ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/web/cgi-bin/docs.cgi
(Generate patch)

Comparing web/cgi-bin/docs.cgi (file contents):
Revision 1.1 by tdb, Wed Oct 25 23:56:27 2000 UTC vs.
Revision 1.5.2.1 by tdb, Sun May 11 19:51:06 2003 UTC

# Line 13 | Line 13 | use CGI;
13   $| = 1;
14  
15   # Settings
16 < my ($left) = "../left.inc" ;
17 < my ($title) = "../title.inc";
18 < my ($bottom) = "../bottom.inc";
16 > my ($left) = "../htdocs/left.inc" ;
17 > my ($title) = "../htdocs/title.inc";
18 > my ($bottom) = "../htdocs/bottom.inc";
19  
20  
21   my ($query) = new CGI;
22 my ($doci) = ($query->param('doc') =~ /^\s*(.*?\.txt)\s*$/);
23 my ($doc) = "../documentation/$doci";
22  
23 < print "content-type: text/html\n\n";
23 > # Note filenames may only have one dot in them, in the ".txt".
24 > # This prevents malicious users using "../" to view files.
25 > my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
26  
27 + print "Content-type: text/html\n\n";
28 +
29 + unless (defined $doc) {
30 +    print "The link to this page was broken - it must specify a .txt file.";
31 +    exit;
32 + }
33 +
34 + # Prevent hackers from supplying a malformed document string.
35 + # I.e. only allow normal characters, slashes and dots.
36 + unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
37 +    print "Malformed request";
38 +    exit;
39 + }
40 + $doc = "../htdocs/documentation/".$doc;
41 +
42   print <<"END";
43   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
44  
# Line 31 | Line 46 | print <<"END";
46      docs.cgi
47      Web-based text file viewer and formatter.
48      Created by pjm2 19/10/2000
49 <    Last modified 19/10/2000
49 >    Last modified 02/11/2000
50   -->
51  
52   <html>
# Line 50 | Line 65 | print <<"END";
65    <td valign="top">
66   END
67  
68 < &print_file($left);
68 > &print_html($left);
69  
70   print <<"END";
71  
# Line 58 | Line 73 | print <<"END";
73    <td valign="top">
74   END
75  
76 < &print_file($title);
62 <
63 < print "<PRE>\n";
76 > &print_html($title);
77   &print_file($doc);
78 < print "</PRE>\n";
78 > &print_html($bottom);
79  
67 &print_file($bottom);
68
80   print <<"END";
81  
82    </td>
# Line 79 | Line 90 | END
90  
91   exit 0;
92  
93 + # Print a file, whilst escaping HTML: -
94   sub print_file ($) {
95 +    my ($urls) = '(' . join ('|', qw{
96 +                       http
97 +                       telnet
98 +                       gopher
99 +                       file
100 +                       wais
101 +                       ftp
102 +                       } )
103 +                   . ')';
104 +    
105 +    my ($ltrs) = '\w';
106 +    my ($gunk) = '/#~:.?+=&%@!\-';
107 +    my ($punc) = '.:?\-';
108 +    my ($any) = "${ltrs}${gunk}${punc}";
109      my ($filename) = @_;
84    print `cat $filename`;
85 }
86
87 sub print_file_old ($) {
88    my ($filename) = @_;
110      open(FILE, $filename) or die "Cannot open $filename: $!\n";
111 <    while (my ($line) = <FILE>) {
112 <        print $line;
111 >    print "<pre>\n";
112 >    # Use $_ implicitly throughout.
113 >    while (<FILE>) {
114 >        # Must do the next line first!
115 >        s/&/&amp;/g;
116 >        s/</&lt;/g;
117 >        s/>/&gt;/g;
118 >        s/"/&quot;/g;
119 >        s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
120 >        print;
121      }
122 +    print "</pre>";
123   }
124  
125 + # Print a file without escaping HTML: -
126 + sub print_html ($) {
127 +    my ($filename) = @_;
128 +    print `cat $filename 2>&1`;
129 + }

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines