X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/9ba648e57a6e37366c685326c9997c3e643ce1ef..90f85fa0a6322d4c28787db73a2e90efd3b0718c:/modules/Command.pm
diff --git a/modules/Command.pm b/modules/Command.pm
index 6b413d0..f14a038 100644
--- a/modules/Command.pm
+++ b/modules/Command.pm
@@ -5,38 +5,52 @@ package Command;
#
# Execute Dev-Editor's commands
#
-# Author: Patrick Canterino
\n\n\n";
+ my $dirlist = '';
+
+ my $count = 0;
+
+ my $filter1 = $data->{'cgi'}->param('filter') || '*'; # The real wildcard
+ my $filter2 = ($filter1 && $filter1 ne '*') ? $filter1 : ''; # Wildcard for output
# Create the link to the upper directory
- # (only if we are not in the root directory)
+ # (only if the current directory is not the root directory)
- unless($virtual eq "/")
+ unless($virtual eq '/')
{
- my $upper = $physical."/..";
- my @stat = stat($upper);
+ $count++;
- $output .= " [SUBDIR] ";
- $output .= strftime("%d.%m.%Y %H:%M",localtime($stat[9]));
- $output .= " " x 10;
- $output .= "../\n";
- }
+ my @stat = stat($physical.'/..');
- # Get the length of the longest file/directory name
+ my $udtpl = new Template;
+ $udtpl->read_file($config->{'templates'}->{'dirlist_up'});
- my $max_name_len = 0;
+ $udtpl->fillin('UPPER_DIR',$upper_path->{'html'});
+ $udtpl->fillin('UPPER_DIR_URL',$upper_path->{'url'});
+ $udtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
- foreach(@$dirs,@$files)
- {
- my $length = length($_);
- $max_name_len = $length if($length > $max_name_len);
+ $dirlist .= $udtpl->get_template;
}
# Directories
foreach my $dir(@$dirs)
{
- my @stat = stat($physical."/".$dir);
- my $virt_path = encode_entities($virtual.$dir."/");
-
- $output .= " ";
- $output .= "[SUBDIR] ";
- $output .= strftime($config->{'timeformat'},localtime($stat[9]));
- $output .= " " x 10;
- $output .= "".encode_entities($dir)."/";
- $output .= " " x ($max_name_len - length($dir) - 1)."\t (";
- $output .= "Work with directory)\n";
+ next if($config->{'hide_dot_files'} && substr($dir,0,1) eq '.');
+ next unless(dos_wildcard_match($filter1,$dir));
+
+ $count++;
+
+ my $phys_path = $physical.'/'.$dir;
+ my $virt_path = multi_string($virtual.$dir.'/');
+
+ my @stat = stat($phys_path);
+
+ my $dtpl = new Template;
+ $dtpl->read_file($config->{'templates'}->{'dirlist_dir'});
+
+ $dtpl->fillin('DIR',$virt_path->{'html'});
+ $dtpl->fillin('DIR_URL',$virt_path->{'url'});
+ $dtpl->fillin('DIR_NAME',encode_html($dir));
+ $dtpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
+ $dtpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'}));
+
+ $dtpl->parse_if_block('forbidden',is_forbidden_file($config->{'forbidden'},$virt_path->{'normal'}));
+ $dtpl->parse_if_block('readable',-r $phys_path && -x $phys_path);
+ $dtpl->parse_if_block('users',$users && -o $phys_path);
+ $dtpl->parse_if_block('even',($count % 2) == 0);
+
+ $dirlist .= $dtpl->get_template;
}
# Files
foreach my $file(@$files)
{
- my $phys_path = $physical."/".$file;
- my $virt_path = encode_entities($virtual.$file);
+ next if($config->{'hide_dot_files'} && substr($file,0,1) eq '.');
+ next unless(dos_wildcard_match($filter1,$file));
- my @stat = stat($phys_path);
- my $in_use = $data->{'uselist'}->in_use($virtual.$file);
+ $count++;
- $output .= " " x (10 - length($stat[7]));
- $output .= $stat[7];
- $output .= " ";
- $output .= strftime($config->{'timeformat'},localtime($stat[9]));
- $output .= " " x 10;
- $output .= encode_entities($file);
- $output .= " " x ($max_name_len - length($file))."\t (";
+ my $phys_path = $physical.'/'.$file;
+ my $virt_path = multi_string($virtual.$file);
