ViewVC Help

View File | Revision Log | Show Annotations | Revision Graph | Root Listing

root/i-scream/web/cgi-bin/docs.cgi

Comparing web/cgi-bin/docs.cgi (file contents):
Revision 1.5 by tdb, Sun May 6 19:16:40 2001 UTC vs.
Revision 1.10 by tdb, Wed Mar 24 23:29:21 2004 UTC

#	Line 1 | Line 1
1		#!/usr/bin/perl -w
2
3	–	#------------------------------------------------------------
4	–	# docs.cgi
5	–	#
6	–	# Web-based text file viewer.
7	–	# Copyright Paul Mutton, 2000.
8	–	#------------------------------------------------------------
9	–
3		use strict;
4		use CGI;
5
6		$| = 1;
7
8		# Settings
9	<	my ($left) = "../left.inc" ;
17	<	my ($title) = "../title.inc";
18	<	my ($bottom) = "../bottom.inc";
9	>	my ($incdir) = "../nwww";
10
11	+	# Include files
12	+	my ($doctype) = "$incdir/doctype.inc";
13	+	my ($style) = "$incdir/style.inc";
14	+	my ($header) = "$incdir/header.inc";
15	+	my ($footer) = "$incdir/footer.inc";
16	+	my ($menu) = "$incdir/menu.inc" ;
17
18		my ($query) = new CGI;
19
#	Line 24 | Line 21 | my ($query) = new CGI;
21		# This prevents malicious users using "../" to view files.
22		my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
23
24	+	# This should be application/xhtml+xml
25		print "Content-type: text/html\n\n";
26
27		unless (defined $doc) {
#	Line 34 | Line 32 | unless (defined $doc) {
32		# Prevent hackers from supplying a malformed document string.
33		# I.e. only allow normal characters, slashes and dots.
34		unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
35	<	print "Go Away, you nasty hax0r!";
35	>	print "Malformed request.";
36		exit;
37		}
38	<	$doc = "../documentation/".$doc;
38	>	$doc = "../htdocs/documentation/".$doc;
39
40	<	print <<"END";
43	<	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
40	>	my($docname) = $doc =~ /\/([^\/]+)$/;
41
42	<	<!--
46	<	docs.cgi
47	<	Web-based text file viewer and formatter.
48	<	Created by pjm2 19/10/2000
49	<	Last modified 02/11/2000
50	<	-->
42	>	&print_html($doctype);
43
44	<	<html>
44	>	print <<"END";
45
46	<	<head>
47	<	<title>The i-scream Project Documentation Viewer</title>
48	<	<meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers.">
49	<	<meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert">
50	<	<meta name="generator" content="notepad on acid, aye.">
59	<	</head>
46	>	<head>
47	>	<title>
48	>	i-scream plain text documentation viewer
49	>	</title>
50	>	END
51
52	<	<body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066">
52	>	&print_html($style);
53
54	<	<table border="0" cellpadding="2" cellspacing="2">
55	<	<tr>
56	<	<td valign="top">
54	>	print <<"END";
55	>
56	>	</head>
57	>	<body>
58	>	<div id="container">
59	>	<div id="main">
60		END
61
62	<	&print_html($left);
62	>	&print_html($header);
63
64		print <<"END";
65
66	<	</td>
67	<	<td valign="top">
66	>	<div id="contents">
67	>	<h1 class="top">
68	>	i-scream documentation viewer
69	>	</h1>
70	>	<h2>
71	>	$docname
72	>	</h2>
73		END
74
76	–	&print_html($title);
75		&print_file($doc);
78	–	&print_html($bottom);
76
77		print <<"END";
78
79	<	</td>
80	<	</tr>
84	<	</table>
79	>	</div>
80	>	END
81
82	<	</body>
82	>	&print_html($footer);
83
84	+	print <<"END";
85	+
86	+	</div>
87	+	END
88	+
89	+	&print_html($menu);
90	+
91	+	print <<"END";
92	+
93	+	</div>
94	+	</body>
95		</html>
96		END
97
98		exit 0;
99
100		# Print a file, whilst escaping HTML: -
101	<	sub print_file ($) {
102	<	my ($urls) = '(' . join ('|', qw{
103	<	http
104	<	telnet
105	<	gopher
106	<	file
107	<	wais
108	<	ftp
109	<	} )
110	<	. ')';
111	<
101	>	sub print_file {
102	>	my ($urls) = '(' . join ('|', qw{
103	>	http
104	>	telnet
105	>	gopher
106	>	file
107	>	wais
108	>	ftp
109	>	} )
110	>	. ')';
111	>
112		my ($ltrs) = '\w';
113		my ($gunk) = '/#~:.?+=&%@!\-';
114		my ($punc) = '.:?\-';
115		my ($any) = "${ltrs}${gunk}${punc}";
116		my ($filename) = @_;
117	<	open(FILE, $filename) or die "Cannot open $filename: $!\n";
118	<	print "<pre>\n";
119	<	# Use $_ implicitly throughout.
120	<	while (<FILE>) {
121	<	# Must do the next line first!
122	<	s/&/&amp;/g;
123	<	s/</&lt;/g;
124	<	s/>/&gt;/g;
125	<	s/"/&quot;/g;
126	<	s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
127	<	print;
117	>	if(open(FILE, $filename)) {
118	>	print "          <pre>\n";
119	>	# Use $_ implicitly throughout.
120	>	while (<FILE>) {
121	>	# Must do the next line first!
122	>	s/&/&amp;/g;
123	>	s/</&lt;/g;
124	>	s/>/&gt;/g;
125	>	s/"/&quot;/g;
126	>	s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
127	>	print;
128	>	}
129	>	print "\n</pre>";
130		}
131	<	print "</pre>";
131	>	else {
132	>	print "Failed to open $docname.";
133	>	}
134		}
135
136	<	# Print a file without escaping HTML: -
136	>	# Print the contents of a file containing html
137		sub print_html ($) {
138		my ($filename) = @_;
139	<	print `cat $filename 2>&1`;
139	>	my($virtual) = '<!--#include virtual="/cgi-bin/logo.cgi" -->';
140	>	my(@virtualresponse) = `/web/i-scream/nwww.cgi-bin/logo.cgi`;
141	>	open(FILE, $filename);
142	>	while(<FILE>) {
143	>	if(/$virtual/) {
144	>	s/$virtual/$virtualresponse[@virtualresponse-1]/;
145	>	}
146	>	print;
147	>	}
148	>	close FILE;
149		}

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines