X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/9aec369517b886b0afa3cdbe69160c34ec9731f2..6fbe54349efce55ed2950bbccfbdde543f75046a:/modules/Command.pm diff --git a/modules/Command.pm b/modules/Command.pm index 751392f..891b214 100644 --- a/modules/Command.pm +++ b/modules/Command.pm @@ -5,41 +5,76 @@ package Command; # # Execute Dev-Editor's commands # -# Author: Patrick Canterino <patshaping@gmx.net> -# Last modified: 2003-10-27 +# Author: Patrick Canterino <patrick@patshaping.de> +# Last modified: 2005-05-15 # use strict; -use vars qw(@EXPORT - $script); - -use CGI qw(redirect); +use vars qw(@EXPORT); +use Fcntl; use File::Access; use File::Copy; +use File::Path; -use HTML::Entities; -use Output; +use Digest::MD5 qw(md5_hex); use POSIX qw(strftime); use Tool; -$script = $ENV{'SCRIPT_NAME'}; +use CGI qw(header + escape); + +use Output; +use Template; + +my $script = encode_html($ENV{'SCRIPT_NAME'}); +my $users = eval('getpwuid(0)') && eval('getgrgid(0)'); + +my %dispatch = ('show' => \&exec_show, + 'beginedit' => \&exec_beginedit, + 'endedit' => \&exec_endedit, + 'mkdir' => \&exec_mkdir, + 'mkfile' => \&exec_mkfile, + 'upload' => \&exec_upload, + 'copy' => \&exec_copy, + 'rename' => \&exec_rename, + 'remove' => \&exec_remove, + 'chprop' => \&exec_chprop, + 'about' => \&exec_about + ); ### Export ### use base qw(Exporter); -@EXPORT = qw(exec_show - exec_beginedit - exec_endedit - exec_mkfile - exec_mkdir - exec_workwithfile - exec_copy - exec_rename - exec_remove - exec_unlock); +@EXPORT = qw(exec_command); + +# exec_command() +# +# Execute the specified command +# +# Params: 1. Command to execute +# 2. Reference to user input hash +# 3. Reference to config hash +# +# Return: Output of the command (Scalar Reference) + +sub exec_command($$$) +{ + my ($command,$data,$config) = @_; + + foreach(keys(%dispatch)) + { + if(lc($_) eq lc($command)) + { + my $output = &{$dispatch{$_}}($data,$config); + return $output; + } + } + + return error($config->{'errors'}->{'command_unknown'},'/',{COMMAND => encode_html($command)}); +} # exec_show() # @@ -50,157 +85,183 @@ use base qw(Exporter); # # Return: Output of the command (Scalar Reference) -sub exec_show($$$) +sub exec_show($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $output; + my $upper_path = multi_string(upper_path($virtual)); - if(-d $physical) + my $tpl = new Template; + + if(-d $physical && not -l $physical) { # Create directory listing + return error($config->{'errors'}->{'no_dir_access'},$upper_path->{'normal'}) unless(-r $physical && -x $physical); + my $direntries = dir_read($physical); - return error("Reading of directory $virtual failed") unless($direntries); + return error($config->{'errors'}->{'dir_read_failed'},$upper_path->{'normal'},{DIR => encode_html($virtual)}) unless($direntries); my $files = $direntries->{'files'}; my $dirs = $direntries->{'dirs'}; - $output .= htmlhead("Directory listing of $virtual"); - $output .= equal_url($config->{'httproot'},$virtual); - $output .= "<hr>\n\n<pre>\n"; + my $dirlist = ''; + + my $filter1 = $data->{'cgi'}->param('filter') || '*'; # The real wildcard + my $filter2 = ($filter1 && $filter1 ne '*') ? $filter1 : ''; # Wildcard for output # Create the link to the upper directory - # (only if we are not in the root directory) + # (only if the current directory is not the root directory) - unless($virtual eq "/") + unless($virtual eq '/') { - my $upper = $physical."/.."; - my @stat = stat($upper); - - $output .= " [SUBDIR] "; - $output .= strftime("%d.%m.%Y %H:%M",localtime($stat[9])); - $output .= " " x 10; - $output .= "<a href=\"$script?command=show&file=".encode_entities(upper_path($virtual))."\">../</a>\n"; - } + my @stat = stat($physical.'/..'); - # Get the length of the longest file/directory name + my $udtpl = new Template; + $udtpl->read_file($config->{'templates'}->{'dirlist_up'}); - my $max_name_len = 0; + $udtpl->fillin('UPPER_DIR',$upper_path->{'html'}); + $udtpl->fillin('UPPER_DIR_URL',$upper_path->{'url'}); + $udtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9])))); - foreach(@$dirs,@$files) - { - my $length = length($_); - $max_name_len = $length if($length > $max_name_len); + $dirlist .