$| = 1;
# Settings
-my ($left) = "../left.inc" ;
-my ($title) = "../title.inc";
-my ($bottom) = "../bottom.inc";
+my ($left) = "../htdocs/left.inc" ;
+my ($title) = "../htdocs/title.inc";
+my ($bottom) = "../htdocs/bottom.inc";
my ($query) = new CGI;
-my ($doc) = ($query->param('doc') =~ /^\s*(.*?\.txt)\s*$/);
-$doc = "../documentation/".$doc;
+
+# Note filenames may only have one dot in them, in the ".txt".
+# This prevents malicious users using "../" to view files.
+my ($doc) = ($query->param('doc') =~ /^\s*([^\.]*?\.txt)\s*$/);
print "Content-type: text/html\n\n";
+unless (defined $doc) {
+ print "The link to this page was broken - it must specify a .txt file.";
+ exit;
+}
+
+# Prevent hackers from supplying a malformed document string.
+# I.e. only allow normal characters, slashes and dots.
+unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
+ print "Malformed request";
+ exit;
+}
+$doc = "../htdocs/documentation/".$doc;
+
print <<"END";
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
# Print a file, whilst escaping HTML: -
sub print_file ($) {
+ my ($urls) = '(' . join ('|', qw{
+ http
+ telnet
+ gopher
+ file
+ wais
+ ftp
+ } )
+ . ')';
+
+ my ($ltrs) = '\w';
+ my ($gunk) = '/#~:.?+=&%@!\-';
+ my ($punc) = '.:?\-';
+ my ($any) = "${ltrs}${gunk}${punc}";
my ($filename) = @_;
open(FILE, $filename) or die "Cannot open $filename: $!\n";
print "<pre>\n";
s/</</g;
s/>/>/g;
s/"/"/g;
+ s/\b($urls:[$any]+?)(?=[$punc]*[^$any]|$)/<a href="$1">$1<\/a>/igox;
print;
}
print "</pre>";
# Print a file without escaping HTML: -
sub print_html ($) {
my ($filename) = @_;
- print `cat $filename`;
+ print `cat $filename 2>&1`;
}
i-scream / www.i-scream.org.git / blobdiff