Index: ossp-pkg/tabea/tabea.cgi RCS File: /v/ossp/cvs/ossp-pkg/tabea/tabea.cgi,v rcsdiff -q -kk '-r1.19' '-r1.20' -u '/v/ossp/cvs/ossp-pkg/tabea/tabea.cgi,v' 2>/dev/null --- tabea.cgi 2002/05/15 15:34:06 1.19 +++ tabea.cgi 2002/05/16 12:22:05 1.20 @@ -27,6 +27,7 @@ ## ## tabea.cgi: Tabea CGI (syntax: Perl) ## +## require 5.000; use strict; @@ -35,13 +36,10 @@ $|++; - -my $cfgfile = "./tabea.cfg"; # Name of configuration file - -my $pwdfile = "./tabea.pw"; +my $cfgfile = "./tabea.cfg"; +my $pwdfile = "./tabea.pw"; my $configsdir = "./tabea.d"; - # establish my configuration my $MY = {}; $MY->{PROGNAME} = ($0 =~ m|^.*?([^/]+?)(?:\.[^/.]+)?$|)[0]; @@ -70,22 +68,16 @@ # update cookies my $cookies = []; foreach my $param (qw(username)) { # FIXME! - my $cookieparam; - if (defined $cgi->param($param)) { - $cookieparam = $cgi->param($param); - } else { - $cookieparam = ''; - } - if ($cookieparam ne '' and ($cookieparam ne $cgi->cookie($param))) { + if ($cgi->param($param) ne '' and ($cgi->param($param) ne $cgi->cookie($param))) { push(@{$cookies}, $cgi->cookie( -name => $param, - -value => $cookieparam, + -value => $cgi->param($param), -expires => '+1d', -path => $cgi->url(-absolute => 1), -secure => 0 )); } - if ($cookieparam eq '' and $cookieparam ne '') { + if ($cgi->param($param) eq '' and $cgi->cookie($param) ne '') { $cgi->param(-name => $param, -value => [$cgi->cookie($param)]); } } @@ -93,7 +85,6 @@ # Read the configuration my %cfghash = read_config($cfgfile); - # fetch parameters my $dialog = $cgi->param("dialog") || ""; my $username = $cgi->param("username") || ""; @@ -105,46 +96,45 @@ if ($cfghash{"TabeaUser"} ne '') { if ($dialog eq "") { - $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)) . - "" . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - "
Username:" . - $cgi->textfield( - -name => 'username', - -default => $username, - -size => 20, - -maxlength => 8 - ) . - "
Password:" . - $cgi->password_field( - -name => 'password', - -value => $password, - -size => 20, - -maxlength => 80 - ) . - "
" . - $cgi->reset() . - $cgi->submit(-name => 'dialog', -value => 'login') . - "
" . - $cgi->endform; + $page .= + $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)) . + "" . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + "
Username:" . + $cgi->textfield( + -name => 'username', + -default => $username, + -size => 20, + -maxlength => 8 + ) . + "
Password:" . + $cgi->password_field( + -name => 'password', + -value => $password, + -size => 20, + -maxlength => 80 + ) . + "
" . + $cgi->reset() . + $cgi->submit(-name => 'dialog', -value => 'login') . + "
" . + $cgi->endform; } elsif (($dialog eq 'login') || ($dialog eq 'Back')) { # enter Select form - &validpassword($username, $password, $cfghash{'BaseDir'}.$cfghash{'PasswdFile'}) || print STDOUT $cgi->redirect(-uri => $cgi->url(-full => 1), -type => "text/html"); - my $templatesfiles = &get_name_files($cfghash{'BaseDir'} . $cfghash{'ConfigDir'}, $username, 4); my $configsfiles = &get_name_files($cfghash{'BaseDir'} . $cfghash{'ConfigDir'}, $username, 6); @@ -156,78 +146,86 @@ my @templatesarray = split(/ /,$templatesfiles); my @configsarray = split(/ /,$configsfiles); - - $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)) . - $cgi->hidden(-name => 'password', -default => $password ) . -# Begin with templates part - "" . - "
Active User: $username

\n" . - "" . - "" . - " " . - " " . - "
Templates
" . - " " . - $cgi->scrolling_list( - -name => 'templatelist', - -value => [@templatesarray], - -size => 3 - ) . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - "
" . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Copy_Temp') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'View') . - "
" . - "
" . - " " . - "" . + $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)) . + $cgi->hidden(-name => 'password', -default => $password ) . + # Begin with templates part + "" . + "
Active User: $username

\n" . + "" . + "" . + " " . + " " . + "
Templates
" . + " " . + $cgi->scrolling_list( + -name => 'templatelist', + -value => [@templatesarray], + -size => 3 + ) . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + "
" . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Copy_Temp') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'View') . + "
" . + "
" . + " " . + "" . # Now the configuration part - "

" . - "" . - "" . - " " . - "
Configuration
" . - " " . - $cgi->scrolling_list( - -name => 'configslist', - -value => [@configsarray], - -size => 10 - ) . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - " " . - "
" . - $cgi->submit(-name => 'dialog', -value => 'New') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Copy_Conf') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Edit') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Del') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Run') . - "
" . - $cgi->submit(-name => 'dialog', -value => 'Config_rights') . - "
" . - " 		" . - "
" . - $cgi->endform; + "

" . + "" . + "" . + " " . + "
Configuration
" . + " " . + $cgi->scrolling_list( + -name => 'configslist', + -value => [@configsarray], + -size => 10 + ) . + " " . + " " . + + " " . + + " " . + + " " . + + " " . + + " " . + + " " . + + "
" . + $cgi->submit(-name => 'dialog', -value => 'New') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Copy_Conf') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Edit') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Del') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Run') . + "
" . + $cgi->submit(-name => 'dialog', -value => 'Config_rights') . + "
" . + " 		" . + "
" ; + + + $page .= $cgi->endform; } elsif ($dialog eq 'Edit') { @@ -237,6 +235,9 @@ $page .= $cgi->hidden(-name => 'password', -default => $password ) ; $page .= $cgi->endform; } +elsif ($dialog eq 'Save') { + ## FIXME +} elsif ($dialog eq 'View') { # enter View form $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); @@ -246,19 +247,19 @@ } elsif ($dialog eq 'New') { $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); - $page .= $cgi->hidden(-name => 'password', -default => $password ) ; $page .= &new($cfghash{'BaseDir'} . $cfghash{'ConfigDir'}, $username); + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; $page .= $cgi->endform; } elsif ($dialog eq 'New_file') { $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= &newfile($cfghash{'BaseDir'} . $cfghash{'ConfigDir'}, $username, $cgi->param('newfile'), + $cgi->param('new_rights')); $page .= $cgi->hidden(-name => 'password', -default => $password ) ; - $page .= &newfile($cfghash{'BaseDir'} . $cfghash{'ConfigDir'}, $username, $cgi->param('newfile'), $cgi->param('new_rights')); $page .= $cgi->endform; } elsif ($dialog eq 'Config_rights') { $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); - $page .= $cgi->hidden(-name => 'password', -default => $password ) ; my $configfile; if (! defined $cgi->param('configslist') ) { $configfile = ''; @@ -266,15 +267,41 @@ $configfile = $cgi->param('configslist'); } $page .= &config_rights($configfile, $username); - # $page .= "Returnvalue: " . $cgi->param('filename') . "
"; + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; $page .= $cgi->endform; } elsif ($dialog eq 'Change_rights') { $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= &change_rights($cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $cgi->param('filename'), + $cgi->param('changerights') ); + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; + $page .= $cgi->endform; +} +elsif ($dialog eq 'Copy_Temp') { + $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= ©_file($cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" .$cgi->param('templatelist'), $username ); + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; + $page .= $cgi->endform; +} +elsif ($dialog eq 'Copy_Conf') { + $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= ©_file($cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" .$cgi->param('configslist'), $username ); + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; + $page .= $cgi->endform; +} +elsif ($dialog eq 'Copy' ) { + $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= ©($cgi->param('srcfile'), $cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $username . "/". $cgi->param('dstfile')); + $page .= $cgi->hidden(-name => 'password', -default => $password ) ; +$page .= $cgi->endform; +} +elsif ($dialog eq 'Del' ) { + $page .= $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)); + $page .= &del($cgi->param('configslist'), $username ); $page .= $cgi->hidden(-name => 'password', -default => $password ) ; - $page .= &change_rights($cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $cgi->param('filename'), $cgi->param('changerights') ); $page .= $cgi->endform; } + } else { die "no configuration found"; } @@ -347,8 +374,7 @@ my $filename = $cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $file; &editconfig($filename, 'w', $username); } else { - $text = $cgi->startform( -method => "POST", -action => $cgi->url(-full => 1)) . - "Missing iilename

\n" . + $text .= "Missing filename

\n" . $cgi->submit(-name => 'dialog', -value => 'Back') ; } return $text; @@ -442,10 +468,8 @@ "


