mirror of
https://github.com/webmin/webmin.git
synced 2025-07-21 23:40:34 +00:00
Revert because something mysterious is broken when variables are
localized and such. I have no idea what, but long file lists get concatenated when using the new version (or maybe long HTML pages).
This commit is contained in:
Joe Cooper
97
chooser.cgi
97
chooser.cgi
@ -1,17 +1,11 @@
|
||||
#!/usr/local/bin/perl
|
||||
#!/usr/bin/perl
|
||||
# chooser.cgi
|
||||
# Outputs HTML for a frame-based file chooser
|
||||
|
||||
BEGIN { push(@INC, ".."); };
|
||||
use WebminCore;
|
||||
|
||||
# Globals
|
||||
our $remote_user;
|
||||
our %in;
|
||||
our %gconfig;
|
||||
our %text;
|
||||
|
||||
my %icon_map = ( "c", "text.gif",
|
||||
@icon_map = ( "c", "text.gif",
|
||||
"txt", "text.gif",
|
||||
"pl", "text.gif",
|
||||
"cgi", "text.gif",
|
||||
@ -22,15 +16,14 @@ my %icon_map = ( "c", "text.gif",
|
||||
"tar", "binary.gif"
|
||||
);
|
||||
|
||||
init_config();
|
||||
if (get_product_name() eq 'usermin') {
|
||||
switch_to_remote_user();
|
||||
&init_config();
|
||||
if (&get_product_name() eq 'usermin') {
|
||||
&switch_to_remote_user();
|
||||
}
|
||||
my %access = get_module_acl();
|
||||
%access = &get_module_acl();
|
||||
|
||||
# Work out root directory
|
||||
my @uinfo = getpwnam($remote_user);
|
||||
my $rootdir;
|
||||
local @uinfo = getpwnam($remote_user);
|
||||
if (!$access{'root'}) {
|
||||
$rootdir = $uinfo[7] ? $uinfo[7] : "/";
|
||||
}
|
||||
@ -40,22 +33,22 @@ else {
|
||||
}
|
||||
|
||||
# Switch to correct Unix user
|
||||
if (supports_users()) {
|
||||
if (get_product_name() eq 'usermin') {
|
||||
if (&supports_users()) {
|
||||
if (&get_product_name() eq 'usermin') {
|
||||
# Always run as Usermin login
|
||||
switch_to_remote_user();
|
||||
&switch_to_remote_user();
|
||||
}
|
||||
else {
|
||||
# ACL determines
|
||||
my $fileunix = $access{'fileunix'} || $remote_user;
|
||||
$fileunix = $access{'fileunix'} || $remote_user;
|
||||
@uinfo = getpwnam($fileunix);
|
||||
if (@uinfo) {
|
||||
switch_to_unix_user(\@uinfo);
|
||||
&switch_to_unix_user(\@uinfo);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
ReadParse(undef, undef, 1);
|
||||
&ReadParse(undef, undef, 1);
|
||||
|
||||
# If a chroot is forced which is under the allowed root, there is no need for
|
||||
# a restrictred root
|
||||
@ -81,8 +74,6 @@ if ($in{'add'}) {
|
||||
$in{'file'} = $1;
|
||||
}
|
||||
}
|
||||
my $dir;
|
||||
my $file;
|
||||
if ($in{'file'} =~ /^(([a-z]:)?.*\/)([^\/]*)$/i && $in{'file'} !~ /\.\./) {
|
||||
# File entered is valid
|
||||
$dir = $1;
|
||||
@ -94,29 +85,29 @@ else {
|
||||
$dir .= '/' if ($dir !~ /\/$/);
|
||||
$file = "";
|
||||
}
|
||||
my $add = int($in{'add'});
|
||||
$add = int($in{'add'});
|
||||
|
||||
if (!(-d $in{'chroot'}.$dir)) {
|
||||
# Entered directory does not exist
|
||||
$dir = $rootdir.'/';
|
||||
$file = "";
|
||||
}
|
||||
if (!allowed_dir($dir)) {
|
||||
if (!&allowed_dir($dir)) {
|
||||
# Directory is outside allowed root
|
||||
$dir = $rootdir.'/';
|
||||
$file = "";
|
||||
}
|
||||
|
||||
# Work out the top allowed dir
|
||||
my $topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir :
|
||||
$topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir :
|
||||
$access{'otherdirs'} ? "/" : $rootdir;
|
||||
my $uchroot = urlize($in{'chroot'});
|
||||
my $utype = urlize($in{'type'});
|
||||
my $ufile = urlize($in{'file'});
|
||||
$uchroot = &urlize($in{'chroot'});
|
||||
$utype = &urlize($in{'type'});
|
||||
$ufile = &urlize($in{'file'});
|
||||
|
||||
if ($in{'frame'} == 0) {
|
||||
# base frame
|
||||
PrintHeader();
|
||||
&PrintHeader();
|
||||
if ($in{'type'} == 0) {
|
||||
print "<title>$text{'chooser_title1'}</title>\n";
|
||||
}
|
||||
@ -134,7 +125,7 @@ if ($in{'frame'} == 0) {
|
||||
}
|
||||
elsif ($in{'frame'} == 1) {
|
||||
# List of files in this directory
|
||||
popup_header();
|
||||
&popup_header();
|
||||
print <<EOF;
|
||||
<script type='text/javascript'>
|
||||
function fileclick(f, d)
|
||||
@ -180,50 +171,48 @@ EOF
|
||||
&popup_error(&text('chooser_eopen', "$!"));
|
||||
print &ui_columns_start(undef, 100);
|
||||
my $cnt = 0;
|
||||
foreach my $f (sort { $a cmp $b } readdir(DIR)) {
|
||||
my $path = "$in{'chroot'}$dir$f";
|
||||
foreach $f (sort { $a cmp $b } readdir(DIR)) {
|
||||
$path = "$in{'chroot'}$dir$f";
|
||||
if ($f eq ".") { next; }
|
||||
if ($f eq ".." && ($dir eq "/" || $dir eq $topdir.'/')) { next; }
|
||||
if ($f =~ /^\./ && $f ne ".." && $access{'nodot'}) { next; }
|
||||
if (!(-d $path) && $in{'type'} == 1) { next; }
|
||||
|
||||
my @st = stat($path); # XXX What is @st?
