From 09cce7f643af390fa39802d68b87d6f2e17295c4 Mon Sep 17 00:00:00 2001 From: pcanterino <> Date: Wed, 6 May 2009 20:52:08 +0000 Subject: [PATCH] Added a feature for removing multiple files from a directory. You can select a set of files in a directory and then remove them by clicking a button. Of course, there is a confirmation dialogue. For security reasons, any file sent by URL containing slashes or just consisting of dots is ignored. --- modules/Command.pm | 182 +++++++++++++++++++++++++++++++--- templates.conf | 2 + templates/confirm_rmmulti.htm | 37 +++++++ templates/dirlist.htm | 14 ++- templates/dirlist_dir.htm | 1 + templates/dirlist_file.htm | 1 + templates/dirlist_up.htm | 1 + templates/rmmulti.htm | 27 +++++ 8 files changed, 251 insertions(+), 14 deletions(-) create mode 100644 templates/confirm_rmmulti.htm create mode 100644 templates/rmmulti.htm diff --git a/modules/Command.pm b/modules/Command.pm index ef15a77..506e0c0 100644 --- a/modules/Command.pm +++ b/modules/Command.pm @@ -6,7 +6,7 @@ package Command; # Execute Dev-Editor's commands # # Author: Patrick Canterino -# Last modified: 2009-03-31 +# Last modified: 2009-05-04 # # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann # Copyright (C) 2003-2009 Patrick Canterino @@ -39,17 +39,18 @@ use Template; my $script = encode_html($ENV{'SCRIPT_NAME'}); my $users = eval('getpwuid(0)') && eval('getgrgid(0)'); -my %dispatch = ('show' => \&exec_show, - 'beginedit' => \&exec_beginedit, - 'endedit' => \&exec_endedit, - 'mkdir' => \&exec_mkdir, - 'mkfile' => \&exec_mkfile, - 'upload' => \&exec_upload, - 'copy' => \&exec_copy, - 'rename' => \&exec_rename, - 'remove' => \&exec_remove, - 'chprop' => \&exec_chprop, - 'about' => \&exec_about +my %dispatch = ('show' => \&exec_show, + 'beginedit' => \&exec_beginedit, + 'endedit' => \&exec_endedit, + 'mkdir' => \&exec_mkdir, + 'mkfile' => \&exec_mkfile, + 'upload' => \&exec_upload, + 'copy' => \&exec_copy, + 'rename' => \&exec_rename, + 'remove' => \&exec_remove, + 'remove_multi' => \&exec_remove_multi, + 'chprop' => \&exec_chprop, + 'about' => \&exec_about ); ### Export ### @@ -848,6 +849,163 @@ sub exec_remove($$) } } +# exec_remove_multi() +# +# Remove a file or a directory and return to directory view +# +# Params: 1. Reference to user input hash +# 2. Reference to config hash +# +# Return: Output of the command (Scalar Reference) + +sub exec_remove_multi($$) +{ + my ($data,$config) = @_; + my $physical = $data->{'physical'}; + my $virtual = $data->{'virtual'}; + my $cgi = $data->{'cgi'}; + + my @files = $cgi->param('files'); + my $x = 0; + + if(@files) + { + foreach my $file(@files) + { + # Filter out some "bad" files (e.g. files going up in the + # directory hierarchy or files containing slashes (it's too + # dangerous...) + + splice(@files,$x,1) if($file =~ m!^\.+$!); + splice(@files,$x,1) if($file =~ m!/!); + splice(@files,$x,1) if($file =~ m!\\!); + + $x++; + } + } + + if(@files) + { + if($cgi->param('confirmed')) + { + #die 'Noch nicht!'; + + my @success; + my @failed; + + foreach my $file(@files) + { + my $file_path = clean_path($physical.'/'.$file); + + if(-e $file_path) + { + if(-d $file_path && not -l $file_path) + { + # Remove a directory + + if(rmtree($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + else + { + # Remove a file + + if(unlink($file_path)) + { + push(@success,clean_path($file)); + } + else + { + push(@failed,clean_path($file)); + } + } + } + else + { + push(@failed,clean_path($file)); + } + } + + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'rmmulti'}); + + if(scalar(@success) > 0) + { + $tpl->parse_if_block('success',1); + + foreach my $file_success(@success) + { + $tpl->add_loop_data('SUCCESS',{FILE => encode_html($file_success), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file_success))}); + } + } + else + { + $tpl->parse_if_block('success',0); + } + + if(scalar(@failed) > 0) + { + $tpl->parse_if_block('failed',1); + + foreach my $file_failed(@failed) + { + $tpl->add_loop_data('FAILED',{FILE => encode_html($file_failed), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file_failed))}); + } + } + else + { + $tpl->parse_if_block('failed',0); + } + + + $tpl->set_var('DIR',encode_html($virtual)); + $tpl->set_var('SCRIPT',$script); + + $tpl->parse; + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + else + { + my $tpl = new Template; + $tpl->read_file($config->{'templates'}->{'confirm_rmmulti'}); + + foreach my $file(@files) + { + $tpl->add_loop_data('FILES',{FILE => encode_html($file), + FILE_PATH => encode_html(clean_path($virtual.'/'.$file))}); + } + + $tpl->set_var('COUNT',encode_html($x)); + + $tpl->set_var('DIR',encode_html($virtual)); + $tpl->set_var('SCRIPT',$script); + + $tpl->parse; + + my $output = header(-type => 'text/html'); + $output .= $tpl->get_template; + + return \$output; + } + } + else + { + return devedit_reload({command => 'show', file => $virtual}); + } +} + # exec_chprop() # # Change the mode and the group of a file or a directory diff --git a/templates.conf b/templates.conf index 055b51b..c287466 100644 --- a/templates.conf +++ b/templates.conf @@ -6,6 +6,7 @@ chprop = templates/chprop.htm confirm_replace = templates/confirm_replace.htm confirm_rmdir = templates/confirm_rmdir.htm confirm_rmfile = templates/confirm_rmfile.htm +confirm_rmmulti = templates/confirm_rmmulti.htm copydir = templates/copydir.htm copyfile = templates/copyfile.htm dirlist = templates/dirlist.htm @@ -17,6 +18,7 @@ error = templates/error.htm mkdir = templates/mkdir.htm mkfile = templates/mkfile.htm renamefile = templates/renamefile.htm +rmmulti = templates/rmmulti.htm upload = templates/upload.htm viewfile = templates/viewfile.htm viewlink = templates/viewlink.htm diff --git a/templates/confirm_rmmulti.htm b/templates/confirm_rmmulti.htm new file mode 100644 index 0000000..216bbee --- /dev/null +++ b/templates/confirm_rmmulti.htm @@ -0,0 +1,37 @@ + + + + +Remove files + + + + +

Remove files

+ +

Do you really want to remove these files?

+ + + +
+ + + +{LOOP FILES} +{ENDLOOP} + +

+
+ +
+ + + +

+
+ + + \ No newline at end of file diff --git a/templates/dirlist.htm b/templates/dirlist.htm index 7b047d9..10ade36 100644 --- a/templates/dirlist.htm +++ b/templates/dirlist.htm @@ -14,8 +14,18 @@
-{IF empty}

This directory is empty or nothing is matching against your wildcard

{ELSE} -{DIRLIST}
{ENDIF} +{IF empty}

This directory is empty or nothing is matching against your wildcard

{ELSE}
+ + + + +{DIRLIST}
+ +
+ +

+ +
{ENDIF}
diff --git a/templates/dirlist_dir.htm b/templates/dirlist_dir.htm index 04fec0b..0908849 100644 --- a/templates/dirlist_dir.htm +++ b/templates/dirlist_dir.htm @@ -1,4 +1,5 @@ + [SUBDIR] {DATE}{IF gmt} (GMT){ENDIF} {IF !forbidden}{IF readable}{DIR_NAME}/{ELSE}{DIR_NAME}/{ENDIF}{ELSE}{DIR_NAME}/{ENDIF} diff --git a/templates/dirlist_file.htm b/templates/dirlist_file.htm index febadab..fd342fe 100644 --- a/templates/dirlist_file.htm +++ b/templates/dirlist_file.htm @@ -1,4 +1,5 @@ + {SIZE} {DATE}{IF gmt} (GMT){ENDIF} {IF forbidden}{FILE_NAME}{ELSE}{FILE_NAME}{ENDIF} diff --git a/templates/dirlist_up.htm b/templates/dirlist_up.htm index b0e34ed..33527c2 100644 --- a/templates/dirlist_up.htm +++ b/templates/dirlist_up.htm @@ -1,4 +1,5 @@ +  [SUBDIR] {DATE}{IF gmt} (GMT){ENDIF} ../ diff --git a/templates/rmmulti.htm b/templates/rmmulti.htm new file mode 100644 index 0000000..aee0464 --- /dev/null +++ b/templates/rmmulti.htm @@ -0,0 +1,27 @@ + + + + +Remove files + + + + +

Remove files

{IF success} + +

The following files have been removed successfully:

+ +
    {LOOP SUCCESS} +
  • {SUCCESS.FILE_PATH}
    • {ENDLOOP} +
{ENDIF}{IF failed} + +

The following could not be removed:

+ +
    {LOOP FAILED} +
  • {FAILED.FILE_PATH}
    • {ENDLOOP} +
{ENDIF} + +

Back to {DIR}

+ + \ No newline at end of file -- 2.34.1