VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-25 15:09:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert because something mysterious is broken when variables are

Browse Source 
localized and such. I have no idea what, but long file lists get concatenated
when using the new version (or maybe long HTML pages).
This commit is contained in:
Joe Cooper
2014-12-21 04:49:30 -06:00
parent 3595cbde04
commit 236250c344
1 changed files with 43 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
chooser.cgi
View File

@ -1,17 +1,11 @@
#!/usr/local/bin/perl #!/usr/bin/perl
# chooser.cgi # chooser.cgi
# Outputs HTML for a frame-based file chooser # Outputs HTML for a frame-based file chooser
BEGIN { push(@INC, ".."); }; BEGIN { push(@INC, ".."); };
use WebminCore; use WebminCore;
# Globals @icon_map = ( "c", "text.gif",
our $remote_user;
our %in;
our %gconfig;
our %text;
my %icon_map = ( "c", "text.gif",
"txt", "text.gif", "txt", "text.gif",
"pl", "text.gif", "pl", "text.gif",
"cgi", "text.gif", "cgi", "text.gif",
@ -22,15 +16,14 @@ my %icon_map = ( "c", "text.gif",
"tar", "binary.gif" "tar", "binary.gif"
); );
init_config(); &init_config();
if (get_product_name() eq 'usermin') { if (&get_product_name() eq 'usermin') {
switch_to_remote_user(); &switch_to_remote_user();
} }
my %access = get_module_acl(); %access = &get_module_acl();
# Work out root directory # Work out root directory
my @uinfo = getpwnam($remote_user); local @uinfo = getpwnam($remote_user);
my $rootdir;
if (!$access{'root'}) { if (!$access{'root'}) {
$rootdir = $uinfo[7] ? $uinfo[7] : "/"; $rootdir = $uinfo[7] ? $uinfo[7] : "/";
} }
@ -40,22 +33,22 @@ else {
} }
# Switch to correct Unix user # Switch to correct Unix user
if (supports_users()) { if (&supports_users()) {
if (get_product_name() eq 'usermin') { if (&get_product_name() eq 'usermin') {
# Always run as Usermin login # Always run as Usermin login
switch_to_remote_user(); &switch_to_remote_user();
} }
else { else {
# ACL determines # ACL determines
my $fileunix = $access{'fileunix'} || $remote_user; $fileunix = $access{'fileunix'} || $remote_user;
@uinfo = getpwnam($fileunix); @uinfo = getpwnam($fileunix);
if (@uinfo) { if (@uinfo) {
switch_to_unix_user(\@uinfo); &switch_to_unix_user(\@uinfo);
} }
} }
} }
ReadParse(undef, undef, 1); &ReadParse(undef, undef, 1);
# If a chroot is forced which is under the allowed root, there is no need for # If a chroot is forced which is under the allowed root, there is no need for
# a restrictred root # a restrictred root
@ -81,8 +74,6 @@ if ($in{'add'}) {
$in{'file'} = $1; $in{'file'} = $1;
} }
} }
my $dir;
my $file;
if ($in{'file'} =~ /^(([a-z]:)?.*\/)([^\/]*)$/i && $in{'file'} !~ /\.\./) { if ($in{'file'} =~ /^(([a-z]:)?.*\/)([^\/]*)$/i && $in{'file'} !~ /\.\./) {
# File entered is valid # File entered is valid
$dir = $1; $dir = $1;
@ -94,29 +85,29 @@ else {
$dir .= '/' if ($dir !~ /\/$/); $dir .= '/' if ($dir !~ /\/$/);
$file = ""; $file = "";
} }
my $add = int($in{'add'}); $add = int($in{'add'});
if (!(-d $in{'chroot'}.$dir)) { if (!(-d $in{'chroot'}.$dir)) {
# Entered directory does not exist # Entered directory does not exist
$dir = $rootdir.'/'; $dir = $rootdir.'/';
$file = ""; $file = "";
} }
if (!allowed_dir($dir)) { if (!&allowed_dir($dir)) {
# Directory is outside allowed root # Directory is outside allowed root
$dir = $rootdir.'/'; $dir = $rootdir.'/';
$file = ""; $file = "";
} }
# Work out the top allowed dir # Work out the top allowed dir
my $topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir : $topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir :
$access{'otherdirs'} ? "/" : $rootdir; $access{'otherdirs'} ? "/" : $rootdir;
my $uchroot = urlize($in{'chroot'}); $uchroot = &urlize($in{'chroot'});
my $utype = urlize($in{'type'}); $utype = &urlize($in{'type'});
my $ufile = urlize($in{'file'}); $ufile = &urlize($in{'file'});
if ($in{'frame'} == 0) { if ($in{'frame'} == 0) {
# base frame # base frame
PrintHeader(); &PrintHeader();
if ($in{'type'} == 0) { if ($in{'type'} == 0) {
print "<title>$text{'chooser_title1'}</title>\n"; print "<title>$text{'chooser_title1'}</title>\n";
} }
@ -134,7 +125,7 @@ if ($in{'frame'} == 0) {
} }
elsif ($in{'frame'} == 1) { elsif ($in{'frame'} == 1) {
# List of files in this directory # List of files in this directory
popup_header(); &popup_header();
print <<EOF; print <<EOF;
<script type='text/javascript'> <script type='text/javascript'>
function fileclick(f, d) function fileclick(f, d)
@ -180,50 +171,48 @@ EOF
&popup_error(&text('chooser_eopen', "$!")); &popup_error(&text('chooser_eopen', "$!"));
