ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/web/cgi-bin/docs.cgi
(Generate patch)

Comparing web/cgi-bin/docs.cgi (file contents):
Revision 1.5.2.1 by tdb, Sun May 11 19:51:06 2003 UTC vs.
Revision 1.13 by tdb, Thu Mar 25 22:51:20 2004 UTC

# Line 1 | Line 1
1   #!/usr/bin/perl -w
2  
3 #------------------------------------------------------------
4 # docs.cgi
5 #
6 # Web-based text file viewer.
7 # Copyright Paul Mutton, 2000.
8 #------------------------------------------------------------
9
3   use strict;
4   use CGI;
5  
6   $| = 1;
7  
8   # Settings
9 < my ($left) = "../htdocs/left.inc" ;
17 < my ($title) = "../htdocs/title.inc";
18 < my ($bottom) = "../htdocs/bottom.inc";
9 > my ($incdir) = "../htdocs";
10  
11 + # Include files
12 + my ($doctype) = "$incdir/doctype.inc";
13 + my ($style) = "$incdir/style.inc";
14 + my ($header) = "$incdir/header.inc";
15 + my ($footer) = "$incdir/footer.inc";
16 + my ($menu) = "$incdir/menu-static.inc" ;
17  
18   my ($query) = new CGI;
19  
# Line 24 | Line 21 | my ($query) = new CGI;
21   # This prevents malicious users using "../" to view files.
22   my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
23  
24 + # This should be application/xhtml+xml
25   print "Content-type: text/html\n\n";
26  
27   unless (defined $doc) {
# Line 34 | Line 32 | unless (defined $doc) {
32   # Prevent hackers from supplying a malformed document string.
33   # I.e. only allow normal characters, slashes and dots.
34   unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
35 <    print "Malformed request";
35 >    print "Malformed request.";
36      exit;
37   }
38 < $doc = "../htdocs/documentation/".$doc;
38 > $doc = "../htdocs/cms/documentation/".$doc;
39  
40 < print <<"END";
43 < <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
40 > my($docname) = $doc =~ /\/([^\/]+)$/;
41  
42 < <!--
46 <    docs.cgi
47 <    Web-based text file viewer and formatter.
48 <    Created by pjm2 19/10/2000
49 <    Last modified 02/11/2000
50 < -->
42 > &print_html($doctype);
43  
44 < <html>
44 > print <<"END";
45  
46 < <head>
47 < <title>The i-scream Project Documentation Viewer</title>
48 < <meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers.">
49 < <meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert">
50 < <meta name="generator" content="notepad on acid, aye.">
59 < </head>
46 >  <head>
47 >    <title>
48 >      i-scream plain text documentation viewer
49 >    </title>
50 > END
51  
52 < <body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066">
52 > &print_html($style);
53  
54 < <table border="0" cellpadding="2" cellspacing="2">
55 < <tr>
56 <  <td valign="top">
54 > print <<"END";
55 >
56 >  </head>
57 >  <body>
58 >    <div id="container">
59 >      <div id="main">
60   END
61  
62 < &print_html($left);
62 > &print_html($header);
63  
64   print <<"END";
65  
66 <  </td>
67 <  <td valign="top">
66 >        <div id="contents">
67 >          <h1 class="top">
68 >            i-scream documentation viewer
69 >          </h1>
70 >          <h2>
71 >            $docname
72 >          </h2>
73   END
74  
76 &print_html($title);
75   &print_file($doc);
78 &print_html($bottom);
76  
77   print <<"END";
78  
79 <  </td>
80 < </tr>
84 < </table>
79 >        </div>
80 > END
81  
82 < </body>
82 > &print_html($footer);
83  
84 + print <<"END";
85 +
86 +      </div>
87 + END
88 +
89 + &print_html($menu);
90 +
91 + print <<"END";
92 +
93 +    </div>
94 +  </body>
95   </html>
96   END
97  
98   exit 0;
99  
100   # Print a file, whilst escaping HTML: -
101 < sub print_file ($) {
102 <    my ($urls) = '(' . join ('|', qw{
103 <                       http
104 <                       telnet
105 <                       gopher
106 <                       file
107 <                       wais
108 <                       ftp
109 <                       } )
110 <                   . ')';
111 <    
101 > sub print_file {
102 > my ($urls) = '(' . join ('|', qw{
103 >               http
104 >               telnet
105 >               gopher
106 >               file
107 >               wais
108 >               ftp
109 >               } )
110 >           . ')';
111 >
112      my ($ltrs) = '\w';
113      my ($gunk) = '/#~:.?+=&%@!\-';
114      my ($punc) = '.:?\-';
115      my ($any) = "${ltrs}${gunk}${punc}";
116      my ($filename) = @_;
117 <    open(FILE, $filename) or die "Cannot open $filename: $!\n";
118 <    print "<pre>\n";
119 <    # Use $_ implicitly throughout.
120 <    while (<FILE>) {
121 <        # Must do the next line first!
122 <        s/&/&amp;/g;
123 <        s/</&lt;/g;
124 <        s/>/&gt;/g;
125 <        s/"/&quot;/g;
126 <        s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
127 <        print;
117 >    if(open(FILE, $filename)) {
118 >        print "          <pre>\n";
119 >        # Use $_ implicitly throughout.
120 >        while (<FILE>) {
121 >            # Must do the next line first!
122 >            s/&/&amp;/g;
123 >            s/</&lt;/g;
124 >            s/>/&gt;/g;
125 >            s/"/&quot;/g;
126 >            s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
127 >            print;
128 >        }
129 >        print "\n</pre>";
130      }
131 <    print "</pre>";
131 >    else {
132 >        print "Failed to open $docname.";
133 >    }
134   }
135  
136 < # Print a file without escaping HTML: -
136 > # Print the contents of a file containing html
137   sub print_html ($) {
138      my ($filename) = @_;
139 <    print `cat $filename 2>&1`;
139 >    open(FILE, $filename);
140 >    while(<FILE>) {
141 >        print;
142 >    }
143 >    close FILE;
144   }

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines