=================================================================== RCS file: /cvs/cvsweb/cvsweb.cgi,v retrieving revision 1.1.1.15 retrieving revision 1.1.1.16 diff -u -p -r1.1.1.15 -r1.1.1.16 --- cvsweb/cvsweb.cgi 2000/12/18 04:35:54 1.1.1.15 +++ cvsweb/cvsweb.cgi 2000/12/28 18:37:25 1.1.1.16 @@ -43,7 +43,7 @@ # SUCH DAMAGE. # # $zId: cvsweb.cgi,v 1.104 2000/11/01 22:05:12 hnordstrom Exp $ -# $kId: cvsweb.cgi,v 1.45 2000/12/18 04:25:30 knu Exp $ +# $kId: cvsweb.cgi,v 1.47 2000/12/28 18:07:20 knu Exp $ # ### @@ -79,7 +79,7 @@ use vars qw ( $navigationHeaderColor $tableBorderColor $markupLogColor $tabstop $state $annTable $sel $curbranch @HideModules $module $use_descriptions %descriptions @mytz $dwhere $moddate - $use_moddate $has_zlib $gzip_open + $use_moddate $has_zlib $gzip_open $allow_tar $LOG_FILESEPARATOR $LOG_REVSEPARATOR ); @@ -228,9 +228,10 @@ $verbose = $v; $checkoutMagic = "~checkout~"; $pathinfo = defined($ENV{PATH_INFO}) ? $ENV{PATH_INFO} : ''; $where = $pathinfo; +$where =~ tr|/|/|s; $doCheckout = ($where =~ /^\/$checkoutMagic/); $where =~ s|^/($checkoutMagic)?||; -$where =~ s|/+$||; +$where =~ s|/$||; $scriptname = defined($ENV{SCRIPT_NAME}) ? $ENV{SCRIPT_NAME} : ''; $scriptname =~ s|^/?|/|; $scriptname =~ s|/+$||; @@ -294,6 +295,7 @@ $query = $ENV{QUERY_STRING}; if (defined($query) && $query ne '') { foreach (split(/&/, $query)) { + y/+/ /; s/%(..)/sprintf("%c", hex($1))/ge; # unquote %-quoted if (/(\S+)=(.*)/) { $input{$1} = $2 if ($2 ne ""); @@ -404,7 +406,7 @@ foreach $k (keys %ICONS) { my ($itxt,$ipath,$iwidth,$iheight) = @{$ICONS{$k}}; if ($ipath) { ${"${k}icon"} = sprintf('%s', - htmlquote($ipath), htmlquote($itxt), $iwidth, $iheight) + hrefquote($ipath), htmlquote($itxt), $iwidth, $iheight) } else { ${"${k}icon"} = $itxt; @@ -471,10 +473,68 @@ $module = $1; if ($module && &forbidden_module($module)) { &fatal("403 Forbidden", "Access to $where forbidden."); } + +# +# Handle tarball downloads before any headers are output. +# +if ($input{tarball}) { + &fatal("403 Forbidden", "Downloading tarballs is prohibited.") + unless $allow_tar; + $where =~ s,/[^/]*$,,; + $where =~ s,^/,,; + my($basedir) = ($where =~ m,([^/]+)$,); + + if ($basedir eq '' || $where eq '') { + &fatal("500 Internal Error", "You cannot download the top level directory."); + } + + my $tmpdir = "/tmp/.cvsweb.$$." . int(time); + + mkdir($tmpdir, 0700) + or &fatal("500 Internal Error", "Unable to make temporary directory: $!"); + + my $fatal = ''; + + do { + chdir $tmpdir + or $fatal = "500 Internal Error", "Unable to cd to temporary directory: $!" + && last; + + my @params = (exists $input{only_with_tag} && length $input{only_with_tag}) + ? ("-r", $input{only_with_tag}) : (); + + system "cvs", "-RlQd", $cvsroot, "co", @params, $where + and $fatal = "500 Internal Error","cvs co failure: $!: $where" + && last; + + chdir "$where/.." + or $fatal = "500 Internal Error","Cannot find expected directory