ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/web/cgi-bin/docs.cgi
Revision: 1.6
Committed: Thu May 15 20:48:01 2003 UTC (21 years, 5 months ago) by tdb
Branch: MAIN
CVS Tags: PRE_WWW_REDESIGN
Changes since 1.5: +5 -5 lines
Log Message:
Merge in changes from branch created for new server. The old server is now
history... so we can make the new server use HEAD.

File Contents

# Content
1 #!/usr/bin/perl -w
2
3 #------------------------------------------------------------
4 # docs.cgi
5 #
6 # Web-based text file viewer.
7 # Copyright Paul Mutton, 2000.
8 #------------------------------------------------------------
9
10 use strict;
11 use CGI;
12
13 $| = 1;
14
15 # Settings
16 my ($left) = "../htdocs/left.inc" ;
17 my ($title) = "../htdocs/title.inc";
18 my ($bottom) = "../htdocs/bottom.inc";
19
20
21 my ($query) = new CGI;
22
23 # Note filenames may only have one dot in them, in the ".txt".
24 # This prevents malicious users using "../" to view files.
25 my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
26
27 print "Content-type: text/html\n\n";
28
29 unless (defined $doc) {
30 print "The link to this page was broken - it must specify a .txt file.";
31 exit;
32 }
33
34 # Prevent hackers from supplying a malformed document string.
35 # I.e. only allow normal characters, slashes and dots.
36 unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
37 print "Malformed request";
38 exit;
39 }
40 $doc = "../htdocs/documentation/".$doc;
41
42 print <<"END";
43 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
44
45 <!--
46 docs.cgi
47 Web-based text file viewer and formatter.
48 Created by pjm2 19/10/2000
49 Last modified 02/11/2000
50 -->
51
52 <html>
53
54 <head>
55 <title>The i-scream Project Documentation Viewer</title>
56 <meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers.">
57 <meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert">
58 <meta name="generator" content="notepad on acid, aye.">
59 </head>
60
61 <body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066">
62
63 <table border="0" cellpadding="2" cellspacing="2">
64 <tr>
65 <td valign="top">
66 END
67
68 &print_html($left);
69
70 print <<"END";
71
72 </td>
73 <td valign="top">
74 END
75
76 &print_html($title);
77 &print_file($doc);
78 &print_html($bottom);
79
80 print <<"END";
81
82 </td>
83 </tr>
84 </table>
85
86 </body>
87
88 </html>
89 END
90
91 exit 0;
92
93 # Print a file, whilst escaping HTML: -
94 sub print_file ($) {
95 my ($urls) = '(' . join ('|', qw{
96 http
97 telnet
98 gopher
99 file
100 wais
101 ftp
102 } )
103 . ')';
104
105 my ($ltrs) = '\w';
106 my ($gunk) = '/#~:.?+=&%@!\-';
107 my ($punc) = '.:?\-';
108 my ($any) = "${ltrs}${gunk}${punc}";
109 my ($filename) = @_;
110 open(FILE, $filename) or die "Cannot open $filename: $!\n";
111 print "<pre>\n";
112 # Use $_ implicitly throughout.
113 while (<FILE>) {
114 # Must do the next line first!
115 s/&/&amp;/g;
116 s/</&lt;/g;
117 s/>/&gt;/g;
118 s/"/&quot;/g;
119 s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
120 print;
121 }
122 print "</pre>";
123 }
124
125 # Print a file without escaping HTML: -
126 sub print_html ($) {
127 my ($filename) = @_;
128 print `cat $filename 2>&1`;
129 }