X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/e34b89e8690b4766fc19a868ee97aa30c1ac3143..6a4499d441793336945f8dd7aa4485ee0fafc1ee:/devedit.pl?ds=sidebyside diff --git a/devedit.pl b/devedit.pl index ef2e7b5..94c9f0e 100644 --- a/devedit.pl +++ b/devedit.pl @@ -1,12 +1,12 @@ #!C:/Programme/Perl/bin/perl.exe -w # -# Dev-Editor 2.0 (CVS) +# Dev-Editor 2.2a # # Dev-Editor's main program # -# Author: Patrick Canterino -# Last modified: 2004-04-25 +# Author: Patrick Canterino +# Last modified: 2004-12-29 # use strict; @@ -23,7 +23,10 @@ use Command; use Output; use Tool; -$VERSION = '2.0 (CVS)'; +$VERSION = '2.2a'; + +# Path to configuration file +# Change if necessary! use constant CONFIGFILE => 'devedit.dat'; @@ -32,6 +35,14 @@ use constant CONFIGFILE => 'devedit.dat'; my $config = read_config(CONFIGFILE); error_template($config->{'templates'}->{'error'}); # Yes, I'm lazy... +# Check if the root directory exists + +abort($config->{'errors'}->{'no_root_dir'}) unless(-d $config->{'fileroot'}); + +# Check if we are able to access the root directory + +abort($config->{'errors'}->{'no_root_access'}) unless(-r $config->{'fileroot'} && -x $config->{'fileroot'}); + # Read the most important form data my $cgi = new CGI; @@ -42,12 +53,11 @@ my $curdir = $cgi->param('curdir') || ''; my $newfile = $cgi->param('newfile') || ''; # Create physical and virtual path for the new file -# This section has to be optimized - ugh! my $new_physical = ''; my $new_virtual = ''; -if($newfile ne '') +if($newfile ne '' && $newfile !~ /^\s+$/) { $curdir = upper_path($file) if($curdir eq ''); my $path = clean_path($curdir.$newfile); @@ -61,14 +71,22 @@ if($newfile ne '') unless(-d clean_path($config->{'fileroot'}."/".$dir)) { - abort($config->{'errors'}->{'dir_not_exist'}); + abort($config->{'errors'}->{'dir_not_exist'},"/"); } # ... and check if the path is above the root directory unless(($new_physical,$new_virtual) = check_path($config->{'fileroot'},$dir)) { - abort($config->{'errors'}->{'create_ar'}); + abort($config->{'errors'}->{'create_ar'},"/"); + } + + # Check if we have enough permissions to create a file + # in this directory + + unless(-r $new_physical && -w $new_physical && -x $new_physical) + { + abort($config->{'errors'}->{'dir_no_create'},"/",{DIR => $new_virtual}); } # Create the physical and the virtual path @@ -77,7 +95,7 @@ if($newfile ne '') $new_virtual .= $file; } -# This check has to be performed first, or abs_path() will be confused +# This check has to be performed first or abs_path() will be confused if(-e clean_path($config->{'fileroot'}."/".$file)) { @@ -89,7 +107,7 @@ if(-e clean_path($config->{'fileroot'}."/".$file)) lockfile => $config->{'lock_file'}, timeout => $config->{'lock_timeout'}); - $uselist->lock or abort($config->{'errors'}->{'lock_failed'},{USELIST => $config->{'uselist_file'}, LOCK_FILE => $config->{'lock_file'}}); + $uselist->lock or abort($config->{'errors'}->{'lock_failed'},undef,{USELIST => $uselist->{'listfile'}, LOCK_FILE => $uselist->{'lockfile'}}); $uselist->load; # Create a hash with data submitted by user @@ -107,16 +125,16 @@ if(-e clean_path($config->{'fileroot'}."/".$file)) my $output = exec_command($command,\%data,$config); # Execute the command... $uselist->unlock; # ... unlock the list with files in use... - print $$output; # ... and print the output of the command + print $$output; # ... and show the output of the command } else { - abort($config->{'errors'}->{'above_root'}); + abort($config->{'errors'}->{'above_root'},"/"); } } else { - abort($config->{'errors'}->{'not_exist'}); + abort($config->{'errors'}->{'not_exist'},"/"); } #