print &ui_columns_start(undef, 100); print &ui_columns_start(undef, 100);
my $cnt = 0; my $cnt = 0;
foreach my $f (sort { $a cmp $b } readdir(DIR)) { foreach $f (sort { $a cmp $b } readdir(DIR)) {
my $path = "$in{'chroot'}$dir$f"; $path = "$in{'chroot'}$dir$f";
if ($f eq ".") { next; } if ($f eq ".") { next; }
if ($f eq ".." && ($dir eq "/" || $dir eq $topdir.'/')) { next; } if ($f eq ".." && ($dir eq "/" || $dir eq $topdir.'/')) { next; }
if ($f =~ /^\./ && $f ne ".." && $access{'nodot'}) { next; } if ($f =~ /^\./ && $f ne ".." && $access{'nodot'}) { next; }
if (!(-d $path) && $in{'type'} == 1) { next; } if (!(-d $path) && $in{'type'} == 1) { next; }
my @st = stat($path); # XXX What is @st? @st = stat($path);
my $isdir = 0; $isdir = 0; undef($icon);
my $icon;
if (-d $path) { $icon = "dir.gif"; $isdir = 1; } if (-d $path) { $icon = "dir.gif"; $isdir = 1; }
elsif ($path =~ /\.([^\.\/]+)$/) { $icon = $icon_map{$1}; } elsif ($path =~ /\.([^\.\/]+)$/) { $icon = $icon_map{$1}; }
if (!$icon) { $icon = "unknown.gif"; } if (!$icon) { $icon = "unknown.gif"; }
my $link;
if ($f eq "..") { if ($f eq "..") {
$dir =~ /^(.*\/)[^\/]+\/$/; $dir =~ /^(.*\/)[^\/]+\/$/;
$link = "<a href=\"\" onClick='parentdir(\"".quote_javascript($1)."\"); return false'>"; $link = "<a href=\"\" onClick='parentdir(\"".&quote_javascript($1)."\"); return false'>";
} }
else { else {
$link = "<a href=\"\" onClick='fileclick(\"".quote_javascript("$dir$f")."\", $isdir); return false'>"; $link = "<a href=\"\" onClick='fileclick(\"".&quote_javascript("$dir$f")."\", $isdir); return false'>";
} }
my @cols; local @cols;
push(@cols, "$link<img border=0 src=$gconfig{'webprefix'}/images/$icon></a>"); push(@cols, "$link<img border=0 src=$gconfig{'webprefix'}/images/$icon></a>");
push(@cols, "$link".&html_escape($f)."</a>"); push(@cols, "$link".&html_escape($f)."</a>");
push(@cols, nice_size($st[7])); push(@cols, &nice_size($st[7]));
my @tm = localtime($st[9]); @tm = localtime($st[9]);
push(@cols, sprintf "<tt>%.2d/%s/%.4d</tt>", push(@cols, sprintf "<tt>%.2d/%s/%.4d</tt>",
$tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900); $tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900);
push(@cols, sprintf "<tt>%.2d:%.2d</tt>", $tm[2], $tm[1]); push(@cols, sprintf "<tt>%.2d:%.2d</tt>", $tm[2], $tm[1]);
print ui_columns_row(\@cols); print &ui_columns_row(\@cols);
$cnt++; $cnt++;
} }
closedir(DIR); closedir(DIR);
print ui_columns_end(); print &ui_columns_end();
if ( $cnt >= 10 ) { if ( $cnt >= 10 ) {
print "<script type='text/javascript' src='$gconfig{'webprefix'}/unauthenticated/filter_match.js?28112013'></script>"; print "<script type='text/javascript' src='$gconfig{'webprefix'}/unauthenticated/filter_match.js?28112013'></script>";
print "<script type='text/javascript'>filter_match_box();</script>"; print "<script type='text/javascript'>filter_match_box();</script>";
} }
popup_footer(); &popup_footer();
} }
elsif ($in{'frame'} == 2) { elsif ($in{'frame'} == 2) {
# Current file and OK/cancel buttons # Current file and OK/cancel buttons
popup_header(); &popup_header();
print <<EOF; print <<EOF;
<script type='text/javascript'> <script type='text/javascript'>
function filechosen() function filechosen()
@ -241,25 +230,25 @@ top.close();
} }
</script> </script>
EOF EOF
print ui_form_start(undef, undef, undef, print &ui_form_start(undef, undef, undef,
"onSubmit='filechosen(); return false'"); "onSubmit='filechosen(); return false'");
print ui_table_start(undef, "width=100%", 2); print &ui_table_start(undef, "width=100%", 2);
print ui_table_row(ui_submit($text{'chooser_ok'}), print &ui_table_row(&ui_submit($text{'chooser_ok'}),
ui_textbox("path", $dir.$file, 45, 0, undef, &ui_textbox("path", $dir.$file, 45, 0, undef,
"style='width:100%'"), 1,["width=5% valign=middle nowrap","valign=middle width=95%"]); "style='width:100%'"), 1,["width=5% valign=middle nowrap","valign=middle width=95%"]);
print ui_table_end(); print &ui_table_end();
print ui_form_end(); print &ui_form_end();
popup_footer(); &popup_footer();
} }
# allowed_dir(dir) # allowed_dir(dir)
# Returns 1 if some directory should be listable # Returns 1 if some directory should be listable
sub allowed_dir sub allowed_dir
{ {
my ($dir) = @_; local ($dir) = @_;
return 1 if ($rootdir eq "" || $rootdir eq "/" || $rootdir eq "c:"); return 1 if ($rootdir eq "" || $rootdir eq "/" || $rootdir eq "c:");
foreach my $allowed ($rootdir, split(/\t+/, $access{'otherdirs'})) { foreach my $allowed ($rootdir, split(/\t+/, $access{'otherdirs'})) {
return 1 if (is_under_directory($allowed, $dir)); return 1 if (&is_under_directory($allowed, $dir));
} }
return 0; return 0;
} }