- # Link "View"
+ my @stat = lstat($phys_path);
+ my $too_large = $config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'};
- if(-r $phys_path && -T $phys_path)
- {
- $output .= "View";
- }
- else
- {
- $output .= 'fillin('FILE',$virt_path->{'html'});
+ $ftpl->fillin('FILE_URL',$virt_path->{'url'});
+ $ftpl->fillin('FILE_NAME',encode_html($file));
+ $ftpl->fillin('FILE_URL',$virt_path->{'url'});
+ $ftpl->fillin('SIZE',$stat[7]);
+ $ftpl->fillin('DATE',encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime($stat[9]) : localtime($stat[9]))));
+ $ftpl->fillin('URL',equal_url(encode_html($config->{'httproot'}),$virt_path->{'html'}));
- $output .= '">View';
- }
+ $ftpl->parse_if_block('link',-l $phys_path);
+ $ftpl->parse_if_block('readable',-r $phys_path);
+ $ftpl->parse_if_block('writeable',-w $phys_path);
+ $ftpl->parse_if_block('binary',-B $phys_path);
- $output .= " | ";
+ $ftpl->parse_if_block('forbidden',is_forbidden_file($config->{'forbidden'},$virt_path->{'normal'}));
+ $ftpl->parse_if_block('viewable',(-r $phys_path && -T $phys_path && not $too_large) || -l $phys_path);
+ $ftpl->parse_if_block('editable',(-r $phys_path && -w $phys_path && -T $phys_path && not $too_large) && not -l $phys_path);
- # Link "Edit"
+ $ftpl->parse_if_block('too_large',$config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'});
- if(-w $phys_path && -r $phys_path && -T $phys_path && not $in_use)
- {
- $output .= "Edit";
- }
- else
- {
- $output .= 'parse_if_block('even',($count % 2) == 0);
- $output .= '">Edit';
- }
+ $dirlist .= $ftpl->get_template;
+ }
- # Link "Do other stuff"
+ $tpl->read_file($config->{'templates'}->{'dirlist'});
- $output .= " | Work with file)\n";
- }
+ $tpl->fillin('DIRLIST',$dirlist);
+ $tpl->fillin('DIR',encode_html($virtual));
+ $tpl->fillin('DIR_URL',escape($virtual));
+ $tpl->fillin('SCRIPT',$script);
+ $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual)));
+
+ $tpl->fillin('FILTER',encode_html($filter2));
+ $tpl->fillin('FILTER_URL',escape($filter2));
- $output .= "
\n\n
\n\n";
-
- # Bottom of directory listing
- # (Fields for creating files and directories)
-
- $output .= <
-
-
-
-
-
-
-Create new file:
-
-
-END
- $output .= htmlfoot;
+ $tpl->parse_if_block('empty',$dirlist eq '');
+ $tpl->parse_if_block('dir_writeable',-w $physical);
+ $tpl->parse_if_block('filter',$filter2);
+ $tpl->parse_if_block('gmt',$config->{'use_gmt'});
+ }
+ elsif(-l $physical)
+ {
+ # Show the target of a symbolic link
+
+ my $link_target = readlink($physical);
+
+ $tpl->read_file($config->{'templates'}->{'viewlink'});
+
+ $tpl->fillin('FILE',encode_html($virtual));
+ $tpl->fillin('DIR',$upper_path->{'html'});
+ $tpl->fillin('DIR_URL',$upper_path->{'url'});
+ $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual)));
+ $tpl->fillin('SCRIPT',$script);
+
+ $tpl->fillin('LINK_TARGET',encode_html($link_target));
}
else
{
# View a file
- return error("You have not enough permissions to view this file.",upper_path($virtual)) unless(-r $physical);
+ return error($config->{'errors'}->{'no_view'},$upper_path->{'normal'}) unless(-r $physical);
# Check on binary files
- # We have to do it in this way, or empty files
- # will be recognized as binary files
+ # We have to do it in this way or empty files will be recognized
+ # as binary files
- unless(-T $physical)
- {
- # Binary file
+ return error($config->{'errors'}->{'binary_file'},$upper_path->{'normal'}) unless(-T $physical);
- return error("This editor is not able to view/edit binary files.",upper_path($virtual));
- }
- else
- {
- # Text file
+ # Is the file too large?
