# | Line 1 | Line 1 | |
---|---|---|
1 | #!/usr/bin/perl -w | |
2 | ||
3 | – | #------------------------------------------------------------ |
4 | – | # docs.cgi |
5 | – | # |
6 | – | # Web-based text file viewer. |
7 | – | # Copyright Paul Mutton, 2000. |
8 | – | #------------------------------------------------------------ |
9 | – | |
3 | use strict; | |
4 | use CGI; | |
5 | ||
6 | $| = 1; | |
7 | ||
8 | # Settings | |
9 | < | my ($left) = "../left.inc" ; |
17 | < | my ($title) = "../title.inc"; |
18 | < | my ($bottom) = "../bottom.inc"; |
9 | > | my ($incdir) = "../nwww"; |
10 | ||
11 | + | # Include files |
12 | + | my ($doctype) = "$incdir/doctype.inc"; |
13 | + | my ($style) = "$incdir/style.inc"; |
14 | + | my ($header) = "$incdir/header.inc"; |
15 | + | my ($footer) = "$incdir/footer.inc"; |
16 | + | my ($menu) = "$incdir/menu.inc" ; |
17 | ||
18 | my ($query) = new CGI; | |
19 | ||
# | Line 24 | Line 21 | my ($query) = new CGI; | |
21 | # This prevents malicious users using "../" to view files. | |
22 | my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/); | |
23 | ||
24 | + | # This should be application/xhtml+xml |
25 | print "Content-type: text/html\n\n"; | |
26 | ||
27 | unless (defined $doc) { | |
# | Line 34 | Line 32 | unless (defined $doc) { | |
32 | # Prevent hackers from supplying a malformed document string. | |
33 | # I.e. only allow normal characters, slashes and dots. | |
34 | unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) { | |
35 | < | print "Go Away, you nasty hax0r!"; |
35 | > | print "Malformed request."; |
36 | exit; | |
37 | } | |
38 | < | $doc = "../documentation/".$doc; |
38 | > | $doc = "../htdocs/documentation/".$doc; |
39 | ||
40 | < | print <<"END"; |
43 | < | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
40 | > | my($docname) = $doc =~ /\/([^\/]+)$/; |
41 | ||
42 | < | <!-- |
46 | < | docs.cgi |
47 | < | Web-based text file viewer and formatter. |
48 | < | Created by pjm2 19/10/2000 |
49 | < | Last modified 02/11/2000 |
50 | < | --> |
42 | > | &print_html($doctype); |
43 | ||
44 | < | <html> |
44 | > | print <<"END"; |
45 | ||
46 | < | <head> |
47 | < | <title>The i-scream Project Documentation Viewer</title> |
48 | < | <meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers."> |
49 | < | <meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert"> |
50 | < | <meta name="generator" content="notepad on acid, aye."> |
59 | < | </head> |
46 | > | <head> |
47 | > | <title> |
48 | > | i-scream plain text documentation viewer |
49 | > | </title> |
50 | > | END |
51 | ||
52 | < | <body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066"> |
52 | > | &print_html($style); |
53 | ||
54 | < | <table border="0" cellpadding="2" cellspacing="2"> |
55 | < | <tr> |
56 | < | <td valign="top"> |
54 | > | print <<"END"; |
55 | > | |
56 | > | </head> |
57 | > | <body> |
58 | > | <div id="container"> |
59 | > | <div id="main"> |
60 | END | |
61 | ||
62 | < | &print_html($left); |
62 | > | &print_html($header); |
63 | ||
64 | print <<"END"; | |
65 | ||
66 | < | </td> |
67 | < | <td valign="top"> |
66 | > | <div id="contents"> |
67 | > | <h1 class="top"> |
68 | > | i-scream documentation viewer |
69 | > | </h1> |
70 | > | <h2> |
71 | > | $docname |
72 | > | </h2> |
73 | END | |
74 | ||
76 | – | &print_html($title); |
75 | &print_file($doc); | |
78 | – | &print_html($bottom); |
76 | ||
77 | print <<"END"; | |
78 | ||
79 | < | </td> |
80 | < | </tr> |
84 | < | </table> |
79 | > | </div> |
80 | > | END |
81 | ||
82 | < | </body> |
82 | > | &print_html($footer); |
83 | ||
84 | + | print <<"END"; |
85 | + | |
86 | + | </div> |
87 | + | END |
88 | + | |
89 | + | &print_html($menu); |
90 | + | |
91 | + | print <<"END"; |
92 | + | |
93 | + | </div> |
94 | + | </body> |
95 | </html> | |
96 | END | |
97 | ||
98 | exit 0; | |
99 | ||
100 | # Print a file, whilst escaping HTML: - | |
101 | < | sub print_file ($) { |
102 | < | my ($urls) = '(' . join ('|', qw{ |
103 | < | http |
104 | < | telnet |
105 | < | gopher |
106 | < | file |
107 | < | wais |
108 | < | ftp |
109 | < | } ) |
110 | < | . ')'; |
111 | < | |
101 | > | sub print_file { |
102 | > | my ($urls) = '(' . join ('|', qw{ |
103 | > | http |
104 | > | telnet |
105 | > | gopher |
106 | > | file |
107 | > | wais |
108 | > | ftp |
109 | > | } ) |
110 | > | . ')'; |
111 | > | |
112 | my ($ltrs) = '\w'; | |
113 | my ($gunk) = '/#~:.?+=&%@!\-'; | |
114 | my ($punc) = '.:?\-'; | |
115 | my ($any) = "${ltrs}${gunk}${punc}"; | |
116 | my ($filename) = @_; | |
117 | < | open(FILE, $filename) or die "Cannot open $filename: $!\n"; |
118 | < | print "<pre>\n"; |
119 | < | # Use $_ implicitly throughout. |
120 | < | while (<FILE>) { |
121 | < | # Must do the next line first! |
122 | < | s/&/&/g; |
123 | < | s/</</g; |
124 | < | s/>/>/g; |
125 | < | s/"/"/g; |
126 | < | s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox; |
127 | < | print; |
117 | > | if(open(FILE, $filename)) { |
118 | > | print " <pre>\n"; |
119 | > | # Use $_ implicitly throughout. |
120 | > | while (<FILE>) { |
121 | > | # Must do the next line first! |
122 | > | s/&/&/g; |
123 | > | s/</</g; |
124 | > | s/>/>/g; |
125 | > | s/"/"/g; |
126 | > | s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox; |
127 | > | print; |
128 | > | } |
129 | > | print "\n</pre>"; |
130 | } | |
131 | < | print "</pre>"; |
131 | > | else { |
132 | > | print "Failed to open $docname."; |
133 | > | } |
134 | } | |
135 | ||
136 | < | # Print a file without escaping HTML: - |
136 | > | # Print the contents of a file containing html |
137 | sub print_html ($) { | |
138 | my ($filename) = @_; | |
139 | < | print `cat $filename 2>&1`; |
139 | > | my($virtual) = '<!--#include virtual="/cgi-bin/logo.cgi" -->'; |
140 | > | my(@virtualresponse) = `/web/i-scream/nwww.cgi-bin/logo.cgi`; |
141 | > | open(FILE, $filename); |
142 | > | while(<FILE>) { |
143 | > | if(/$virtual/) { |
144 | > | s/$virtual/$virtualresponse[@virtualresponse-1]/; |
145 | > | } |
146 | > | print; |
147 | > | } |
148 | > | close FILE; |
149 | } |
– | Removed lines |
+ | Added lines |
< | Changed lines |
> | Changed lines |