ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/web/cgi-bin/docs.cgi
Revision: 1.6
Committed: Thu May 15 20:48:01 2003 UTC (22 years, 5 months ago) by tdb
Branch: MAIN
CVS Tags: PRE_WWW_REDESIGN
Changes since 1.5: +5 -5 lines
Log Message: 
Merge in changes from branch created for new server. The old server is now
history... so we can make the new server use HEAD.

File Contents

# User Rev Content
1 tdb 1.1 #!/usr/bin/perl -w
2    
3     #------------------------------------------------------------
4     # docs.cgi
5     #
6     # Web-based text file viewer.
7     # Copyright Paul Mutton, 2000.
8     #------------------------------------------------------------
9    
10     use strict;
11     use CGI;
12    
13     $| = 1;
14    
15     # Settings
16 tdb 1.6 my ($left) = "../htdocs/left.inc" ;
17     my ($title) = "../htdocs/title.inc";
18     my ($bottom) = "../htdocs/bottom.inc";
19 tdb 1.1
20    
21     my ($query) = new CGI;
22 pjm2 1.4
23     # Note filenames may only have one dot in them, in the ".txt".
24     # This prevents malicious users using "../" to view files.
25     my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
26 tdb 1.1
27 tdb 1.2 print "Content-type: text/html\n\n";
28 pjm2 1.4
29     unless (defined $doc) {
30     print "The link to this page was broken - it must specify a .txt file.";
31     exit;
32     }
33    
34     # Prevent hackers from supplying a malformed document string.
35     # I.e. only allow normal characters, slashes and dots.
36     unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
37 tdb 1.6 print "Malformed request";
38 pjm2 1.4 exit;
39     }
40 tdb 1.6 $doc = "../htdocs/documentation/".$doc;
41 tdb 1.1
42     print <<"END";
43     <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
44    
45     <!--
46     docs.cgi
47     Web-based text file viewer and formatter.
48     Created by pjm2 19/10/2000
49 tdb 1.2 Last modified 02/11/2000
50 tdb 1.1 -->
51    
52     <html>
53    
54     <head>
55     <title>The i-scream Project Documentation Viewer</title>
56     <meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers.">
57     <meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert">
58     <meta name="generator" content="notepad on acid, aye.">
59     </head>
60    
61     <body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066">
62    
63     <table border="0" cellpadding="2" cellspacing="2">
64     <tr>
65     <td valign="top">
66     END
67    
68 tdb 1.2 &print_html($left);
69 tdb 1.1
70     print <<"END";
71    
72     </td>
73     <td valign="top">
74     END
75    
76 tdb 1.2 &print_html($title);
77 tdb 1.1 &print_file($doc);
78 tdb 1.2 &print_html($bottom);
79 tdb 1.1
80     print <<"END";
81    
82     </td>
83     </tr>
84     </table>
85    
86     </body>
87    
88     </html>
89     END
90    
91     exit 0;
92    
93 tdb 1.2 # Print a file, whilst escaping HTML: -
94 tdb 1.1 sub print_file ($) {
95 tdb 1.3 my ($urls) = '(' . join ('|', qw{
96     http
97     telnet
98     gopher
99     file
100     wais
101     ftp
102     } )
103     . ')';
104    
105     my ($ltrs) = '\w';
106     my ($gunk) = '/#~:.?+=&%@!\-';
107     my ($punc) = '.:?\-';
108     my ($any) = "${ltrs}${gunk}${punc}";
109 tdb 1.1 my ($filename) = @_;
110     open(FILE, $filename) or die "Cannot open $filename: $!\n";
111 tdb 1.2 print "<pre>\n";
112     # Use $_ implicitly throughout.
113     while (<FILE>) {
114     # Must do the next line first!
115     s/&/&amp;/g;
116     s/</&lt;/g;
117     s/>/&gt;/g;
118     s/"/&quot;/g;
119 tdb 1.3 s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
120 tdb 1.2 print;
121 tdb 1.1 }
122 tdb 1.2 print "</pre>";
123 tdb 1.1 }
124    
125 tdb 1.2 # Print a file without escaping HTML: -
126     sub print_html ($) {
127     my ($filename) = @_;
128 tdb 1.5 print `cat $filename 2>&1`;
129 tdb 1.2 }