You can now define alias names for users who have an individual configuration,
so you don't need to define an individual sections for users with the same
configuration any more.
pcanterino [Thu, 25 Aug 2005 11:35:17 +0000 (11:35 +0000)]
- Now, Dev-Editor is able to switch some configuration values depending on the
current HTTP Auth user.
This is controlled by a separate configuration file that contains sections
like Windows INI files (thus the configuration file parser is now able to
parse files containing sections in square brackets).
You may overwrite the following configuration values:
- fileroot
- httproot
- forbidden (you may also clear the default "forbidden" list)
- Fixed a bug occuring if the user placed an empty "forbidden" configuration
option in the main configuration file. In this case we create an empty Array
Reference.
- Fixed an error in an {IF} block in dirlist_dir.htm
pcanterino [Mon, 1 Aug 2005 09:18:25 +0000 (09:18 +0000)]
- Fixed the prototype problem of dir_copy() in File::Access
- Added some notes about the problems of the feature of copying a whole
directory
- Added some notes about my incompetence
- In the edit dialogue, there is a new checkbox allowing to continue editing the
file after saving it
pcanterino [Fri, 10 Jun 2005 12:38:36 +0000 (12:38 +0000)]
- Dev-Editor is now able to forbid accessing a file using the configuration file
- Added ReadMe file, Change Log and a copy of the Artistic License to the
repository
pcanterino [Sun, 15 May 2005 09:41:04 +0000 (09:41 +0000)]
Removed the JavaScript code which prevents users from marking text in the
textarea containing the Artistic License.
I added this code for browsers not supporting the readonly attribute, but that
is not a good solution.
pcanterino [Sun, 15 May 2005 09:21:11 +0000 (09:21 +0000)]
- Before changing the permissions of a file, check if the user entered a valid
octal number
- Changed the name of the error message "dir_read_fail" to "dir_read_failed"
- Removed HTML::Entities:
This module is a little bit slow and does currently not support very much
encodings. Now, we just encode the HTML control characters (<, >, & and ").
- Began to fix bugs [1120717] and [1071051]
- Do not write new file content if the user did not change it
- If two users edit a file at the same time and they both did the same changes,
do not complain that the file has changed
Do not switch to binmode before saving a file or before showing the editing
form. It caused a problem with the line endings. Let's hope it does not cause
new problems...
- Began to change the behaviour of Dev-Editor's editing function:
The concept of locking the file for other users before editing it is not very
good, causes some problems and makes it difficult to add new features. So I
decided to remove it.
When Dev-Editor shows the form for editing a file, it calculates the MD5
checksum and places it in the editing form. Before saving the file, the MD5
checksum is calculated again and compared to the submitted one. If the two
sums don't match, Dev-Editor does not save the file and shows the editing
form.
It seems to work, but the solution is currently VERY dirty...
- Removed the possibility to encode ISO-8859-1 HTML entities. There is no real
use for this function.
- The extension of the configuration files is now "conf"
- Changed the names of some error messages:
binary -> binary_file
cmd_unknown -> command_unknown
create_ar -> create_above_root
not_exist -> not_found
pcanterino [Sat, 19 Feb 2005 09:42:04 +0000 (09:42 +0000)]
Now, the root directory must not be a symbolic link.
Sorry for this, I really would have liked to allow the root directory to be a
symbolic link, but if I would allow this, Dev-Editor would not be able to create
files in the root directory. I'm looking for an alternative...
pcanterino [Mon, 14 Feb 2005 15:33:27 +0000 (15:33 +0000)]
The file saving process was aborted if the user wanted to write text data using
the edit function into a file that does not exists.
The reason was that Dev-Editor thought that this non-existing file was a binary
file.
pcanterino [Sun, 13 Feb 2005 15:12:08 +0000 (15:12 +0000)]
- Handle broken symbolic links properly
- It was possible to create files above the virtual root directory using
symbolic links
- Updated version number to 2.3.1
pcanterino [Sun, 13 Feb 2005 09:42:39 +0000 (09:42 +0000)]
- For security reasons, I completely changed the handling of symbolic links:
Symbolic links are now treated as files, no matter where they point to. The
user is just allowed to see the path where the link points to, he is allowed
to delete the link, to rename it and to overwrite it by renaming an other
file. Nothing else is allowed.
Accessing a symbolic link pointing to a directory caused also a very strange
effect: It was possible to access this directory, but you could not access the
objects in it.
I had to do it in this way because of the very stupid behaviour of abs_path()
from the Cwd module: This function is just able to detect the absolute path of
directories.
Hard links are not affected by this, because it is not possible to detect them
(at least I don't know how to detect them).
- Changed the names of two error messages:
dircopy -> dir_copy
editdir -> dir_edit
- Fixed various errors in some template files
pcanterino [Thu, 10 Feb 2005 18:42:10 +0000 (18:42 +0000)]
- Check if unlocking of the list of files in use was successful
- Check if a file could be successfully added to the list of files in use
- Check if a file could be successfully removed from the list of files in use
pcanterino [Sat, 8 Jan 2005 10:18:18 +0000 (10:18 +0000)]
- NOW check_path() should work properly
I removed my self-written code to resolve "..", "...", "...." and so on and
replaced it by a single call to abs_path(). That is more reliable!