- $output = htmlhead("Contents of file ".encode_entities($virtual));
- $output .= equal_url($config->{'httproot'},$virtual);
- $output .= dir_link($virtual);
+ return error($config->{'errors'}->{'file_too_large'},$upper_path->{'normal'},{SIZE => $config->{'max_file_size'}}) if($config->{'max_file_size'} && -s $physical > $config->{'max_file_size'});
- $output .= ''."\n";
- $output .= encode_entities(${file_read($physical)});
- $output .= "\n
\n
Note: On UNIX systems, filenames are case-sensitive!
\n\n"; + my $ascii = $cgi->param('ascii'); + my $handle = $cgi->upload('uploaded_file'); - $output .= "Someone else is currently editing this file. So not all features are available.
\n\n" unless($unused); + return error($config->{'errors'}->{'invalid_upload'},$virtual) unless($handle); - $output .= "Click on the button below to remove the file '$virtual'.
+ dir_copy($physical,$new_physical) or return error($config->{'errors'}->{'copy_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } + else + { + if(-e $new_physical) + { + return error($config->{'errors'}->{'link_replace'},$new_dir) if(-l $new_physical); + return error($config->{'errors'}->{'dir_replace'},$new_dir) if(-d $new_physical); + return error($config->{'errors'}->{'exist_no_write'},$new_dir,{FILE => $new_virtual->{'html'}}) unless(-w $new_physical); + + if(not $data->{'cgi'}->param('confirmed')) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_replace'}); + + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('NEW_FILE',$new_virtual->{'html'}); + $tpl->fillin('NEW_FILENAME',file_name($new_virtual->{'html'})); + $tpl->fillin('NEW_DIR',encode_html($new_dir)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + + $tpl->fillin('COMMAND','copy'); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } - -END + copy($physical,$new_physical) or return error($config->{'errors'}->{'copy_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } } else { - # File is locked - # Just display a button for unlocking it + if(-d $physical) + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'copydir'}); - $output .= <Someone else is currently editing this file. At least, the file is marked so. Maybe, someone who was editing the file has forgotten to unlock it. In this case (and only in this case) you can unlock the file using this button:
+ my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - -END - } + return \$output; + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'copyfile'}); - $output .= "\nNote: On UNIX systems, filenames are case-sensitive!
\n\n"; - $output .= "Click on the button below to completely remove the directory '$virtual' and oll of it's files and sub directories.
+ move($physical,$new_physical) or return error($config->{'errors'}->{'rename_failed'},$dir,{FILE => encode_html($virtual), NEW_FILE => $new_virtual->{'html'}}); + return devedit_reload({command => 'show', file => $new_dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'renamefile'}); - -END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= "\nA file called '$new_virtual' already exists. Do you want to replace it?