= $udtpl->get_template; } # Directories foreach my $dir(@$dirs) { - my @stat = stat($physical."/".$dir); + next unless(dos_wildcard_match($filter1,$dir)); - $output .= " "; - $output .= "[SUBDIR] "; - $output .= strftime($config->{'timeformat'},localtime($stat[9])); - $output .= " " x 10; - $output .= "<a href=\"$script?command=show&file=".encode_entities($virtual.$dir)."/\">".encode_entities($dir)."/</a>\n"; + my $phys_path = $physical.'/'.$dir; + my $virt_path = multi_string($virtual.$dir.'/'); + + my @stat = stat($phys_path); + + my $dtpl = new Template; + $dtpl->read_file($config->{'templates'}->{'dirlist_dir'}); + + $dtpl->fillin('DIR',$virt_path->{'html'}); + $dtpl->fillin('DIR_URL',$virt_path->{'url'}); + $dtpl->fillin('DIR_NAME',encode_html($dir)); + $dtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9])))); + $dtpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'})); + + $dtpl->parse_if_block('readable',-r $phys_path && -x $phys_path); + $dtpl->parse_if_block('users',$users && -o $phys_path); + + $dirlist .= $dtpl->get_template; } # Files foreach my $file(@$files) { - my $phys_path = $physical."/".$file; - my $virt_path = encode_entities($virtual.$file); + next unless(dos_wildcard_match($filter1,$file)); - my @stat = stat($phys_path); - my $in_use = $data->{'uselist'}->in_use($virtual.$file); + my $phys_path = $physical.'/'.$file; + my $virt_path = multi_string($virtual.$file); + + my @stat = lstat($phys_path); + my $too_large = $config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'}; - $output .= " " x (10 - length($stat[7])); - $output .= $stat[7]; - $output .= " "; - $output .= strftime($config->{'timeformat'},localtime($stat[9])); - $output .= ($in_use) ? " (IN USE) " : (not -T $phys_path) ? " (BINARY) " : " " x 10; - $output .= encode_entities($file); - $output .= " " x ($max_name_len - length($file))."\t ("; + my $ftpl = new Template; + $ftpl->read_file($config->{'templates'}->{'dirlist_file'}); - $output .= (-r $phys_path && -T $phys_path) - ? "<a href=\"$script?command=show&file=$virt_path\">View</a>" - : '<span style="color:#C0C0C0">View</span>'; + $ftpl->fillin('FILE',$virt_path->{'html'}); + $ftpl->fillin('FILE_URL',$virt_path->{'url'}); + $ftpl->fillin('FILE_NAME',encode_html($file)); + $ftpl->fillin('FILE_URL',$virt_path->{'url'}); + $ftpl->fillin('SIZE',$stat[7]); + $ftpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9])))); + $ftpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'})); - $output .= " | "; + $ftpl->parse_if_block('link',-l $phys_path); + $ftpl->parse_if_block('readable',-r $phys_path); + $ftpl->parse_if_block('writeable',-w $phys_path); + $ftpl->parse_if_block('binary',-B $phys_path); - $output .= (-w $phys_path && -r $phys_path && -T $phys_path && not $in_use) - ? "<a href=\"$script?command=beginedit&file=$virt_path\">Edit</a>" - : '<span style="color:#C0C0C0">Edit</span>'; + $ftpl->parse_if_block('viewable',(-r $phys_path && -T $phys_path && not $too_large) || -l $phys_path); + $ftpl->parse_if_block('editable',(-r $phys_path && -w $phys_path && -T $phys_path && not $too_large) && not -l $phys_path); - $output .= " | <a href=\"$script?command=workwithfile&file=$virt_path\">Do other stuff</a>)\n"; + $ftpl->parse_if_block('too_large',$config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'}); + + $ftpl->parse_if_block('users',$users && -o $phys_path); + + $dirlist .= $ftpl->get_template; } - $output .= "</pre>\n\n<hr>\n\n"; - - # Bottom of directory listing - # (Fields for creating files and directories) - - $output .= <<END; -<table border="0"> -<tr> -<form action="$script"> -<input type="hidden" name="command" value="mkdir"> -<input type="hidden" name="curdir" value="$virtual"> -<td>Create new directory:</td> -<td>$virtual <input type="text" name="newfile"> <input type="submit" value="Create!"></td> -</form> -</tr> -<tr> -<td>Create new file:</td> -<form action="$script"> -<input type="hidden" name="command" value="mkfile"> -<input type="hidden" name="curdir" value="$virtual"> -<td>$virtual <input type="text" name="newfile"> <input type="submit" value="Create!"></td> -</form> -</tr> -</table> - -<hr> -END - $output .