X-Git-Url: https://git.p6c8.net/devedit.git/blobdiff_plain/e34b89e8690b4766fc19a868ee97aa30c1ac3143..ea86dd1c2b813a085290e0e24040122c2487182b:/modules/Command.pm?ds=sidebyside diff --git a/modules/Command.pm b/modules/Command.pm index e0bcb7c..84a0378 100644 --- a/modules/Command.pm +++ b/modules/Command.pm @@ -6,7 +6,7 @@ package Command; # Execute Dev-Editor's commands # # Author: Patrick Canterino -# Last modified: 2004-04-25 +# Last modified: 2004-11-24 # use strict; @@ -26,6 +26,7 @@ use Output; use Template; my $script = $ENV{'SCRIPT_NAME'}; +my $users = eval("getpwuid(0)") && eval("getgrgid(0)"); my %dispatch = ('show' => \&exec_show, 'beginedit' => \&exec_beginedit, @@ -37,6 +38,7 @@ my %dispatch = ('show' => \&exec_show, 'copy' => \&exec_copy, 'rename' => \&exec_rename, 'remove' => \&exec_remove, + 'chprop' => \&exec_chprop, 'unlock' => \&exec_unlock, 'about' => \&exec_about ); @@ -61,10 +63,16 @@ sub exec_command($$$) { my ($command,$data,$config) = @_; - return error($config->{'errors'}->{'cmd_unknown'},'/',{COMMAND => $command}) unless($dispatch{$command}); + foreach(keys(%dispatch)) + { + if(lc($_) eq lc($command)) + { + my $output = &{$dispatch{$_}}($data,$config); + return $output; + } + } - my $output = &{$dispatch{$command}}($data,$config); - return $output; + return error($config->{'errors'}->{'cmd_unknown'},'/',{COMMAND => $command}); } # exec_show() @@ -81,6 +89,8 @@ sub exec_show($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $upper_path = upper_path($virtual); + my $uselist = $data->{'uselist'}; my $tpl = new Template; @@ -88,8 +98,10 @@ sub exec_show($$) { # Create directory listing + return error($config->{'errors'}->{'no_dir_access'},$upper_path) unless(-r $physical && -x $physical); + my $direntries = dir_read($physical); - return error($config->{'dir_read_failed'},upper_path($virtual),{DIR => '$virtual'}) unless($direntries); + return error($config->{'dir_read_fail'},$upper_path,{DIR => $virtual}) unless($direntries); my $files = $direntries->{'files'}; my $dirs = $direntries->{'dirs'}; @@ -106,8 +118,8 @@ sub exec_show($$) my $udtpl = new Template; $udtpl->read_file($config->{'templates'}->{'dirlist_up'}); - $udtpl->fillin("UPPER_DIR",encode_entities(upper_path($virtual))); - $udtpl->fillin("DATE",strftime($config->{'timeformat'},localtime($stat[9]))); + $udtpl->fillin("UPPER_DIR",encode_entities($upper_path)); + $udtpl->fillin("DATE",encode_entities(strftime($config->{'timeformat'},localtime($stat[9])))); $dirlist .= $udtpl->get_template; } @@ -116,17 +128,22 @@ sub exec_show($$) foreach my $dir(@$dirs) { - my @stat = stat($physical."/".$dir); + my $phys_path = $physical."/".$dir; my $virt_path = encode_entities($virtual.$dir."/"); + my @stat = stat($phys_path); + my $dtpl = new Template; $dtpl->read_file($config->{'templates'}->{'dirlist_dir'}); $dtpl->fillin("DIR",$virt_path); $dtpl->fillin("DIR_NAME",$dir); - $dtpl->fillin("DATE",strftime($config->{'timeformat'},localtime($stat[9]))); + $dtpl->fillin("DATE",encode_entities(strftime($config->{'timeformat'},localtime($stat[9])))); $dtpl->fillin("URL",equal_url($config->{'httproot'},$virt_path)); + $dtpl->parse_if_block("readable",-r $phys_path && -x $phys_path); + $dtpl->parse_if_block("users",$users && -o $phys_path); + $dirlist .= $dtpl->get_template; } @@ -138,7 +155,7 @@ sub exec_show($$) my $virt_path = encode_entities($virtual.$file); my @stat = stat($phys_path); - my $in_use = $data->{'uselist'}->in_use($virtual.$file); + my $in_use = $uselist->in_use($virtual.