pcanterino [Tue, 31 Mar 2009 17:25:11 +0000 (17:25 +0000)]
Added new template {IF} block ("even") for allowing to change color of the
table rows in directory listing for every row with an even number. This allows
a better distinction of the rows.
pcanterino [Mon, 30 Mar 2009 17:58:58 +0000 (17:58 +0000)]
Added new configurtaion option for hiding dot files.
When new option "hide_dot_files" is set to 1, every file or directory beginning
with a "." is not shown in the directory listing. But you can still access the
file / directory by typing its name into the "Go to directory/file" box.
This option is also available in the user-dependent configuration.
pcanterino [Thu, 24 Aug 2006 19:48:37 +0000 (19:48 +0000)]
Trying to simplify some of Dev-Editor's functions:
If you want to copy or rename/move a file or a directory or save a file using a
different name, the form field for the new filename is prefilled with the old
one. Additionally, the entered path is no more relative to the directory of the
original file.
pcanterino [Thu, 10 Nov 2005 17:40:44 +0000 (17:40 +0000)]
- Fixed a security problem:
It was possible to access files and directories above the virtual root
directory beginning with the same string as the root directory.
For example:
If your root directory is "/var/www/user1" it was possible to access
"/var/www/user10", "/var/www/user11" and so on.
- Updated version number to 3.0.1
- Updated Change Log
You can now define alias names for users who have an individual configuration,
so you don't need to define an individual sections for users with the same
configuration any more.
pcanterino [Thu, 25 Aug 2005 11:35:17 +0000 (11:35 +0000)]
- Now, Dev-Editor is able to switch some configuration values depending on the
current HTTP Auth user.
This is controlled by a separate configuration file that contains sections
like Windows INI files (thus the configuration file parser is now able to
parse files containing sections in square brackets).
You may overwrite the following configuration values:
- fileroot
- httproot
- forbidden (you may also clear the default "forbidden" list)
- Fixed a bug occuring if the user placed an empty "forbidden" configuration
option in the main configuration file. In this case we create an empty Array
Reference.
- Fixed an error in an {IF} block in dirlist_dir.htm
pcanterino [Mon, 1 Aug 2005 09:18:25 +0000 (09:18 +0000)]
- Fixed the prototype problem of dir_copy() in File::Access
- Added some notes about the problems of the feature of copying a whole
directory
- Added some notes about my incompetence
- In the edit dialogue, there is a new checkbox allowing to continue editing the
file after saving it
pcanterino [Fri, 10 Jun 2005 12:38:36 +0000 (12:38 +0000)]
- Dev-Editor is now able to forbid accessing a file using the configuration file
- Added ReadMe file, Change Log and a copy of the Artistic License to the
repository
pcanterino [Sun, 15 May 2005 09:41:04 +0000 (09:41 +0000)]
Removed the JavaScript code which prevents users from marking text in the
textarea containing the Artistic License.
I added this code for browsers not supporting the readonly attribute, but that
is not a good solution.
pcanterino [Sun, 15 May 2005 09:21:11 +0000 (09:21 +0000)]
- Before changing the permissions of a file, check if the user entered a valid
octal number
- Changed the name of the error message "dir_read_fail" to "dir_read_failed"
- Removed HTML::Entities:
This module is a little bit slow and does currently not support very much
encodings. Now, we just encode the HTML control characters (<, >, & and ").
- Began to fix bugs [1120717] and [1071051]
- Do not write new file content if the user did not change it
- If two users edit a file at the same time and they both did the same changes,
do not complain that the file has changed
Do not switch to binmode before saving a file or before showing the editing
form. It caused a problem with the line endings. Let's hope it does not cause
new problems...
- Began to change the behaviour of Dev-Editor's editing function:
The concept of locking the file for other users before editing it is not very
good, causes some problems and makes it difficult to add new features. So I
decided to remove it.
When Dev-Editor shows the form for editing a file, it calculates the MD5
checksum and places it in the editing form. Before saving the file, the MD5
checksum is calculated again and compared to the submitted one. If the two
sums don't match, Dev-Editor does not save the file and shows the editing
form.
It seems to work, but the solution is currently VERY dirty...