= htmlfoot; + $tpl->read_file($config->{'templates'}->{'dirlist'}); + + $tpl->fillin('DIRLIST',$dirlist); + $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('SCRIPT',$script); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + + $tpl->fillin('FILTER',encode_html($filter2)); + $tpl->fillin('FILTER_URL',escape($filter2)); + + $tpl->parse_if_block('empty',$dirlist eq ''); + $tpl->parse_if_block('dir_writeable',-w $physical); + $tpl->parse_if_block('filter',$filter2); + $tpl->parse_if_block('gmt',$config->{'use_gmt'}); + } + elsif(-l $physical) + { + # Show the target of a symbolic link + + my $link_target = readlink($physical); + + $tpl->read_file($config->{'templates'}->{'viewlink'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',$upper_path->{'html'}); + $tpl->fillin('DIR_URL',$upper_path->{'url'}); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + $tpl->fillin('LINK_TARGET',encode_html($link_target)); } else { # View a file - return error("You have not enough permissions to view this file.") unless(-r $physical); + return error($config->{'errors'}->{'no_view'},$upper_path->{'normal'}) unless(-r $physical); # Check on binary files - # We have to do it in this way, or empty files - # will be recognized as binary files + # We have to do it in this way or empty files will be recognized + # as binary files - unless(-T $physical) - { - # Binary file + return error($config->{'errors'}->{'binary_file'},$upper_path->{'normal'}) unless(-T $physical); - return error("This editor is not able to view/edit binary files."); - } - else - { - # Text file + # Is the file too large? - $output = htmlhead("Contents of file ".encode_entities($virtual)); - $output .= equal_url($config->{'httproot'},$virtual); - $output .= dir_link($virtual); + return error($config->{'errors'}->{'file_too_large'},$upper_path->{'normal'},{SIZE => $config->{'max_file_size'}}) if($config->{'max_file_size'} && -s $physical > $config->{'max_file_size'}); - $output .= '<div style="background-color:#FFFFE0;border:1px solid black;margin-top:10px;width:100%">'."\n"; - $output .= '<pre style="color:#0000C0;">'."\n"; - $output .= encode_entities(${file_read($physical)}); - $output .= "\n</pre>\n</div>"; + # View the file - $output .= htmlfoot; - } + my $content = file_read($physical); + $$content =~ s/\015\012|\012|\015/\n/g; + + $tpl->read_file($config->{'templates'}->{'viewfile'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',$upper_path->{'html'}); + $tpl->fillin('DIR_URL',$upper_path->{'url'}); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + $tpl->parse_if_block('editable',-w $physical); + + $tpl->fillin('CONTENT',encode_html($$content)); } + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + return \$output; } @@ -218,70 +279,44 @@ sub exec_beginedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $uselist = $data->{'uselist'}; + my $dir = upper_path($virtual); - return error("You cannot edit directories.") if(-d $physical); - return error_in_use($virtual) if($uselist->in_use($virtual)); - return error("You have not enough permissions to edit this file.") unless(-r $physical && -w $physical); + return error($config->{'errors'}->{'link_edit'},$dir) if(-l $physical); + return error($config->{'errors'}->{'dir_edit'}, $dir) if(-d $physical); + return error($config->{'errors'}->{'no_edit'}, $dir) unless(-r $physical && -w $physical); # Check on binary files - unless(-T $physical) - { - # Binary file - - return error("This editor is not able to view/edit binary files."); - } - else - { - # Text file - - $uselist->add_file($virtual); - $uselist->save; + return error($config->{'errors'}->{'binary_file'},$dir) unless(-T $physical); - my $dir = upper_path($virtual); - my $content = encode_entities(${file_read($physical)}); + # Is the file too large? - my $equal_url = equal_url($config->{'httproot'},$virtual); + return error($config->{'errors'}->{'file_too_large'},$dir,{SIZE => $config->{'max_file_size'}}) if($config->{'max_file_size'} && -s $physical > $config->{'max_file_size'}); - $virtual = encode_entities($virtual); + # Show the editing form - my $output = htmlhead("Edit file $virtual"); - $output .