$file); my $ftpl = new Template; $ftpl->read_file($config->{'templates'}->{'dirlist_file'}); @@ -146,19 +163,24 @@ sub exec_show($$) $ftpl->fillin("FILE",$virt_path); $ftpl->fillin("FILE_NAME",$file); $ftpl->fillin("SIZE",$stat[7]); - $ftpl->fillin("DATE",strftime($config->{'timeformat'},localtime($stat[9]))); + $ftpl->fillin("DATE",encode_entities(strftime($config->{'timeformat'},localtime($stat[9])))); $ftpl->fillin("URL",equal_url($config->{'httproot'},$virt_path)); $ftpl->parse_if_block("not_readable",not -r $phys_path); $ftpl->parse_if_block("binary",-B $phys_path); $ftpl->parse_if_block("readonly",not -w $phys_path); - $ftpl->parse_if_block("viewable",-r $phys_path && -T $phys_path); - $ftpl->parse_if_block("editable",-w $phys_path && -r $phys_path && -T $phys_path && not $in_use); + $ftpl->parse_if_block("viewable",-r $phys_path && -T $phys_path && not ($config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'})); + + $ftpl->parse_if_block("editable",-r $phys_path && -w $phys_path && -T $phys_path && not ($config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'}) && not $in_use); $ftpl->parse_if_block("in_use",$in_use); $ftpl->parse_if_block("unused",not $in_use); + $ftpl->parse_if_block("too_large",$config->{'max_file_size'} && $stat[7] > $config->{'max_file_size'}); + + $ftpl->parse_if_block("users",$users && -o $phys_path); + $dirlist .= $ftpl->get_template; } @@ -173,7 +195,7 @@ sub exec_show($$) { # View a file - return error($config->{'errors'}->{'noview'},upper_path($virtual)) unless(-r $physical); + return error($config->{'errors'}->{'noview'},$upper_path) unless(-r $physical); # Check on binary files # We have to do it in this way, or empty files @@ -183,22 +205,34 @@ sub exec_show($$) { # Binary file - return error($config->{'errors'}->{'binary'},upper_path($virtual)); + return error($config->{'errors'}->{'binary'},$upper_path); } else { # Text file - my $content = file_read($physical); - $$content =~ s/\015\012|\012|\015/\n/g; + my $size = -s $physical; - $tpl->read_file($config->{'templates'}->{'viewfile'}); + if($config->{'max_file_size'} && $size > $config->{'max_file_size'}) + { + return error($config->{'errors'}->{'file_too_large'},$upper_path,{SIZE => $config->{'max_file_size'}}) + } + else + { + my $content = file_read($physical); + $$content =~ s/\015\012|\012|\015/\n/g; - $tpl->fillin("FILE",$virtual); - $tpl->fillin("DIR",upper_path($virtual)); - $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); - $tpl->fillin("SCRIPT",$script); - $tpl->fillin("CONTENT",encode_entities($$content)); + $tpl->read_file($config->{'templates'}->{'viewfile'}); + + $tpl->fillin("FILE",$virtual); + $tpl->fillin("DIR",$upper_path); + $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); + $tpl->fillin("SCRIPT",$script); + + $tpl->parse_if_block("editable",-r $physical && -w $physical && -T $physical && not ($config->{'max_file_size'} && $size > $config->{'max_file_size'}) && $uselist->unused($virtual)); + + $tpl->fillin("CONTENT",encode_entities($$content)); + } } } @@ -222,11 +256,12 @@ sub exec_beginedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); my $uselist = $data->{'uselist'}; - return error($config->{'errors'}->{'editdir'},upper_path($virtual)) if(-d $physical); - return error($config->{'errors'}->{'in_use'},upper_path($virtual),{FILE => $virtual}) if($uselist->in_use($virtual)); - return error($config->{'errors'}->{'noedit'},upper_path($virtual)) unless(-r $physical && -w $physical); + return error($config->{'errors'}->{'editdir'},$dir) if(-d $physical); + return error($config->{'errors'}->{'in_use'}, $dir,{FILE => $virtual}) if($uselist->in_use($virtual)); + return error($config->{'errors'}->{'noedit'}, $dir) unless(-r $physical && -w $physical); # Check on binary files @@ -234,31 +269,38 @@ sub exec_beginedit($$) { # Binary file - return error($config->{'errors'}->{'binary'},upper_path($virtual)); + return error($config->{'errors'}->{'binary'},$dir); } else { - # Text file + if($config->{'max_file_size'} && (-s $physical) > $config->{'max_file_size'}) + { + return error($config->{'errors'}->{'file_too_large'},$dir,{SIZE => $config->{'max_file_size'}}) + } + else + { + # Text file - $uselist->add_file($virtual); - $uselist->save; + $uselist->add_file($virtual); + $uselist->save; - my $content = file_read($physical); - $$content =~ s/\015\012|\012|\015/\n/g; + my $content = file_read($physical); + $$content =~ s/\015\012|\012|\015/\n/g; - my $tpl = new Template; - $tpl->read_file($config->{'templates'}->{'editfile'}); + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'editfile'}); - $tpl->fillin("FILE",$virtual); - $tpl->fillin("DIR",upper_path($virtual)); - $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); - $tpl->fillin("SCRIPT",$script); - $tpl->fillin("CONTENT",encode_entities($$content)); + $tpl->fillin("FILE",$virtual); + $tpl->fillin("DIR",$dir); + $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); + $tpl->fillin("SCRIPT",$script); + $tpl->fillin("CONTENT",encode_entities($$content)); - my $output = header(-type => "text/html"); - $output .= $tpl->get_template; + my $output = header(-type => "text/html"); + $output .= $tpl->get_template; - return \$output; + return \$output; + } } } @@ -294,9 +336,18 @@ sub exec_endedit($$) my ($data,$config) = @_; my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); my $content = $data->{'cgi'}->param('filecontent'); my $uselist = $data->{'uselist'}; + # We already unlock the file at the beginning of the + # subroutine, because if we have to abort this routine, + # the file keeps locked. + # Nobody else will access the file during this routine + # because of the concept of File::UseList. + + file_unlock($uselist,$virtual); + # Normalize newlines $content =~ s/\015\012|\012|\015/\n/g; @@ -308,7 +359,7 @@ sub exec_endedit($$) $content = encode_entities($content,"\200-\377"); } - if($data->{'cgi'}->param('saveas')) + if($data->{'cgi'}->param('saveas') && $data->{'new_physical'} ne '' && $data->{'new_virtual'} ne '') { # Create the new filename @@ -317,26 +368,22 @@ sub exec_endedit($$) # Check if someone else is editing the new file - return error($config->{'errors'}->{'in_use'},upper_path($virtual),{FILE => $virtual}) if($uselist->in_use($virtual)); + return error($config->{'errors'}->{'in_use'},$dir,{FILE => $virtual}) if($uselist->in_use($virtual)); } - return error($config->{'errors'}->{'editdir'},upper_path($virtual)) if(-d $physical); - return error($config->{'errors'}->{'noedit'}, upper_path($virtual)) unless(-r $physical && -w $physical); + return error($config->{'errors'}->{'text_to_binary'},$dir) unless(-T $physical); + return error($config->{'errors'}->{'editdir'},$dir) if(-d $physical); + return error($config->{'errors'}->{'noedit'}, $dir) if(-e $physical && !(-r $physical && -w $physical)); if(file_save($physical,\$content)) { # Saving of the file was successful - so unlock it! - file_unlock($uselist,$data->{'virtual'}); - # ^^^^^^^^^^^^^^^^^^ - # Maybe the user saved the file using another filename... - # But we have to unlock the original file! - - return devedit_reload({command => 'show', file => upper_path($virtual)}); + return devedit_reload({command => 'show', file => $dir}); } else { - return error($config->{'errors'}->{'edit_failed'},upper_path($virtual),{FILE => $virtual}); + return error($config->{'errors'}->{'edit_failed'},$dir,{FILE => $virtual}); } } @@ -357,10 +404,26 @@ sub exec_mkfile($$) my $dir = upper_path($new_virtual); $new_virtual = encode_entities($new_virtual); - return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); + if($new_physical) + { + return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual}); - return devedit_reload({command => 'show', file => $dir}); + file_create($new_physical) or return error($config->{'errors'}->{'mkfile_failed'},$dir,{FILE => $new_virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkfile'}); + + $tpl->fillin("DIR","/"); + $tpl->fillin("SCRIPT",$script); + + my $output = header(-type => "text/html"); + $output .