1 |
|
#!/usr/bin/perl -w |
2 |
|
|
3 |
– |
#------------------------------------------------------------ |
4 |
– |
# docs.cgi |
5 |
– |
# |
6 |
– |
# Web-based text file viewer. |
7 |
– |
# Copyright Paul Mutton, 2000. |
8 |
– |
#------------------------------------------------------------ |
9 |
– |
|
3 |
|
use strict; |
4 |
|
use CGI; |
5 |
|
|
6 |
|
$| = 1; |
7 |
|
|
8 |
|
# Settings |
9 |
< |
my ($left) = "../left.inc" ; |
17 |
< |
my ($title) = "../title.inc"; |
18 |
< |
my ($bottom) = "../bottom.inc"; |
9 |
> |
my ($incdir) = "../htdocs"; |
10 |
|
|
11 |
+ |
# Include files |
12 |
+ |
my ($doctype) = "$incdir/doctype.inc"; |
13 |
+ |
my ($style) = "$incdir/style.inc"; |
14 |
+ |
my ($header) = "$incdir/header.inc"; |
15 |
+ |
my ($footer) = "$incdir/footer.inc"; |
16 |
+ |
my ($menu) = "$incdir/menu-static.inc" ; |
17 |
|
|
18 |
|
my ($query) = new CGI; |
19 |
|
|
21 |
|
# This prevents malicious users using "../" to view files. |
22 |
|
my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/); |
23 |
|
|
24 |
+ |
# This should be application/xhtml+xml |
25 |
|
print "Content-type: text/html\n\n"; |
26 |
|
|
27 |
|
unless (defined $doc) { |
32 |
|
# Prevent hackers from supplying a malformed document string. |
33 |
|
# I.e. only allow normal characters, slashes and dots. |
34 |
|
unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) { |
35 |
< |
print "Go Away, you nasty hax0r!"; |
35 |
> |
print "Malformed request."; |
36 |
|
exit; |
37 |
|
} |
38 |
< |
$doc = "../documentation/".$doc; |
38 |
> |
$doc = "../htdocs/documentation/".$doc; |
39 |
|
|
40 |
< |
print <<"END"; |
43 |
< |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
40 |
> |
my($docname) = $doc =~ /\/([^\/]+)$/; |
41 |
|
|
42 |
< |
<!-- |
46 |
< |
docs.cgi |
47 |
< |
Web-based text file viewer and formatter. |
48 |
< |
Created by pjm2 19/10/2000 |
49 |
< |
Last modified 02/11/2000 |
50 |
< |
--> |
42 |
> |
&print_html($doctype); |
43 |
|
|
44 |
< |
<html> |
44 |
> |
print <<"END"; |
45 |
|
|
46 |
< |
<head> |
47 |
< |
<title>The i-scream Project Documentation Viewer</title> |
48 |
< |
<meta name="description" content="The i-scream Project is a central monitoring system for Unix, Linux and NT servers."> |
49 |
< |
<meta name="keywords" content="i-scream, project, central monitoring system, unix, linux, nt, server, alert"> |
50 |
< |
<meta name="generator" content="notepad on acid, aye."> |
59 |
< |
</head> |
46 |
> |
<head> |
47 |
> |
<title> |
48 |
> |
i-scream plain text documentation viewer |
49 |
> |
</title> |
50 |
> |
END |
51 |
|
|
52 |
< |
<body bgcolor="#ffffff" link="#0000ff" alink="#3333cc" vlink="#3333cc" text="#000066"> |
52 |
> |
&print_html($style); |
53 |
|
|
54 |
< |
<table border="0" cellpadding="2" cellspacing="2"> |
55 |
< |
<tr> |
56 |
< |
<td valign="top"> |
54 |
> |
print <<"END"; |
55 |
> |
|
56 |
> |
</head> |
57 |
> |
<body> |
58 |
> |
<div id="container"> |