= $equal_url; - $output .= <<END; -<p><b style="color:#FF0000">Caution!</b> This file is locked for other users while you are editing it. To unlock it, click <i>Save and exit</i> or <i>Exit WITHOUT saving</i>. Please <b>don't</b> click the <i>Reload</i> button in your browser! This will confuse the editor.</p> + my $content = file_read($physical); + my $md5sum = md5_hex($$content); + $$content =~ s/\015\012|\012|\015/\n/g; -<form action="$script" method="get"> -<input type="hidden" name="command" value="canceledit"> -<input type="hidden" name="file" value="$virtual"> -<p><input type="submit" value="Exit WITHOUT saving"></p> -</form> + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'editfile'}); -<form action="$script" method="post"> -<input type="hidden" name="command" value="endedit"> -<input type="hidden" name="file" value="$virtual"> + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); + $tpl->fillin('MD5SUM',$md5sum); + $tpl->fillin('CONTENT',encode_html($$content)); -<table width="100%" border="1"> -<tr> -<td width="50%" align="center"> -<input type="hidden" name="file" value="$virtual"> -<input type="checkbox" name="saveas" value="1"> Save as new file: $dir <input type=text name="newfile" value=""></td> -<td width="50%" align="center"><input type="checkbox" name="encode_iso" value="1"> Encode ISO-8859-1 special chars</td> -</tr> -<tr> -<td align="center"><input type="reset" value="Reset form"></td> -<td align="center"><input type="submit" value="Save and exit"></td> -</tr> -</table> + $tpl->parse_if_block('error',0); -<textarea name="filecontent" rows="25" cols="120">$content</textarea> -</form> -END + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - $output .= htmlfoot; - - return \$output; - } + return \$output; } # exec_endedit() @@ -298,40 +333,89 @@ sub exec_endedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $content = $data->{'cgi'}->param('filecontent'); + my $dir = upper_path($virtual); + my $cgi = $data->{'cgi'}; + my $content = $cgi->param('filecontent'); + my $md5sum = $cgi->param('md5sum'); + my $output; + + if(defined $content && $md5sum) + { + # Normalize newlines - return error("You cannot edit directories.") if(-d $physical); - return error("You have not enough permissions to edit this file.") unless(-r $physical && -w $physical); + $content =~ s/\015\012|\012|\015/\n/g; - # Normalize newlines + if($cgi->param('saveas') && $data->{'new_physical'} ne '' && $data->{'new_virtual'} ne '') + { + # Create the new filename - $content =~ s/\015\012|\012|\015/\n/g; + $physical = $data->{'new_physical'}; + $virtual = $data->{'new_virtual'}; + } - if($data->{'cgi'}->param('encode_iso')) - { - # Encode all ISO-8859-1 special chars + return error($config->{'errors'}->{'link_edit'},$dir) if(-l $physical); + return error($config->{'errors'}->{'dir_edit'},$dir) if(-d $physical); + return error($config->{'errors'}->{'no_edit'},$dir) if(-e $physical && !(-r $physical && -w $physical)); + return error($config->{'errors'}->{'text_to_binary'},$dir) if(-e $physical && not -T $physical); - $content = encode_entities($content,"\200-\377"); - } + # For technical reasons, we can't use file_save() for + # saving the file... - if($data->{'cgi'}->param('saveas')) - { - # Create the new filename + local *FILE; - $physical = $data->{'new_physical'}; - $virtual = $data->{'new_virtual'}; - } + sysopen(FILE,$physical,O_RDWR | O_CREAT) or return error($config->{'errors'}->{'edit_failed'},$dir,{FILE => $virtual}); + file_lock(*FILE,LOCK_EX) or do { close(FILE); return error($config->{'errors'}->{'edit_failed'},$dir,{FILE => $virtual}) }; - if(file_save($physical,\$content)) - { - # Saving of the file was successful - so unlock it! + my $md5 = new Digest::MD5; + $md5->addfile(*FILE); - return exec_unlock($data,$config); - } - else - { - return error("Saving of file '".encode_entities($virtual)."' failed'.",upper_path($virtual)); + my $md5file = $md5->hexdigest; + my $md5data = md5_hex($content); + + if($md5file ne $md5sum && $md5data ne $md5file && not $cgi->param('saveas')) + { + # The file changed meanwhile + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'editfile'}); + + $tpl->fillin('ERROR',$config->{'errors'}->{'edit_file_changed'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); + $tpl->fillin('MD5SUM',$md5file); + $tpl->fillin('CONTENT',encode_html($content)); + + $tpl->parse_if_block('error',1); + + my $data = header(-type => 'text/html'); + $data .