in checkout" + && last; + + $| = 1; # Essential to get the buffering right. + + print "Content-type: application/x-gzip\r\n\r\n"; + + system "tar", "--ignore-failed-read", "--exclude", "CVS", "-zcf", "-", $basedir + and $fatal = "500 Internal Error","tar zc failure: $!: $basedir" + && last; + + chdir $tmpdir + or $fatal = "500 Internal Error","Unable to cd to temporary directory: $!" + && last; + } while (0); + + system "rm", "-rf", $tmpdir if -d $tmpdir; + + &fatal($fatal) if $fatal; + + exit; +} + ############################## # View a directory ############################### -elsif (-d $fullname) { +if (-d $fullname) { my $dh = do {local(*DH);}; opendir($dh, $fullname) || &fatal("404 Not Found","$where: $!"); my @dir = readdir($dh); @@ -812,6 +872,22 @@ elsif (-d $fullname) { print "\n"; print "\n"; } + + if ($allow_tar) { + my($basefile) = ($where =~ m,(?:.*/)?([^/]+),); + + if ($basefile ne '') { + print "
\n", + "
", + &link("Download this directory in tarball", + # Mangle the filename so browsers show a reasonable + # filename to download. + "$basefile.tar.gz$query". + ($query ? "&" : "?")."tarball=1"), + "
"; + } + } + my $formwhere = $scriptwhere; $formwhere =~ s|Attic/?$|| if ($input{'hideattic'}); @@ -1120,7 +1196,7 @@ sub spacedHtmlText($;$) { sub link($$) { my($name, $where) = @_; - sprintf '%s', htmlquote($where), $name; + sprintf '%s', hrefquote($where), $name; } sub revcmp($$) { @@ -1564,10 +1640,10 @@ sub cvswebMarkup($$$) { my $url = download_url($fileurl, $revision, $mimetype); print "
"; if ($mimetype =~ /^image/) { - printf '
', htmlquote("$url$barequery"); + printf '
', hrefquote("$url$barequery"); } elsif ($mimetype =~ m%^application/pdf%) { - printf '
', htmlquote("$url$barequery"); + printf '
', hrefquote("$url$barequery"); } else { print "
";
@@ -2641,7 +2717,7 @@ sub navigateHeader($$$$$) {
     print qq``;
     print "\n\n";
     print qq`\n`;
-    print '';
+    print '';
     print "\n$path$filename - $title - $rev\n";
     print  "$body_tag_for_src\n";
     print "";
@@ -2864,7 +2940,7 @@ sub download_link($$$;$) {
     my ($url, $revision, $textlink, $mimetype) = @_;
     my ($fullurl) = download_url($url, $revision, $mimetype);
 
-    printf '$textlink";
@@ -2938,8 +3014,7 @@ sub urlencode($) {
 
     s/[\000-+{-\377]/sprintf("%%%02x", ord($&))/ge;
 
-
-       $_;
+    $_;
 }
 
 sub htmlquote($) {
@@ -2966,6 +3041,14 @@ sub htmlunquote($) {
     $_;
 }
 
+sub hrefquote($) {
+    local($_) = @_;
+
+    y/ /+/;
+
+    htmlquote($_)
+}
+
 sub http_header(;$) {
     my $content_type = shift || "text/html";
     if (defined($moddate)) {
@@ -3024,7 +3107,7 @@ sub http_header(;$) {
 
 sub html_header($) {
     my ($title) = @_;
-    my $version = '$zRevision: 1.104 $  $kRevision: 1.45 $'; #'
+    my $version = '$zRevision: 1.104 $  $kRevision: 1.47 $'; #'
     http_header(defined($charset) ? "text/html; charset=$charset" : "text/html");
     print <