--- web/cgi-bin/docs.cgi 2001/05/06 19:16:40 1.5
+++ web/cgi-bin/docs.cgi 2004/03/25 22:51:20 1.13
@@ -1,22 +1,19 @@
#!/usr/bin/perl -w
-#------------------------------------------------------------
-# docs.cgi
-#
-# Web-based text file viewer.
-# Copyright Paul Mutton, 2000.
-#------------------------------------------------------------
-
use strict;
use CGI;
$| = 1;
# Settings
-my ($left) = "../left.inc" ;
-my ($title) = "../title.inc";
-my ($bottom) = "../bottom.inc";
+my ($incdir) = "../htdocs";
+# Include files
+my ($doctype) = "$incdir/doctype.inc";
+my ($style) = "$incdir/style.inc";
+my ($header) = "$incdir/header.inc";
+my ($footer) = "$incdir/footer.inc";
+my ($menu) = "$incdir/menu-static.inc" ;
my ($query) = new CGI;
@@ -24,6 +21,7 @@ my ($query) = new CGI;
# This prevents malicious users using "../" to view files.
my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
+# This should be application/xhtml+xml
print "Content-type: text/html\n\n";
unless (defined $doc) {
@@ -34,96 +32,113 @@ unless (defined $doc) {
# Prevent hackers from supplying a malformed document string.
# I.e. only allow normal characters, slashes and dots.
unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
- print "Go Away, you nasty hax0r!";
+ print "Malformed request.";
exit;
}
-$doc = "../documentation/".$doc;
+$doc = "../htdocs/cms/documentation/".$doc;
-print <<"END";
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+my($docname) = $doc =~ /\/([^\/]+)$/;
-<!--
- docs.cgi
- Web-based text file viewer and formatter.
- Created by pjm2 19/10/2000
- Last modified 02/11/2000
--->
+&print_html($doctype);
-<html>
+print <<"END";
-<head>
- <title>The i-scream Project Documentation Viewer</title>
- <meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers.">
- <meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert">
- <meta name="generator" content="notepad on acid, aye.">
-</head>
+ <head>
+ <title>
+ i-scream plain text documentation viewer
+ </title>
+END
-<body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066">
+&print_html($style);
-<table border="0" cellpadding="2" cellspacing="2">
- <tr>
- <td valign="top">
+print <<"END";
+
+ </head>
+ <body>
+ <div id="container">
+ <div id="main">
END
-&print_html($left);
+&print_html($header);
print <<"END";
- </td>
- <td valign="top">
+ <div id="contents">
+ <h1 class="top">
+ i-scream documentation viewer
+ </h1>
+ <h2>
+ $docname
+ </h2>
END
-&print_html($title);
&print_file($doc);
-&print_html($bottom);
print <<"END";
- </td>
- </tr>
-</table>
+ </div>
+END
-</body>
+&print_html($footer);
+print <<"END";
+
+ </div>
+END
+
+&print_html($menu);
+
+print <<"END";
+
+ </div>
+ </body>
</html>
END
exit 0;
# Print a file, whilst escaping HTML: -
-sub print_file ($) {
- my ($urls) = '(' . join ('|', qw{
- http
- telnet
- gopher
- file
- wais
- ftp
- } )
- . ')';
-
+sub print_file {
+my ($urls) = '(' . join ('|', qw{
+ http
+ telnet
+ gopher
+ file
+ wais
+ ftp
+ } )
+ . ')';
+
my ($ltrs) = '\w';
my ($gunk) = '/#~:.?+=&%@!\-';
my ($punc) = '.:?\-';
my ($any) = "${ltrs}${gunk}${punc}";
my ($filename) = @_;
- open(FILE, $filename) or die "Cannot open $filename: $!\n";
- print "<pre>\n";
- # Use $_ implicitly throughout.
- while (<FILE>) {
- # Must do the next line first!
- s/&/&/g;
- s/</</g;
- s/>/>/g;
- s/"/"/g;
- s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
- print;
+ if(open(FILE, $filename)) {
+ print " <pre>\n";
+ # Use $_ implicitly throughout.
+ while (<FILE>) {
+ # Must do the next line first!
+ s/&/&/g;
+ s/</</g;
+ s/>/>/g;
+ s/"/"/g;
+ s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
+ print;
+ }
+ print "\n</pre>";
}
- print "</pre>";
+ else {
+ print "Failed to open $docname.";
+ }
}
-# Print a file without escaping HTML: -
+# Print the contents of a file containing html
sub print_html ($) {
my ($filename) = @_;
- print `cat $filename 2>&1`;
+ open(FILE, $filename);
+ while(<FILE>) {
+ print;
+ }
+ close FILE;
}