= $tpl->get_template; + + return \$output; + } } # exec_mkdir() @@ -382,8 +445,24 @@ sub exec_mkdir($$) return error($config->{'errors'}->{'file_exists'},$dir,{FILE => $new_virtual}) if(-e $new_physical); - mkdir($new_physical,0777) or return error($config->{'errors'}->{'mkdir_failed'},$dir,{DIR => $new_virtual}); - return devedit_reload({command => 'show', file => $dir}); + if($new_physical) + { + mkdir($new_physical,0777) or return error($config->{'errors'}->{'mkdir_failed'},$dir,{DIR => $new_virtual}); + return devedit_reload({command => 'show', file => $dir}); + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'mkdir'}); + + $tpl->fillin("DIR","/"); + $tpl->fillin("SCRIPT",$script); + + my $output = header(-type => "text/html"); + $output .= $tpl->get_template; + + return \$output; + } } # exec_upload() @@ -402,6 +481,8 @@ sub exec_upload($$) my $virtual = $data->{'virtual'}; my $cgi = $data->{'cgi'}; + return error($config->{'errors'}->{'no_directory'},upper_path($virtual),{FILE => $virtual}) unless(-d $physical); + if(my $uploaded_file = $cgi->param('uploaded_file')) { # Process file upload @@ -410,7 +491,7 @@ sub exec_upload($$) my $file_phys = $physical."/".$filename; my $file_virt = $virtual."".$filename; - return error($config->{'errors'}->{'file_exists'},$virtual,{FILE => $file_virt}) if(-e $file_phys); + return error($config->{'errors'}->{'file_exists'},$virtual,{FILE => $file_virt}) if(-e $file_phys && not $cgi->param('overwrite')); my $ascii = $cgi->param('ascii'); my $handle = $cgi->upload('uploaded_file'); @@ -420,13 +501,11 @@ sub exec_upload($$) open(FILE,">$file_phys") or return error($config->{'errors'}->{'mkfile_failed'},$virtual,{FILE => $file_virt}); binmode(FILE) unless($ascii); - my $data; + # Read transferred file and write it to disk - while(read($handle,$data,1024)) - { - $data =~ s/\015\012|\012|\015/\n/g if($ascii); - print FILE $data; - } + read($handle, my $data, -s $handle); + $data =~ s/\015\012|\012|\015/\n/g if($ascii); # Replace line separators if transferring in ASCII mode + print FILE $data; close(FILE); @@ -464,7 +543,8 @@ sub exec_copy($$) my $virtual = encode_entities($data->{'virtual'}); my $new_physical = $data->{'new_physical'}; - return error($config->{'errors'}->{'nocopy'}) unless(-r $physical); + return error($config->{'errors'}->{'dircopy'}) if(-d $physical); + return error($config->{'errors'}->{'nocopy'}) unless(-r $physical); if($new_physical) { @@ -478,7 +558,7 @@ sub exec_copy($$) if(-d $new_physical) { - return error($config->{'errors'}->{'dircopy'}); + return error($config->{'errors'}->{'dir_replace'},$dir); } elsif(not $data->{'cgi'}->param('confirmed')) { @@ -538,6 +618,7 @@ sub exec_rename($$) my $virtual = $data->{'virtual'}; my $new_physical = $data->{'new_physical'}; + return error($config->{'errors'}->{'rename_root'},"/") if($virtual eq "/"); return error($config->{'errors'}->{'in_use'},upper_path($virtual),{FILE => $virtual}) if($data->{'uselist'}->in_use($virtual)); if($new_physical) @@ -552,7 +633,7 @@ sub exec_rename($$) if(-d $new_physical) { - return error($config->{'errors'}->{'dircopy'}); + return error($config->{'errors'}->{'dir_replace'},$dir); } elsif(not $data->{'cgi'}->param('confirmed')) { @@ -611,6 +692,8 @@ sub exec_remove($$) my $physical = $data->{'physical'}; my $virtual = $data->{'virtual'}; + return error($config->{'errors'}->{'remove_root'},"/") if($virtual eq "/"); + if(-d $physical) { # Remove a directory @@ -665,6 +748,109 @@ sub exec_remove($$) } } +# exec_chprop() +# +# Change the mode and the group of a file or a directory +# +# Params: 1. Reference to user input hash +# 2. Reference to config hash +# +# Return: Output of the command (Scalar Reference) + +sub exec_chprop($$) +{ + my ($data,$config) = @_; + my $physical = $data->{'physical'}; + my $virtual = $data->{'virtual'}; + my $dir = upper_path($virtual); + my $cgi = $data->{'cgi'}; + my $mode = $cgi->param('mode'); + my $group = $cgi->param('group'); + + if($users) + { + # System supports user and groups + + if(-o $physical) + { + # We own this file + + if($mode || $group) + { + if($mode) + { + # Change the mode + + my $oct_mode = $mode; + $oct_mode = "0".