- file_name() and upper_path() now take care of a
"multiple-slash-root-directory" and Windows drive letters
pcanterino [Thu, 6 Jan 2005 14:28:00 +0000 (14:28 +0000)]
- Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
the "newfile" parameter had no leading slash
- On Windows systems it was possible to access the directories above the root
directory by accessing a path ending with "..." or "...." and so on
pcanterino [Thu, 6 Jan 2005 11:25:46 +0000 (11:25 +0000)]
- When composing the temporary virtual path for a new file, don't call
clean_path(). It is unnecessary and it also caused a problem if this path
would begin with /../, because on UNIX systems, canonpath() removes /../ at
the beginning of a path. So if a user wanted to create the file /../file.ext
(which he wasn't allowed to), he created /file.ext.
- file_name() and upper_path() now remove multiple trailing slashes
- Improved configuration file parser:
- Allow configuration options with empty values
- If a option is defined twice, the line number is shown in the error message
- Static values are now surrounded by single quotes. Maybe it helps to increase
the speed of Dev-Editor, because Perl doesn't have to try to interpolate
variables in the values.
pcanterino [Tue, 4 Jan 2005 12:53:57 +0000 (12:53 +0000)]
- In the virtual directory string, check_path() converts backslashes to slashes
before removing slashes at the beginning (not really necessary, but I want to
be sure)
- check_path() and equal_url() now remove multiple disturbing slashes in strings
pcanterino [Wed, 29 Dec 2004 20:39:59 +0000 (20:39 +0000)]
If locking of the uselist file failed, get the template variables directly from
the File::UseList object, because the name of the lock file could have been
composed by File::UseList.
pcanterino [Tue, 21 Dec 2004 13:40:34 +0000 (13:40 +0000)]
- While processing a file upload, check if the user wants to replace a directory
or overwrite a write-protected file
- If the user wants to copy or rename a file, check if he wants to overwrite a
write-protected file
pcanterino [Fri, 17 Dec 2004 17:05:45 +0000 (17:05 +0000)]
- Dev-Editor now uses flock(). flock() is called using a wrapper function which
checks if it is really available.
- file_save() in File::Access is now able to open a file in binary mode. Thus,
the file saving process in the file upload code in Command.pm has been
replaced by a single file_save() call.
pcanterino [Thu, 16 Dec 2004 15:45:32 +0000 (15:45 +0000)]
- Entities in some more strings are now encoded
- The Hash Reference for devedit_reload() is now optional
- Removed "use Data::Dumper;" in Command.pm. I forgot to remove it after debugging.
pcanterino [Mon, 13 Dec 2004 15:17:44 +0000 (15:17 +0000)]
- exec_chprop() should have a proper coding style, but it made the routine hard
to maintain. Thus, I changed its structure.
- Don't allow to change the properties of a file in use
- Don't allow to upload a file if a file with the same virtual name is currently
in use
pcanterino [Fri, 3 Dec 2004 14:04:28 +0000 (14:04 +0000)]
Version 1.3:
- Replaced open() by sysopen()
- Added method remove_all() to remove all files from the list (maybe we will
need it...)
- Changed my email address
pcanterino [Sat, 27 Nov 2004 09:57:23 +0000 (09:57 +0000)]
Changed my email address (patshaping@gmx.net -> patrick@patshaping.de) in all
files except the Template and the File::UseList modules (they are seperate
software).
pcanterino [Fri, 26 Nov 2004 17:35:58 +0000 (17:35 +0000)]
- Don't display the file upload link in directory listing if Dev-Editor has no
write access to this directory.
- Wrong variable "{DIRECTORY}" in error message "dir_no_create" - it should be
"{DIR}".
pcanterino [Fri, 26 Nov 2004 16:00:27 +0000 (16:00 +0000)]
- Check if we have enough permissions to write in directory at the following
points:
- Before executing a command which creates a new file
- Before uploading a file
- Before removing or moving/renaming a file or directory
- oct() does not care about leading zeros, the resulting value is always the
same.
- The name of the variable which will be replaced by a directory to go back to
in error.htm was renamed from "{DIR}" to "{BACK}". "{DIR}" caused some
problems.
- Changed the names of some error messages:
nocopy -> no_copy
noedit -> no_edit
noview -> no_view
pcanterino [Wed, 24 Nov 2004 16:35:20 +0000 (16:35 +0000)]
- Added new if blocks to the templates about.htm and chprop.htm: The blocks are
named "group_detected" and "user_detected" and show if Dev-Editor could
successfully convert a group or user ID into the corresponding name.
- Cleaned exec_beginedit() and exec_endedit()
- More proper encoding of HTML entities at some points (still needs work)
pcanterino [Sat, 13 Nov 2004 09:13:02 +0000 (09:13 +0000)]
The path the user wants to access must now BEGIN with the root directory. The
old check made it possible to access a directory structure outside the root
directory similar to the root directory.