- Removed the possibility to encode ISO-8859-1 HTML entities. There is no real
use for this function.
- The extension of the configuration files is now "conf"
- Changed the names of some error messages:
binary -> binary_file
cmd_unknown -> command_unknown
create_ar -> create_above_root
not_exist -> not_found
pcanterino [Sat, 19 Feb 2005 09:42:04 +0000 (09:42 +0000)]
Now, the root directory must not be a symbolic link.
Sorry for this, I really would have liked to allow the root directory to be a
symbolic link, but if I would allow this, Dev-Editor would not be able to create
files in the root directory. I'm looking for an alternative...
pcanterino [Mon, 14 Feb 2005 15:33:27 +0000 (15:33 +0000)]
The file saving process was aborted if the user wanted to write text data using
the edit function into a file that does not exists.
The reason was that Dev-Editor thought that this non-existing file was a binary
file.
pcanterino [Sun, 13 Feb 2005 15:12:08 +0000 (15:12 +0000)]
- Handle broken symbolic links properly
- It was possible to create files above the virtual root directory using
symbolic links
- Updated version number to 2.3.1
pcanterino [Sun, 13 Feb 2005 09:42:39 +0000 (09:42 +0000)]
- For security reasons, I completely changed the handling of symbolic links:
Symbolic links are now treated as files, no matter where they point to. The
user is just allowed to see the path where the link points to, he is allowed
to delete the link, to rename it and to overwrite it by renaming an other
file. Nothing else is allowed.
Accessing a symbolic link pointing to a directory caused also a very strange
effect: It was possible to access this directory, but you could not access the
objects in it.
I had to do it in this way because of the very stupid behaviour of abs_path()
from the Cwd module: This function is just able to detect the absolute path of
directories.
Hard links are not affected by this, because it is not possible to detect them
(at least I don't know how to detect them).
- Changed the names of two error messages:
dircopy -> dir_copy
editdir -> dir_edit
- Fixed various errors in some template files
pcanterino [Thu, 10 Feb 2005 18:42:10 +0000 (18:42 +0000)]
- Check if unlocking of the list of files in use was successful
- Check if a file could be successfully added to the list of files in use
- Check if a file could be successfully removed from the list of files in use
pcanterino [Sat, 8 Jan 2005 10:18:18 +0000 (10:18 +0000)]
- NOW check_path() should work properly
I removed my self-written code to resolve "..", "...", "...." and so on and
replaced it by a single call to abs_path(). That is more reliable!
- file_name() and upper_path() now take care of a
"multiple-slash-root-directory" and Windows drive letters
pcanterino [Thu, 6 Jan 2005 14:28:00 +0000 (14:28 +0000)]
- Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
the "newfile" parameter had no leading slash
- On Windows systems it was possible to access the directories above the root
directory by accessing a path ending with "..." or "...." and so on
pcanterino [Thu, 6 Jan 2005 11:25:46 +0000 (11:25 +0000)]
- When composing the temporary virtual path for a new file, don't call
clean_path(). It is unnecessary and it also caused a problem if this path
would begin with /../, because on UNIX systems, canonpath() removes /../ at
the beginning of a path. So if a user wanted to create the file /../file.ext
(which he wasn't allowed to), he created /file.ext.
- file_name() and upper_path() now remove multiple trailing slashes
- Improved configuration file parser:
- Allow configuration options with empty values
- If a option is defined twice, the line number is shown in the error message
- Static values are now surrounded by single quotes. Maybe it helps to increase
the speed of Dev-Editor, because Perl doesn't have to try to interpolate
variables in the values.
pcanterino [Tue, 4 Jan 2005 12:53:57 +0000 (12:53 +0000)]
- In the virtual directory string, check_path() converts backslashes to slashes
before removing slashes at the beginning (not really necessary, but I want to
be sure)
- check_path() and equal_url() now remove multiple disturbing slashes in strings
pcanterino [Wed, 29 Dec 2004 20:39:59 +0000 (20:39 +0000)]
If locking of the uselist file failed, get the template variables directly from
the File::UseList object, because the name of the lock file could have been
composed by File::UseList.