|
||||
my $isdir = 0;
|
||||
my $icon;
|
||||
@st = stat($path);
|
||||
$isdir = 0; undef($icon);
|
||||
if (-d $path) { $icon = "dir.gif"; $isdir = 1; }
|
||||
elsif ($path =~ /\.([^\.\/]+)$/) { $icon = $icon_map{$1}; }
|
||||
if (!$icon) { $icon = "unknown.gif"; }
|
||||
|
||||
my $link;
|
||||
if ($f eq "..") {
|
||||
$dir =~ /^(.*\/)[^\/]+\/$/;
|
||||
$link = "<a href=\"\" onClick='parentdir(\"".quote_javascript($1)."\"); return false'>";
|
||||
$link = "<a href=\"\" onClick='parentdir(\""."e_javascript($1)."\"); return false'>";
|
||||
}
|
||||
else {
|
||||
$link = "<a href=\"\" onClick='fileclick(\"".quote_javascript("$dir$f")."\", $isdir); return false'>";
|
||||
$link = "<a href=\"\" onClick='fileclick(\""."e_javascript("$dir$f")."\", $isdir); return false'>";
|
||||
}
|
||||
my @cols;
|
||||
local @cols;
|
||||
push(@cols, "$link<img border=0 src=$gconfig{'webprefix'}/images/$icon></a>");
|
||||
push(@cols, "$link".&html_escape($f)."</a>");
|
||||
push(@cols, nice_size($st[7]));
|
||||
my @tm = localtime($st[9]);
|
||||
push(@cols, &nice_size($st[7]));
|
||||
@tm = localtime($st[9]);
|
||||
push(@cols, sprintf "<tt>%.2d/%s/%.4d</tt>",
|
||||
$tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900);
|
||||
push(@cols, sprintf "<tt>%.2d:%.2d</tt>", $tm[2], $tm[1]);
|
||||
print ui_columns_row(\@cols);
|
||||
print &ui_columns_row(\@cols);
|
||||
$cnt++;
|
||||
}
|
||||
closedir(DIR);
|
||||
print ui_columns_end();
|
||||
print &ui_columns_end();
|
||||
if ( $cnt >= 10 ) {
|
||||
print "<script type='text/javascript' src='$gconfig{'webprefix'}/unauthenticated/filter_match.js?28112013'></script>";
|
||||
print "<script type='text/javascript'>filter_match_box();</script>";
|
||||
}
|
||||
popup_footer();
|
||||
&popup_footer();
|
||||
}
|
||||
elsif ($in{'frame'} == 2) {
|
||||
# Current file and OK/cancel buttons
|
||||
popup_header();
|
||||
&popup_header();
|
||||
print <<EOF;
|
||||
<script type='text/javascript'>
|
||||
function filechosen()
|
||||
@ -241,25 +230,25 @@ top.close();
|
||||
}
|
||||
</script>
|
||||
EOF
|
||||
print ui_form_start(undef, undef, undef,
|
||||
print &ui_form_start(undef, undef, undef,
|
||||
"onSubmit='filechosen(); return false'");
|
||||
print ui_table_start(undef, "width=100%", 2);
|
||||
print ui_table_row(ui_submit($text{'chooser_ok'}),
|
||||
ui_textbox("path", $dir.$file, 45, 0, undef,
|
||||
print &ui_table_start(undef, "width=100%", 2);
|
||||
print &ui_table_row(&ui_submit($text{'chooser_ok'}),
|
||||
&ui_textbox("path", $dir.$file, 45, 0, undef,
|
||||
"style='width:100%'"), 1,["width=5% valign=middle nowrap","valign=middle width=95%"]);
|
||||
print ui_table_end();
|
||||
print ui_form_end();
|
||||
popup_footer();
|
||||
print &ui_table_end();
|
||||
print &ui_form_end();
|
||||
&popup_footer();
|
||||
}
|
||||
|
||||
# allowed_dir(dir)
|
||||
# Returns 1 if some directory should be listable
|
||||
sub allowed_dir
|
||||
{
|
||||
my ($dir) = @_;
|
||||
local ($dir) = @_;
|
||||
return 1 if ($rootdir eq "" || $rootdir eq "/" || $rootdir eq "c:");
|
||||
foreach my $allowed ($rootdir, split(/\t+/, $access{'otherdirs'})) {
|
||||
return 1 if (is_under_directory($allowed, $dir));
|
||||
return 1 if (&is_under_directory($allowed, $dir));
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user