$oct_mode if(length($oct_mode) == 3); + $oct_mode = oct($oct_mode); + + chmod($oct_mode,$physical); + } + + if($group) + { + # Change the group using the `chgrp` system command + + return error($config->{'errors'}->{'invalid_group'},$dir,{GROUP => encode_entities($group)}) unless($group =~ /^[a-z0-9_]+[a-z0-9_-]*$/i); + system("chgrp",$group,$physical); + } + + return devedit_reload({command => 'show', file => $dir}); + } + else + { + # Display the form + + my @stat = stat($physical); + + my $mode = $stat[2]; + my $mode_oct = substr(sprintf("%04o",$mode),-4); + my $gid = $stat[5]; + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'chprop'}); + + # Insert file properties into the template + + $tpl->fillin("MODE_OCTAL",$mode_oct); + $tpl->fillin("MODE_STRING",mode_string($mode)); + $tpl->fillin("GID",$gid); + + if(my $group = getgrgid($gid)) + { + $tpl->fillin("GROUP",encode_entities($group)); + $tpl->parse_if_block("group_detected",1); + } + else + { + $tpl->parse_if_block("group_detected",0); + } + + # Insert other information + + $tpl->fillin("FILE",$virtual); + $tpl->fillin("DIR",$dir); + $tpl->fillin("URL",equal_url($config->{'httproot'},$virtual)); + $tpl->fillin("SCRIPT",$script); + + my $output = header(-type => "text/html"); + $output .= $tpl->get_template; + + return \$output; + } + } + else + { + return error($config->{'errors'}->{'not_owner'},$dir,{FILE => $virtual}); + } + } + else + { + return error($config->{'errors'}->{'no_users'},$dir,{FILE => $virtual}); + } +} + # exec_unlock() # # Remove a file from the list of used files and @@ -679,10 +865,13 @@ sub exec_unlock($$) { my ($data,$config) = @_; my $virtual = $data->{'virtual'}; + my $uselist = $data->{'uselist'}; + + return devedit_reload({command => 'show', file => upper_path($virtual)}) if($uselist->unused($virtual)); if($data->{'cgi'}->param('confirmed')) { - file_unlock($data->{'uselist'},$virtual); + file_unlock($uselist,$virtual); return devedit_reload({command => 'show', file => upper_path($virtual)}); } else @@ -726,21 +915,21 @@ sub exec_about($$) # Some path information - $tpl->fillin("SCRIPT_PHYS",$ENV{'SCRIPT_FILENAME'}); - $tpl->fillin("CONFIG_PATH",$data->{'configfile'}); - $tpl->fillin("FILE_ROOT",$config->{'fileroot'}); - $tpl->fillin("HTTP_ROOT",$config->{'httproot'}); + $tpl->fillin("SCRIPT_PHYS",encode_entities($ENV{'SCRIPT_FILENAME'})); + $tpl->fillin("CONFIG_PATH",encode_entities($data->{'configfile'})); + $tpl->fillin("FILE_ROOT", encode_entities($config->{'fileroot'})); + $tpl->fillin("HTTP_ROOT", encode_entities($config->{'httproot'})); # Perl - $tpl->fillin("PERL_PROG",$^X); + $tpl->fillin("PERL_PROG",encode_entities($^X)); $tpl->fillin("PERL_VER",sprintf("%vd",$^V)); # Information about the server - $tpl->fillin("HTTPD",$ENV{'SERVER_SOFTWARE'}); + $tpl->fillin("HTTPD",encode_entities($ENV{'SERVER_SOFTWARE'})); $tpl->fillin("OS",$^O); - $tpl->fillin("TIME",strftime($config->{'timeformat'},localtime)); + $tpl->fillin("TIME",encode_entities(strftime($config->{'timeformat'},localtime))); # Process information @@ -748,22 +937,46 @@ sub exec_about($$) # Check if the functions getpwuid() and getgrgid() are available - if(eval("getpwuid(0)") && eval("getgrgid(0)")) + if($users) { # Dev-Editor is running on a system which allows users and groups # So we display the user and the group of our process + my $uid = POSIX::getuid; + my $gid = POSIX::getgid; + $tpl->parse_if_block("users",1); # ID's of user and group - $tpl->fillin("UID",$<); - $tpl->fillin("GID",$(); + $tpl->fillin("UID",$uid); + $tpl->fillin("GID",$gid); # Names of user and group - $tpl->fillin("USER",getpwuid($<)); - $tpl->fillin("GROUP",getgrgid($()); + if(my $user = getpwuid($uid)) + { + $tpl->fillin("USER",encode_entities($user)); + $tpl->parse_if_block("user_detected",1); + } + else + { + $tpl->parse_if_block("user_detected",0); + } + + if(my $group = getgrgid($gid)) + { + $tpl->fillin("GROUP",encode_entities($group)); + $tpl->parse_if_block("group_detected",1); + } + else + { + $tpl->parse_if_block("group_detected",0); + } + + # Process umask + + $tpl->fillin("UMASK",sprintf("%04o",umask)); } else {