= $tpl->get_template; + + $output = \$data; + } + else + { + if($md5data ne $md5file) + { + seek(FILE,0,0); + truncate(FILE,0); + + print FILE $content; + } + + $output = devedit_reload({command => 'show', file => $dir}); + } + + close(FILE); + + return $output; } + + return devedit_reload({command => 'beginedit', file => $virtual}); } # exec_mkfile() @@ -349,14 +433,28 @@ sub exec_mkfile($$) my $new_physical = $data->{'new_physical'}; my $new_virtual = $data->{'new_virtual'}; my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + $new_virtual = encode_html($new_virtual); - return error("A file or directory called '$new_virtual' already exists.",$dir) if(-e $new_physical); + if($new_physical) + { + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - file_create($new_physical) or return error("Could not create file '$new_virtual'.",$dir); + file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkfile'}); - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=$dir"); - return \$output; + $tpl->fillin('DIR','/'); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } # exec_mkdir() @@ -374,111 +472,93 @@ sub exec_mkdir($$) my $new_physical = $data->{'new_physical'}; my $new_virtual = $data->{'new_virtual'}; my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + $new_virtual = encode_html($new_virtual); - return error("A file or directory called '$new_virtual' already exists.",$dir) if(-e $new_physical); + if($new_physical) + { + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - mkdir($new_physical) or return error("Could not create directory '$new_virtual'.",$dir); + mkdir($new_physical,0777) or return error($config->{'errors'}->{'mkdir_failed'},$dir,{DIR => $new_virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkdir'}); - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=$dir"); - return \$output; + $tpl->fillin('DIR','/'); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } -# exec_workwithfile() +# exec_upload() # -# Display a form for renaming/copying/deleting/unlocking a file +# Process a file upload # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_workwithfile($$) +sub exec_upload($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $unused = $data->{'uselist'}->unused($virtual); - - my $dir = encode_entities(upper_path($virtual)); - - my $output = htmlhead("Work with file ".encode_entities($virtual)); - $output .= equal_url($config->{'httproot'},$virtual); - - $virtual = encode_entities($virtual); - - $output .= dir_link($virtual); - $output .= "<p><b>Note:</b> On UNIX systems, filenames are <b>case-sensitive</b>!</p>\n\n"; + my $cgi = $data->{'cgi'}; - $output .= "<p>Someone else is currently editing this file. So not all features are available.</p>\n\n" unless($unused); + return error($config->{'errors'}->{'no_directory'},upper_path($virtual),{FILE => $virtual}) unless(-d $physical && not -l $physical); + return error($config->{'errors'}->{'dir_no_create'},$virtual,{DIR => $virtual}) unless(-w $physical); - # Copying of the file as always allowed if we have read access - - if(-r $physical) + if(my $uploaded_file = $cgi->param('uploaded_file')) { - $output .= <<END; -<hr> - -<h2>Copy</h2> - -<form action="$script"> -<input type="hidden" name="command" value="copy"> -<input type="hidden" name="file" value="$virtual"> -<p>Copy file '$virtual' to: $dir <input type="text" name="newfile" size="50"> <input type="submit" value="Copy!"></p> -</form> - -<hr> + # Process file upload -END - } + my $filename = file_name($uploaded_file); + my $file_phys = $physical.'/'.$filename; + my $file_virt = encode_html($virtual.$filename); - if($unused) - { - # File is not locked - # Allow renaming and deleting the file + if(-e $file_phys) + { + return error($config->{'errors'}->{'link_replace'},$virtual) if(-l $file_phys); + return error($config->{'errors'}->{'dir_replace'},$virtual) if(-d $file_phys); + return error($config->{'errors'}->{'exist_no_write'},$virtual,{FILE => $file_virt}) unless(-w $file_phys); + return error($config->{'errors'}->{'file_exists'},$virtual,{FILE => $file_virt}) unless($cgi->param('overwrite')); + } - $output .= <<END; -<h2>Move/rename</h2> + my $ascii = $cgi->param('ascii'); + my $handle = $cgi->upload('uploaded_file'); -<form action="$script"> -<input type="hidden" name="command" value="rename"> -<input type="hidden" name="file" value="$virtual"> -<p>Move/Rename file '$virtual' to: $dir <input type="text" name="newfile" size="50"> <input type="submit" value="Move/Rename!"></p> -</form> + return error($config->{'errors'}->{'invalid_upload'},$virtual) unless($handle); -<hr> + # Read transferred file and write it to disk -<h2>Delete</h2> + read($handle, my $data, -s $handle); + $data =~ s/\015\012|\012|\015/\n/g if($ascii); # Replace line separators if transferring in ASCII mode + file_save($file_phys,\$data,not $ascii) or return error($config->{'errors'}->{'mkfile_failed'},$virtual,{FILE => $file_virt}); -<form action="$script" method="get"> -<input type="hidden" name="file" value="$virtual"> -<input type="hidden" name="command" value="remove"> -<p><input type="submit" value="Delete file '$virtual'!"></p> -</form> -END + return devedit_reload({command => 'show', file => $virtual}); } else { - # File is locked - # Just display a button for unlocking it + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'upload'}); - $output .= <<END; -<h2>Unlock file</h2> + $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); -<p>Someone else is currently editing this file. At least, the file is marked so. Maybe, someone who was editing the file has forgotten to unlock it. In this case (and <b>only</b> in this case) you can unlock the file using this button:</p> + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; -<form action="$script" method="get"> -<input type="hidden" name="file" value="$virtual"> -<input type="hidden" name="command" value="unlock"> -<p><input type="submit" value="Unlock file '$virtual'"></p> -</form> -END + return \$output; } - - $output .= "\n<hr>"; - $output .= htmlfoot; - - return \$output; } # exec_copy() @@ -494,24 +574,67 @@ sub exec_copy($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; - my $virtual = encode_entities($data->{'virtual'}); + my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); my $new_physical = $data->{'new_physical'}; - my $new_virtual = $data->{'new_virtual'}; - my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); - return error("This editor is not able to copy directories.") if(-d $physical); - return error("You have not enough permissions to copy this file.") unless(-r $physical); + return error($config->{'errors'}->{'link_copy'},$dir) if(-l $physical); + return error($config->{'errors'}->{'dir_copy'},$dir) if(-d $physical); + return error($config->{'errors'}->{'no_copy'},$dir) unless(-r $physical); - if(-e $new_physical) + if($new_physical) { - return error("A file or directory called '$new_virtual' already exists and this editor is currently not able to ask to overwrite the existing file or directory.",upper_path($virtual)); + my $new_virtual = multi_string($data->{'new_virtual'}); + my $new_dir = upper_path($new_virtual->{'normal'}); + + if(-e $new_physical) + { + return error($config->{'errors'}->{'link_replace'},$new_dir) if(-l $new_physical); + return error($config->{'errors'}->{'dir_replace'},$new_dir) if(-d $new_physical); + return error($config->{'errors'}->{'exist_no_write'},$new_dir,{FILE => $new_virtual->{'html'}}) unless(-w $new_physical); + + if(not $data->{'cgi'}->param('confirmed')) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_replace'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('NEW_FILE',$new_virtual->{'html'}); + $tpl->fillin('NEW_FILENAME',file_name($new_virtual->{'html'})); + $tpl->fillin('NEW_DIR',encode_html($new_dir)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + + $tpl->fillin('COMMAND','copy'); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } + + copy($physical,$new_physical) or return