTTPS) + + $protocol = 'https'; + $port = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 443); + } + else + { + # Simple HTTP + + $protocol = 'http'; + $port = ':'.$ENV{'SERVER_PORT'} if($ENV{'SERVER_PORT'} != 80); + } + + # The following code is grabbed from Template::_query of + # Andre Malo's selfforum (http://sourceforge.net/projects/selfforum/) + # and modified by Patrick Canterino + + my $query = ''; + + if(ref($params) eq 'HASH') + { + $query = '?'.join ('&' => + map { + (ref) + ? map{escape ($_).'='.escape ($params -> {$_})} @{$params -> {$_}} + : escape ($_).'='.escape ($params -> {$_}) + } keys %$params + ); + } + + # Create the redirection header + + my $header = redirect($protocol.'://'.virtual_host.$port.$ENV{'SCRIPT_NAME'}.$query); + + return \$header; } -# upper_path() +# dos_wildcard_match() +# +# Check if a string matches against a DOS-style wildcard # -# Truncate a path in one of the following ways: +# Params: 1. Pattern +# 2. String +# +# Return: Status code (Boolean) + +sub dos_wildcard_match($$) +{ + my ($pattern,$string) = @_; + + return 1 if($pattern eq '*'); + + # The following part is stolen from File::DosGlob + + # escape regex metachars but not glob chars + $pattern =~ s:([].+^\-\${}[|]):\\$1:g; + # and convert DOS-style wildcards to regex + $pattern =~ s/\*/.*/g; + $pattern =~ s/\?/.?/g; + + return ($string =~ m|^$pattern$|is); +} + +# encode_html() +# +# Encode HTML control characters (< > " &) +# +# Params: String to encode +# +# Return: Encoded string + +sub encode_html($) +{ + my $string = shift; + + $string =~ s/&/&/g; + $string =~ s//>/g; + $string =~ s/"/"/g; + + return $string; +} + +# equal_url() +# +# Create URL equal to a file or directory +# +# Params: 1. HTTP root +# 2. Relative path +# +# Return: Formatted link (String) + +sub equal_url($$) +{ + my ($root,$path) = @_; + my $url; + + $root =~ s!/+$!!; + $path =~ s!^/+!!; + $url = $root.'/'.$path; + + return $url; +} + +# file_name() +# +# Return the last part of a path +# +# Params: Path +# +# Return: Last part of the path + +sub file_name($) +{ + my $path = shift; + $path =~ tr!\\!/!; + + unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i)) + { + $path =~ s!/+$!!; + $path = substr($path,rindex($path,'/')+1); + } + + return $path; +} + +# is_forbidden_file() +# +# Check if a file is in the list of forbidden files +# +# Params: 1. Array Reference containing the list +# 2. Filename to check +# +# Return: Status code (Boolean) + +sub is_forbidden_file($$) +{ + my ($list,$file) = @_; + $file =~ s!/+$!!g; + + foreach my $entry(@$list) + { + return 1 if($file eq $entry); + return 1 if(index($file,$entry.'/') == 0); + } + + return; +} + +# mode_string() +# +# Convert a file mode number into a human readable string (rwxr-x-r-x) +# (also supports SetUID, SetGID and Sticky Bit) +# +# Params: File mode number +# +# Return: Human readable mode string + +sub mode_string($) +{ + my $mode = shift; + my $string = ''; + + # User + + $string = ($mode & 00400) ? 'r' : '-'; + $string .= ($mode & 00200) ? 'w' : '-'; + $string .= ($mode & 00100) ? (($mode & 04000) ? 's' : 'x') : + ($mode & 04000) ? 'S' : '-'; + + # Group + + $string .= ($mode & 00040) ? 'r' : '-'; + $string .= ($mode & 00020) ? 'w' : '-'; + $string .= ($mode & 00010) ? (($mode & 02000) ? 's' : 'x') : + ($mode & 02000) ? 'S' : '-'; + + # Other + + $string .= ($mode & 00004) ? 'r' : '-'; + $string .= ($mode & 00002) ? 'w' : '-'; + $string .= ($mode & 00001) ? (($mode & 01000) ? 't' : 'x') : + ($mode & 01000) ? 'T' : '-'; + + return $string; +} + +# multi_string() +# +# Create a Hash Reference containing three forms of a string +# +# Params: String +# +# Return: Hash Reference: +# normal => Normal form of the string +# html => HTML encoded form (see encode_html()) +# url => URL encoded form + +sub multi_string($) +{ + my $string = shift; + my %multi; + + $multi{'normal'} = $string; + $multi{'html'} = encode_html($string); + $multi{'url'} = escape($string); + + return \%multi; +} + +# upper_path() # -# - If the path points to a directory, the upper directory -# will be returned. -# - If the path points to a file, the directory containing -# the file will be returned. +# Remove the last part of a path +# (the resulting path contains a trailing slash) # # Params: Path # @@ -153,11 +365,10 @@ sub upper_path($) my $path = shift; $path =~ tr!\\!/!; - unless($path eq "/") + unless($path =~ m!^/+$! || ($^O eq 'MSWin32' && $path =~ m!^[a-z]:/+$!i)) { - $path = substr($path,0,-1) if($path =~ m!/$!); - $path = substr($path,0,rindex($path,"/")); - $path = $path."/"; + $path =~ s!/+$!!; + $path = substr($path,0,rindex($path,'/')+1); } return $path;