X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/4b1116ca47b6e19d147ca45b7ed359eea22b95ec..3ec59b333d0ac48bb1ae8c8a27e4d74626455203:/modules/Command.pm diff --git a/modules/Command.pm b/modules/Command.pm index 46798ee..abff136 100644 --- a/modules/Command.pm +++ b/modules/Command.pm @@ -6,7 +6,7 @@ package Command; # Execute Dev-Editor's commands # # Author: Patrick Canterino -# Last modified: 2004-08-29 +# Last modified: 2004-11-09 # use strict; @@ -97,8 +97,10 @@ sub exec_show($$) { # Create directory listing + return error($config->{'errors'}->{'no_dir_access'},upper_path($virtual)) unless(-r $physical && -x $physical); + my $direntries = dir_read($physical); - return error($config->{'dir_read_failed'},upper_path($virtual),{DIR => '$virtual'}) unless($direntries); + return error($config->{'dir_read_failed'},upper_path($virtual),{DIR => $virtual}) unless($direntries); my $files = $direntries->{'files'}; my $dirs = $direntries->{'dirs'}; @@ -125,9 +127,11 @@ sub exec_show($$) foreach my $dir(@$dirs) { - my @stat = stat($physical."/".$dir); + my $phys_path = $physical."/".$dir; my $virt_path = encode_entities($virtual.$dir."/"); + my @stat = stat($phys_path); + my $dtpl = new Template; $dtpl->read_file($config->{'templates'}->{'dirlist_dir'}); @@ -136,7 +140,8 @@ sub exec_show($$) $dtpl->fillin("DATE",strftime($config->{'timeformat'},localtime($stat[9]))); $dtpl->fillin("URL",equal_url($config->{'httproot'},$virt_path)); - $dtpl->parse_if_block("users",$users && -o $physical."/".$dir); + $dtpl->parse_if_block("readable",-r $phys_path && -x $phys_path); + $dtpl->parse_if_block("users",$users && -o $phys_path); $dirlist .= $dtpl->get_template; } @@ -222,9 +227,10 @@ sub exec_show($$) $tpl->fillin("DIR",upper_path($virtual)); $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); $tpl->fillin("SCRIPT",$script); - $tpl->fillin("CONTENT",encode_entities($$content)); $tpl->parse_if_block("editable",-r $physical && -w $physical && -T $physical && not ($config->{'max_file_size'} && $size > $config->{'max_file_size'}) && $uselist->unused($virtual)); + + $tpl->fillin("CONTENT",encode_entities($$content)); } } } @@ -270,7 +276,7 @@ sub exec_beginedit($$) return error($config->{'errors'}->{'file_too_large'},upper_path($virtual),{SIZE => $config->{'max_file_size'}}) } else - { + { # Text file $uselist->add_file($virtual); @@ -331,6 +337,14 @@ sub exec_endedit($$) my $content = $data->{'cgi'}->param('filecontent'); my $uselist = $data->{'uselist'}; + # We already unlock the file at the beginning of the + # subroutine, because if we have to abort this routine, + # the file keeps locked. + # Nobody else will access the file during this routine + # because of the concept of File::UseList. + + file_unlock($uselist,$virtual); + # Normalize newlines $content =~ s/\015\012|\012|\015/\n/g; @@ -342,7 +356,7 @@ sub exec_endedit($$) $content = encode_entities($content,"\200-\377"); } - if($data->{'cgi'}->param('saveas')) + if($data->{'cgi'}->param('saveas') && $data->{'new_physical'} ne '' && $data->{'new_virtual'} ne '') { # Create the new filename @@ -354,18 +368,14 @@ sub exec_endedit($$) return error($config->{'errors'}->{'in_use'},upper_path($virtual),{FILE => $virtual}) if($uselist->in_use($virtual)); } - return error($config->{'errors'}->{'editdir'},upper_path($virtual)) if(-d $physical); - return error($config->{'errors'}->{'noedit'}, upper_path($virtual)) unless(-r $physical && -w $physical); + return error($config->{'errors'}->{'text_to_binary'},upper_path($virtual)) unless(-T $physical); + return error($config->{'errors'}->{'editdir'},upper_path($virtual)) if(-d $physical); + return error($config->{'errors'}->{'noedit'}, upper_path($virtual)) if(-e $physical && !(-r $physical && -w $physical)); if(file_save($physical,\$content)) { # Saving of the file was successful - so unlock it! - file_unlock($uselist,$data->{'virtual'}); - # ^^^^^^^^^^^^^^^^^^ - # Maybe the user saved the file using another filename... - # But we have to unlock the original file! - return devedit_reload({command => 'show', file => upper_path($virtual)}); } else @@ -528,7 +538,8 @@ sub exec_copy($$) my $virtual = encode_entities($data->{'virtual'}); my $new_physical = $data->{'new_physical'}; - return error($config->{'errors'}->{'nocopy'}) unless(-r $physical); + return error($config->{'errors'}->{'dircopy'}) if(-d $physical); + return error($config->{'errors'}->{'nocopy'}) unless(-r $physical); if($new_physical) { @@ -542,7 +553,7 @@ sub exec_copy($$) if(-d $new_physical) { - return error($config->{'errors'}->{'dircopy'}); + return error($config->{'errors'}->{'dir_replace'},$dir); } elsif(not $data->{'cgi'}->param('confirmed')) { @@ -617,7 +628,7 @@ sub exec_rename($$) if(-d $new_physical) { - return error($config->{'errors'}->{'dircopy'}); + return error($config->{'errors'}->{'dir_replace'},$dir); } elsif(not $data->{'cgi'}->param('confirmed')) { @@ -766,7 +777,11 @@ sub exec_chprop($$) chmod($oct_mode,$physical); } - chgrp($group,$physical) if($group); + if($group) + { + return error($config->{'errors'}->{'invalid_group'},$dir,{GROUP => $group}) unless($group =~ /^[a-z0-9_]+[a-z0-9_-]*$/i); + system("chgrp",$group,$physical); + } return devedit_reload({command => 'show', file => $dir}); } @@ -823,10 +838,13 @@ sub exec_unlock($$) { my ($data,$config) = @_; my $virtual = $data->{'virtual'}; + my $uselist = $data->{'uselist'}; + + return devedit_reload({command => 'show', file => upper_path($virtual)}) if($uselist->unused($virtual)); if($data->{'cgi'}->param('confirmed')) { - file_unlock($data->{'uselist'},$virtual); + file_unlock($uselist,$virtual); return devedit_reload({command => 'show', file => upper_path($virtual)}); } else @@ -897,17 +915,24 @@ sub exec_about($$) # Dev-Editor is running on a system which allows users and groups # So we display the user and the group of our process + my $uid = POSIX::getuid; + my $gid = POSIX::getgid; + $tpl->parse_if_block("users",1); # ID's of user and group - $tpl->fillin("UID",$<); - $tpl->fillin("GID",$(); + $tpl->fillin("UID",$uid); + $tpl->fillin("GID",$gid); # Names of user and group - $tpl->fillin("USER",getpwuid($<)); - $tpl->fillin("GROUP",getgrgid($()); + $tpl->fillin("USER",getpwuid($uid)); + $tpl->fillin("GROUP",getgrgid($gid)); + + # Process umask + + $tpl->fillin("UMASK",sprintf("%04o",umask)); } else {