59 |
> |
<div id="main"> |
60 |
|
END |
61 |
|
|
62 |
< |
&print_html($left); |
62 |
> |
&print_html($header); |
63 |
|
|
64 |
|
print <<"END"; |
65 |
|
|
66 |
< |
</td> |
67 |
< |
<td valign="top"> |
66 |
> |
<div id="contents"> |
67 |
> |
<h1 class="top"> |
68 |
> |
i-scream documentation viewer |
69 |
> |
</h1> |
70 |
> |
<h2> |
71 |
> |
$docname |
72 |
> |
</h2> |
73 |
|
END |
74 |
|
|
76 |
– |
&print_html($title); |
75 |
|
&print_file($doc); |
78 |
– |
&print_html($bottom); |
76 |
|
|
77 |
|
print <<"END"; |
78 |
|
|
79 |
< |
</td> |
80 |
< |
</tr> |
84 |
< |
</table> |
79 |
> |
</div> |
80 |
> |
END |
81 |
|
|
82 |
< |
</body> |
82 |
> |
&print_html($footer); |
83 |
|
|
84 |
+ |
print <<"END"; |
85 |
+ |
|
86 |
+ |
</div> |
87 |
+ |
END |
88 |
+ |
|
89 |
+ |
&print_html($menu); |
90 |
+ |
|
91 |
+ |
print <<"END"; |
92 |
+ |
|
93 |
+ |
</div> |
94 |
+ |
</body> |
95 |
|
</html> |
96 |
|
END |
97 |
|
|
98 |
|
exit 0; |
99 |
|
|
100 |
|
# Print a file, whilst escaping HTML: - |
101 |
< |
sub print_file ($) { |
102 |
< |
my ($urls) = '(' . join ('|', qw{ |
103 |
< |
http |
104 |
< |
telnet |
105 |
< |
gopher |
106 |
< |
file |
107 |
< |
wais |
108 |
< |
ftp |
109 |
< |
} ) |
110 |
< |
. ')'; |
111 |
< |
|
101 |
> |
sub print_file { |
102 |
> |
my ($urls) = '(' . join ('|', qw{ |
103 |
> |
http |
104 |
> |
telnet |
105 |
> |
gopher |
106 |
> |
file |
107 |
> |
wais |
108 |
> |
ftp |
109 |
> |
} ) |
110 |
> |
. ')'; |
111 |
> |
|
112 |
|
my ($ltrs) = '\w'; |
113 |
|
my ($gunk) = '/#~:.?+=&%@!\-'; |
114 |
|
my ($punc) = '.:?\-'; |
115 |
|
my ($any) = "${ltrs}${gunk}${punc}"; |
116 |
|
my ($filename) = @_; |
117 |
< |
open(FILE, $filename) or die "Cannot open $filename: $!\n"; |
118 |
< |
print "<pre>\n"; |
119 |
< |
# Use $_ implicitly throughout. |
120 |
< |
while (<FILE>) { |
121 |
< |
# Must do the next line first! |
122 |
< |
s/&/&/g; |
123 |
< |
s/</</g; |
124 |
< |
s/>/>/g; |
125 |
< |
s/"/"/g; |
126 |
< |
s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox; |
127 |
< |
print; |
117 |
> |
if(open(FILE, $filename)) { |
118 |
> |
print " <pre>\n"; |
119 |
> |
# Use $_ implicitly throughout. |
120 |
> |
while (<FILE>) { |
121 |
> |
# Must do the next line first! |
122 |
> |
s/&/&/g; |
123 |
> |
s/</</g; |
124 |
> |
s/>/>/g; |
125 |
> |
s/"/"/g; |
126 |
> |
s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox; |
127 |
> |
print; |
128 |
> |
} |
129 |
> |
print "\n</pre>"; |
130 |
|
} |
131 |
< |
print "</pre>"; |
131 |
> |
else { |
132 |
> |
print "Failed to open $docname."; |
133 |
> |
} |
134 |
|
} |
135 |
|
|
136 |
< |
# Print a file without escaping HTML: - |
136 |
> |
# Print the contents of a file containing html |
137 |
|
sub print_html ($) { |
138 |
|
my ($filename) = @_; |
139 |
< |
print `cat $filename`; |
139 |
> |
open(FILE, $filename); |
140 |
> |
while(<FILE>) { |
141 |
> |
print; |
142 |
> |
} |
143 |
> |
close FILE; |
144 |
|
} |