error($config->{'errors'}->{'copy_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'copyfile'}); - copy($physical,$new_physical) or return error("Could not copy '$virtual' to '$new_virtual'",upper_path($virtual)); + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},encode_html($virtual))); + $tpl->fillin('SCRIPT',$script); - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=$dir"); - return \$output; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } # exec_rename() @@ -528,27 +651,69 @@ sub exec_rename($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); my $new_physical = $data->{'new_physical'}; - my $new_virtual = $data->{'new_virtual'}; - my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + return error($config->{'errors'}->{'rename_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'no_rename'},$dir) unless(-w upper_path($physical)); - if(-e $new_physical) + if($new_physical) { - return error("A file or directory called '$new_virtual' already exists and this editor is currently not able to ask to overwrite the existing file or directory.",upper_path($virtual)); + my $new_virtual = $data->{'new_virtual'}; + my $new_dir = upper_path($new_virtual); + $new_virtual = encode_html($new_virtual); + + if(-e $new_physical) + { + return error($config->{'errors'}->{'dir_replace'},$new_dir) if(-d $new_physical && not -l $new_physical); + return error($config->{'errors'}->{'exist_no_write'},$new_dir,{FILE => $new_virtual}) unless(-w $new_physical); + + if(not $data->{'cgi'}->param('confirmed')) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_replace'}); + + $tpl->fillin('FILE',$virtual); + $tpl->fillin('NEW_FILE',$new_virtual); + $tpl->fillin('NEW_FILENAME',file_name($new_virtual)); + $tpl->fillin('NEW_DIR',$new_dir); + $tpl->fillin('DIR',$dir); + + $tpl->fillin('COMMAND','rename'); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } + + move($physical,$new_physical) or return error($config->{'errors'}->{'rename_failed'},$dir,{FILE => $virtual, NEW_FILE => $new_virtual}); + return devedit_reload({command => 'show', file => $new_dir}); } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'renamefile'}); - rename($physical,$new_physical) or return error("Could not move/rename '".encode_entities($virtual)."' to '$new_virtual'.",upper_path($virtual)); + $tpl->fillin('FILE',$virtual); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},$virtual)); + $tpl->fillin('SCRIPT',$script); - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=$dir"); - return \$output; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } } # exec_remove() # -# Remove a file and return to directory view +# Remove a file or a directory and return to directory view # # Params: 1. Reference to user input hash # 2. Reference to config hash @@ -560,36 +725,253 @@ sub exec_remove($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); - return error("Deleting directories is currently unsupported.") if(-d $physical); - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + return error($config->{'errors'}->{'remove_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'no_delete'},$dir) unless(-w upper_path($physical)); - unlink($physical) or return error("Could not delete file '".encode_entities($virtual)."'.",upper_path($virtual)); + if(-d $physical && not -l $physical) + { + # Remove a directory - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=".upper_path($virtual)); - return \$output; + if($data->{'cgi'}->param('confirmed')) + { + rmtree($physical); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmdir'}); + + $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('UPPER_DIR',encode_html($dir)); + $tpl->fillin('UPPER_DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},encode_html($virtual))); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } + else + { + # Remove a file + + if($data->{'cgi'}->param('confirmed')) + { + unlink($physical) or return error($config->{'errors'}->{'delete_failed'},$dir,{FILE => $virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmfile'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},encode_html($virtual))); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } } -# exec_unlock() +# exec_chprop() # -# Remove