+ $tpl->fillin('DIR',encode_html($virtual)); + $tpl->fillin('DIR_URL',escape($virtual)); + $tpl->fillin('UPPER_DIR',encode_html($dir)); + $tpl->fillin('UPPER_DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - + return \$output; + } + } + else + { + # Remove a file - -END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; return \$output; } } - - if($data->{'uselist'}->in_use($data->{'new_virtual'})) - { - return error("The target file '$new_virtual' already exists and it is edited by someone else.",$dir); - } - - copy($physical,$new_physical) or return error("Could not copy '$virtual' to '$new_virtual'",upper_path($virtual)); - return devedit_reload({command => 'show', file => $dir}); } -# exec_rename() +# exec_remove_multi() # -# Rename/move a file and return to directory view +# Remove a file or a directory and return to directory view # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_rename($$) +sub exec_remove_multi($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; - my $new_physical = $data->{'new_physical'}; - my $new_virtual = $data->{'new_virtual'}; - my $dir = upper_path($new_virtual); - $new_virtual = encode_entities($new_virtual); + my $cgi = $data->{'cgi'}; - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + my @files = $cgi->param('files');# + my @new_files; - if(-e $new_physical) + if(@files) { - if(-d $new_physical) + foreach my $file(@files) { - return error("A directory called '$new_virtual' already exists. You cannot replace a directory!",upper_path($virtual)); + # Filter out some "bad" files (e.g. files going up in the + # directory hierarchy or files containing slashes (it's too + # dangerous...) + + next if($file =~ m!^\.+$!); + next if($file =~ m!/!); + next if($file =~ m!\\!); + + push(@new_files,$file); } - elsif(not $data->{'cgi'}->param('confirmed')) + } + + if(@new_files) + { + if($cgi->param('confirmed')) { - $dir = encode_entities($dir); + my @success; + my @failed; + + foreach my $file(@new_files) + { + my $file_path = clean_path($physical.'/'.$file); + + if(-e $file_path) + { + if(-d $file_path && not -l $file_path) + { + # Remove a directory + + if(rmtree($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + else + { + # Remove a file + + if(unlink($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + } + else + { + push(@failed,clean_path($file)); + } + } - my $output = htmlhead("Replace existing file"); - $output .= <<"END"; -A file called '$new_virtual' already exists. Do you want to replace it?
+ my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'rmmulti'}); - - -END + $tpl->parse; - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; return \$output; } - } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmmulti'}); - if($data->{'uselist'}->in_use($data->{'new_virtual'})) - { - return error("The target file '$new_virtual' already exists and it is edited by someone else.",$dir); - } + foreach my $file(@new_files) + { + $tpl->add_loop_data('FILES',{FILE => encode_html($file), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file))}); + } - rename($physical,$new_physical) or return error("Could not move/rename '".encode_entities($virtual)."' to '$new_virtual'.",upper_path($virtual)); - return devedit_reload({command => 'show', file => $dir}); -} + $tpl->set_var('COUNT',scalar(@new_files)); -# exec_remove() -# -# Remove a file and return to directory view -# -# Params: 1. Reference to user input hash -# 2. Reference to config hash -# -# Return: Output of the command (Scalar Reference) + $tpl->set_var('DIR',encode_html($virtual)); + $tpl->set_var('SCRIPT',$script); -sub exec_remove($$) -{ - my ($data,$config) = @_; - my $physical = $data->{'physical'}; - my $virtual = $data->{'virtual'}; + $tpl->parse; - return exec_rmdir($data,$config) if(-d $physical); - return error_in_use($virtual) if($data->{'uselist'}->in_use($virtual)); + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; - unlink($physical) or return error("Could not delete file '".encode_entities($virtual)."'.",upper_path($virtual)); - return devedit_reload({command => 'show', file => upper_path($virtual)}); + return \$output; + } + } + else + { + return devedit_reload({command => 'show', file => $virtual}); + } } -# exec_rmdir() +# exec_chprop() # -# Remove a directory and return to directory view +# Change the mode and the group of a file or a directory # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_rmdir($$) +sub exec_chprop($$) { my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + + return error($config->{'errors'}->{'no_users'},$dir,{FILE => encode_html($virtual)}) unless($users); + return error($config->{'errors'}->{'chprop_root'},'/') if($virtual eq '/'); + return error($config->{'errors'}->{'not_owner'},$dir,{FILE => encode_html($virtual)}) unless(-o $physical); + return error($config->{'errors'}->{'chprop_link'},$dir) if(-l $physical); - return exec_remove($data,$config) if(not -d $physical); + my $cgi = $data->{'cgi'}; + my $mode = $cgi->param('mode'); + my $group = $cgi->param('group'); - if($data->{'cgi'}->param('confirmed')) + if($mode || $group) { - rmtree($physical); - return devedit_reload({command => 'show', file => upper_path($virtual)}); + if($mode) + { + # Change the mode + + return error($config->{'errors'}->{'invalid_mode'},$dir) unless($mode =~ /^[0-7]{3,}$/); + chmod(oct($mode),$physical); + } + + if($group) + { + # Change the group using the `chgrp` system command + + return error($config->{'errors'}->{'invalid_group'},$dir,{GROUP => encode_html($group)}) unless($group =~ /^[a-z0-9_]+[a-z0-9_-]*$/i); + system('chgrp',$group,$physical); + } + + return devedit_reload({command => 'show', file => $dir}); } else { - my $dir = encode_entities(upper_path($virtual)); - my $output; + # Display the form - $output = htmlhead("Remove directory $virtual"); - $output .= equal_url($config->{'httproot'},$virtual); + my @stat = stat($physical); + my $mode = $stat[2]; + my $gid = $stat[5]; - $virtual = encode_entities($virtual); + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'chprop'}); - $output .= dir_link($virtual); + # Insert file properties into the template - $output .= <<"END"; -Do you really want to remove the directory '$virtual' and all of it's files and sub directories?
