--- web/cgi-bin/docs.cgi 2001/02/08 21:17:47 1.4 +++ web/cgi-bin/docs.cgi 2004/03/24 23:53:09 1.11 @@ -1,22 +1,19 @@ #!/usr/bin/perl -w -#------------------------------------------------------------ -# docs.cgi -# -# Web-based text file viewer. -# Copyright Paul Mutton, 2000. -#------------------------------------------------------------ - use strict; use CGI; $| = 1; # Settings -my ($left) = "../left.inc" ; -my ($title) = "../title.inc"; -my ($bottom) = "../bottom.inc"; +my ($incdir) = "../nwww"; +# Include files +my ($doctype) = "$incdir/doctype.inc"; +my ($style) = "$incdir/style.inc"; +my ($header) = "$incdir/header.inc"; +my ($footer) = "$incdir/footer.inc"; +my ($menu) = "$incdir/menu-static.inc" ; my ($query) = new CGI; @@ -24,6 +21,7 @@ my ($query) = new CGI; # This prevents malicious users using "../" to view files. my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/); +# This should be application/xhtml+xml print "Content-type: text/html\n\n"; unless (defined $doc) { @@ -34,96 +32,113 @@ unless (defined $doc) { # Prevent hackers from supplying a malformed document string. # I.e. only allow normal characters, slashes and dots. unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) { - print "Go Away, you nasty hax0r!"; + print "Malformed request."; exit; } -$doc = "../documentation/".$doc; +$doc = "../htdocs/documentation/".$doc; -print <<"END"; - +my($docname) = $doc =~ /\/([^\/]+)$/; - +&print_html($doctype); - +print <<"END"; -
-
+print <<"END";
+
+
+
+
+
END
-&print_html($left);
+&print_html($header);
print <<"END";
- |
-
+
+ + i-scream documentation viewer +++ $docname +END -&print_html($title); &print_file($doc); -&print_html($bottom); print <<"END"; - |
-
\n"; - # Use $_ implicitly throughout. - while ("; + else { + print "Failed to open $docname."; + } } -# Print a file without escaping HTML: - +# Print the contents of a file containing html sub print_html ($) { my ($filename) = @_; - print `cat $filename`; + open(FILE, $filename); + while() { - # Must do the next line first! - s/&/&/g; - s/</g; - s/>/>/g; - s/"/"/g; - s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/$1<\/a>/igox; - print; + if(open(FILE, $filename)) { + print " \n"; + # Use $_ implicitly throughout. + while ("; } - print ") { + # Must do the next line first! + s/&/&/g; + s/</g; + s/>/>/g; + s/"/"/g; + s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/$1<\/a>/igox; + print; + } + print "\n