X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/5a4bc87c675dd76627a0d413707139f2e0530eea..1ffd7f98c787b767995479114622399c6cb51801:/devedit.pl diff --git a/devedit.pl b/devedit.pl index a525ec0..eb03292 100644 --- a/devedit.pl +++ b/devedit.pl @@ -1,17 +1,18 @@ #!C:/Programme/Perl/bin/perl.exe -w # -# Dev-Editor 1.2 +# Dev-Editor 2.3 # # Dev-Editor's main program # -# Author: Patrick Canterino -# Last modified: 2004-01-16 +# Author: Patrick Canterino +# Last modified: 2005-01-06 # use strict; use CGI::Carp qw(fatalsToBrowser); +use vars qw($VERSION); use lib 'modules'; use CGI; @@ -22,11 +23,25 @@ use Command; use Output; use Tool; +$VERSION = '2.3'; + +# Path to configuration file +# Change if necessary! + use constant CONFIGFILE => 'devedit.dat'; # Read the configuration file my $config = read_config(CONFIGFILE); +error_template($config->{'templates'}->{'error'}); # Yes, I'm lazy... + +# Check if the root directory exists + +abort($config->{'errors'}->{'no_root_dir'}) unless(-d $config->{'fileroot'}); + +# Check if we are able to access the root directory + +abort($config->{'errors'}->{'no_root_access'}) unless(-r $config->{'fileroot'} && -x $config->{'fileroot'}); # Read the most important form data @@ -38,15 +53,14 @@ my $curdir = $cgi->param('curdir') || ''; my $newfile = $cgi->param('newfile') || ''; # Create physical and virtual path for the new file -# This section has to be optimized - ugh! my $new_physical = ''; my $new_virtual = ''; -if($newfile ne '') +if($newfile ne '' && $newfile !~ /^\s+$/) { $curdir = upper_path($file) if($curdir eq ''); - my $path = clean_path($curdir.$newfile); + my $path = $curdir.'/'.$newfile; # Extract file and directory name... @@ -55,27 +69,35 @@ if($newfile ne '') # ... check if the directory exists ... - unless(-d clean_path($config->{'fileroot'}."/".$dir)) + unless(-d clean_path($config->{'fileroot'}.'/'.$dir)) { - abort("The directory where you want to create this file or directory doesn't exist."); + abort($config->{'errors'}->{'dir_not_exist'},'/'); } # ... and check if the path is above the root directory unless(($new_physical,$new_virtual) = check_path($config->{'fileroot'},$dir)) { - abort("You aren't allowed to create files and directories above the virtual root directory."); + abort($config->{'errors'}->{'create_ar'},'/'); + } + + # Check if we have enough permissions to create a file + # in this directory + + unless(-r $new_physical && -w $new_physical && -x $new_physical) + { + abort($config->{'errors'}->{'dir_no_create'},'/',{DIR => $new_virtual}); } # Create the physical and the virtual path - $new_physical = File::Spec->canonpath($new_physical."/".$file); + $new_physical = File::Spec->canonpath($new_physical.'/'.$file); $new_virtual .= $file; } -# This check has to be performed first, or abs_path() will be confused +# This check has to be performed first or abs_path() will be confused -if(-e clean_path($config->{'fileroot'}."/".$file)) +if(-e clean_path($config->{'fileroot'}.'/'.$file)) { if(my ($physical,$virtual) = check_path($config->{'fileroot'},$file)) { @@ -85,32 +107,34 @@ if(-e clean_path($config->{'fileroot'}."/".$file)) lockfile => $config->{'lock_file'}, timeout => $config->{'lock_timeout'}); - $uselist->lock or abort("Locking of $config->{'uselist_file'} failed. Try it again in a moment. If the problem persists, ask someone to recreate the lock file ($config->{'lock_file'})."); + $uselist->lock or abort($config->{'errors'}->{'lock_failed'},undef,{USELIST => $uselist->{'listfile'}, LOCK_FILE => $uselist->{'lockfile'}}); $uselist->load; # Create a hash with data submitted by user - # (the CGI and the File::UseList object will also be included) + # (some other necessary information will also be included) my %data = (physical => $physical, virtual => $virtual, new_physical => $new_physical, new_virtual => $new_virtual, uselist => $uselist, - cgi => $cgi); + cgi => $cgi, + version => $VERSION, + configfile => CONFIGFILE); my $output = exec_command($command,\%data,$config); # Execute the command... $uselist->unlock; # ... unlock the list with files in use... - print $$output; # ... and print the output of the command + print $$output; # ... and show the output of the command } else { - abort("Accessing files and directories above the virtual root directory is forbidden."); + abort($config->{'errors'}->{'above_root'},'/'); } } else { - abort("File/directory does not exist."); + abort($config->{'errors'}->{'not_exist'},'/'); } #