+ $tpl->fillin('MODE_OCTAL',substr(sprintf('%04o',$mode),-4)); + $tpl->fillin('MODE_STRING',mode_string($mode)); + $tpl->fillin('GID',$gid); - + if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } - -END + $tpl->fillin('FILE',encode_html($virtual)); + $tpl->fillin('FILE_URL',escape($virtual)); + $tpl->fillin('DIR',encode_html($dir)); + $tpl->fillin('DIR_URL',escape($dir)); + $tpl->fillin('URL',encode_html(equal_url($config->{'httproot'},$virtual))); + $tpl->fillin('SCRIPT',$script); - $output .= htmlfoot; + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; return \$output; } } -# exec_unlock() +# exec_about() # -# Remove a file from the list of used files and -# return to directory view +# Display some information about Dev-Editor # # Params: 1. Reference to user input hash # 2. Reference to config hash # # Return: Output of the command (Scalar Reference) -sub exec_unlock($$) +sub exec_about($$) { my ($data,$config) = @_; - my $virtual = $data->{'virtual'}; - my $uselist = $data->{'uselist'}; - $uselist->remove_file($virtual); - $uselist->save; + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'about'}); + + $tpl->fillin('SCRIPT',$script); + + # Dev-Editor's version number - return devedit_reload({command => 'show', file => upper_path($virtual)}); + $tpl->fillin('VERSION',$data->{'version'}); + + # Some path information + + $tpl->fillin('SCRIPT_PHYS',encode_html($ENV{'SCRIPT_FILENAME'})); + $tpl->fillin('CONFIG_PATH',encode_html($data->{'configfile'})); + $tpl->fillin('FILE_ROOT', encode_html($config->{'fileroot'})); + $tpl->fillin('HTTP_ROOT', encode_html($config->{'httproot'})); + + # Perl + + $tpl->fillin('PERL_PROG',encode_html($^X)); + $tpl->fillin('PERL_VER', sprintf('%vd',$^V)); + + # Information about the server + + $tpl->fillin('HTTPD',encode_html($ENV{'SERVER_SOFTWARE'})); + $tpl->fillin('OS', encode_html($^O)); + $tpl->fillin('TIME', encode_html(strftime($config->{'timeformat'},($config->{'use_gmt'}) ? gmtime : localtime))); + + $tpl->parse_if_block('gmt',$config->{'use_gmt'}); + + # Process information + + $tpl->fillin('PID',$$); + + # The following information is only available on systems supporting + # users and groups + + if($users) + { + # Dev-Editor is running on a system which allows users and groups + # So we display the user and the group of our process + + my $uid = POSIX::getuid; + my $gid = POSIX::getgid; + + $tpl->parse_if_block('users',1); + + # IDs of user and group + + $tpl->fillin('UID',$uid); + $tpl->fillin('GID',$gid); + + # Names of user and group + + if(my $user = getpwuid($uid)) + { + $tpl->fillin('USER',encode_html($user)); + $tpl->parse_if_block('user_detected',1); + } + else + { + $tpl->parse_if_block('user_detected',0); + } + + if(my $group = getgrgid($gid)) + { + $tpl->fillin('GROUP',encode_html($group)); + $tpl->parse_if_block('group_detected',1); + } + else + { + $tpl->parse_if_block('group_detected',0); + } + + # Process umask + + $tpl->fillin('UMASK',sprintf('%04o',umask)); + } + else + { + $tpl->parse_if_block('users',0); + } + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; } # it's true, baby ;-)