a file from the list of used files and -# return to directory view +# Change the mode and the group of a file or a directory # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_unlock($$) +sub exec_chprop($$) { my ($data,$config) = @_; + my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $uselist = $data->{'uselist'}; + my $dir = upper_path($virtual); + + return error($config->{'errors'}->{'no_users'},$dir,{FILE => encode_html($virtual)}) unless($users); + return error($config->{'errors'}->{'chprop_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'not_owner'},$dir,{FILE => encode_html($virtual)}) unless(-o $physical); + return error($config->{'errors'}->{'chprop_link'},$dir) if(-l $physical); + + my $cgi = $data->{'cgi'}; + my $mode = $cgi->param('mode'); + my $group = $cgi->param('group'); + + if($mode || $group) + { + if($mode) + { + # Change the mode + + return error($config->{'errors'}->{'invalid_mode'},$dir) unless($mode =~ /^[0-7]{3,}$/); + chmod(oct($mode),$physical); + } + + if($group) + { + # Change the group using the `chgrp` system command + + return error($config->{'errors'}->{'invalid_group'},$dir,{GROUP => encode_html($group)}) unless($group =~ /^[a-z0-9_]+[a-z0-9_-]*$/i); + system('chgrp',$group,$physical); + } + + return devedit_reload({command => 'show', file => $dir}); + } + else + { + # Display the form + + my @stat = stat($physical); + my $mode = $stat[2]; + my $gid = $stat[5]; + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'chprop'}); + + # Insert file properties into the template + + $tpl->fillin('MODE_OCTAL',substr(sprintf('%04o',$mode),-4)); + $tpl->fillin('MODE_STRING',mode_string($mode)); + $tpl->fillin('GID',$gid); + + if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } + + # Insert other information + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',equal_url($config->{'httproot'},encode_html($virtual))); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } +} + +# exec_about() +# +# Display some information about Dev-Editor +# +# Params: 1. Reference to user input hash +# 2. Reference to config hash +# +# Return: Output of the command (Scalar Reference) + +sub exec_about($$) +{ + my ($data,$config) = @_; + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'about'}); + + $tpl->fillin('SCRIPT',$script); + + # Dev-Editor's version number + + $tpl->fillin('VERSION',$data->{'version'}); + + # Some path information + + $tpl->fillin('SCRIPT_PHYS',encode_html($ENV{'SCRIPT_FILENAME'})); + $tpl->fillin('CONFIG_PATH',encode_html($data->{'configfile'})); + $tpl->fillin('FILE_ROOT', encode_html($config->{'fileroot'})); + $tpl->fillin('HTTP_ROOT', encode_html($config->{'httproot'})); + + # Perl + + $tpl->fillin('PERL_PROG',encode_html($^X)); + $tpl->fillin('PERL_VER', sprintf('%vd',$^V)); + + # Information about the server + + $tpl->fillin('HTTPD',encode_html($ENV{'SERVER_SOFTWARE'})); + $tpl->fillin('OS', encode_html($^O)); + $tpl->fillin('TIME', encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime : localtime))); + + $tpl->parse_if_block('gmt',$config->{'use_gmt'}); + + # Process information + + $tpl->fillin('PID',$$); + + # The following information is only available on systems supporting + # users and groups + + if($users) + { + # Dev-Editor is running on a system which allows users and groups + # So we display the user and the group of our process + + my $uid = POSIX::getuid; + my $gid = POSIX::getgid; + + $tpl->parse_if_block('users',1); + + # ID's of user and group + + $tpl->fillin('UID',$uid); + $tpl->fillin('GID',$gid); + + # Names of user and group + + if(my $user = getpwuid($uid)) + { + $tpl->fillin('USER',encode_html($user)); + $tpl->parse_if_block('user_detected',1); + } + else + { + $tpl->parse_if_block('user_detected',0); + } + + if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } + + # Process umask + + $tpl->fillin('UMASK',sprintf('%04o',umask)); + } + else + { + $tpl->parse_if_block('users',0); + } - $uselist->remove_file($virtual); - $uselist->save; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - my $output = redirect("http://$ENV{'HTTP_HOST'}$script?command=show&file=".upper_path($virtual)); return \$output; }