" ; foreach (@filesinpatharray) { if ( $_ eq $newfilename) { $canwrite = 0; }; - } - $text .= "$canwrite

"; - if ( $canwrite ) { - system("touch $newpath") && die "Cannot create new file"; + } + if ( $canwrite ) { if ($newrights eq "private" ) { $filerights = ''; } elsif ($newrights eq "protected" ) { @@ -460,7 +484,6 @@ $text .= "Setting new file rights for $newpath

"; system("chmod u=rw $newpath") && die "Cannot set new file rights"; system("chmod o=$filerights $newpath") && die "Cannot set new file rights"; - # Checking that file dont exist: TODO $text .= "


" ; } else { $text .= "Cannot write file. It exists

\n" ; @@ -480,8 +503,8 @@ my $text = ''; my $defaultright = ''; my $filerights = (stat($cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $namefile))[2] & 07; - - $text .= $cgi->hidden(-name => 'filename', -default => $namefile ) ; + + $text .= $cgi->hidden(-name => 'filename', -default => $namefile ) ; if ( $filerights == 6 ) { $defaultright = "public" ; } elsif ( $filerights == 4 ) { @@ -515,13 +538,14 @@ $cgi->submit(-name => 'dialog', -value => 'Back') . $cgi->submit(-name => 'dialog', -value => 'Change_rights'); } else { - $text .= "You can only change file rights in your directory

\n"; + $text .= "You can only change file rights in your own directory

\n" . + $cgi->submit(-name => 'dialog', -value => 'Back'); } } else { - $text .= "Missing filename

\n" ; - } - $text .= $cgi->submit(-name => 'dialog', -value => 'Back'); + $text .= "Missing filename

\n" . + $cgi->submit(-name => 'dialog', -value => 'Back'); + } return $text; } @@ -548,6 +572,7 @@ } else { die "Unknown file rights"; } +# $text .= "Name : $filename
Rights: $filerights
" ; system("chmod o=$filerights $filename") && die "Cannot set new file rights"; $text .= "
Done.

" . $cgi->submit(-name => 'dialog', -value => 'Back'); @@ -557,6 +582,107 @@ ######################################################################################## +######################################################################################## +sub copy_file { +######################################################################################## + my ( $srcfile, $user ) = @_; + my $text = ''; + + $text .= $cgi->hidden(-name => 'srcfile', -default => $srcfile ) . + "" . + "Copying File:
" . + "" . + "

" . + "Active user: $user
" . + "" . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + " " . + "
Sourcefile :Destinationfile
$srcfile" . + " " . + " " . + " " . + " " . + " " . + "
" . $cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $user . "/" . + $cgi->textfield(-name=>'dstfile', + -default=>'', + -size=>30, + -maxlength=>80) . + "
" . + "
" . + "

" . + "" . + " " . + " " . + " " . + "
" . + " " . + $cgi->submit(-name => 'dialog', -value => 'Back'). + " " . + $cgi->submit(-name => 'dialog', -value => 'Copy'). + "
" ; + + + return $text; + +} +######################################################################################## + + +######################################################################################## +sub del { +######################################################################################## + my ( $delfile, $user ) = @_; + my $text = ''; + my $fpath = $cfghash{'BaseDir'} . $cfghash{'ConfigDir'} . "/" . $delfile; + + $text= "" . + "Delete File: $fpath

\n" . + "" . + "

" ; + $delfile =~ m{^([a-zA-Z0-9!"$%^&*()-_=+#~]+)/(.+)}sg; + if ( $1 eq $user ) { + system("rm $fpath") && die "Cannot delete file"; + } else { + $text .= "You can only delete file in your own directory

\n" ; + } + + $text .= $cgi->submit(-name => 'dialog', -value => 'Back'); + + return $text; +} +######################################################################################## + + + +######################################################################################## +sub copy { +######################################################################################## + my ( $srcf, $dstf ) = @_; + my $text = ''; + + $text .= "" . + "Copying File:
" . + "

" . + "Copying from $srcf to $dstf

" ; + + system("cp $srcf $dstf") && die "Cannot copy file"; + system("chmod o= $dstf") && die "Cannot change file rights"; + + $text .= $cgi->submit(-name => 'dialog', -value => 'Back'); + + return $text; +} +######################################################################################## + + + ######################################################################################## sub read_config { @@ -742,9 +868,7 @@ } $page .= " " . " " . - "" . - + "" ; - $cgi->endform; } ########################################################################################