=================================================================== RCS file: /cvs/cvsweb/cvsweb.cgi,v retrieving revision 3.40 retrieving revision 4.27 diff -u -p -r3.40 -r4.27 --- cvsweb/cvsweb.cgi 2000/11/22 19:26:11 3.40 +++ cvsweb/cvsweb.cgi 2019/11/26 12:09:02 4.27 @@ -1,15 +1,19 @@ -#!/usr/bin/perl5 -ws +#!/usr/bin/perl +# $Id: cvsweb.cgi,v 4.27 2019/11/26 12:09:02 schwarze Exp $ +# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon # # cvsweb - a CGI interface to CVS trees. # # Written in their spare time by -# Bill Fenner (original work) -# extended by Henner Zeller , -# Henrik Nordstrom -# Ken Coar -# Dick Balaska -# Akinori MUSHA -# Jens-Uwe Mager +# Bill Fenner (original work) +# extended by Henner Zeller , +# Henrik Nordstrom +# Ken Coar +# Dick Balaska +# Akinori MUSHA +# Jens-Uwe Mager +# Ville Skyttä +# Vassilii Khachaturov # # Based on: # * Bill Fenners cvsweb.cgi revision 1.28 available from: @@ -17,8 +21,9 @@ # # Copyright (c) 1996-1998 Bill Fenner # (c) 1998-1999 Henner Zeller -# (c) 1999 Henrik Nordstrom -# (c) 2000 Akinori MUSHA +# (c) 1999 Henrik Nordstrom +# (c) 2000-2002 Akinori MUSHA +# (c) 2002-2005 Ville Skyttä # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -41,214 +46,245 @@ # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. -# -# $zId: cvsweb.cgi,v 1.104 2000/11/01 22:05:12 hnordstrom Exp $ -# $Id: cvsweb.cgi,v 3.40 2000/11/22 19:26:11 knu Exp $ -# -### +require 5.006; + use strict; +use warnings; +use filetest qw(access); use vars qw ( - $config $allow_version_select $verbose - %CVSROOT %CVSROOTdescr %MIRRORS %DEFAULTVALUE %ICONS %MTYPES - @DIFFTYPES %DIFFTYPES @LOGSORTKEYS %LOGSORTKEYS - %alltags @tabcolors %fileinfo %tags @branchnames %nameprinted - %symrev %revsym @allrevisions %date %author @revdisplayorder - @revisions %state %difflines %log %branchpoint @revorder - $prcgi @prcategories $prcategories $mancgi - $checkoutMagic $doCheckout $scriptname $scriptwhere - $where $pathinfo $Browser $nofilelinks $maycompress @stickyvars - %funcline_regexp $is_mod_perl - $is_links $is_lynx $is_w3m $is_msie $is_mozilla3 $is_textbased - %input $query $barequery $sortby $bydate $byrev $byauthor - $bylog $byfile $defaultDiffType $logsort $cvstree $cvsroot - $mimetype $charset $defaultTextPlain $defaultViewable - $allow_compress $GZIPBIN $backicon $diricon $fileicon - $fullname $newname $cvstreedefault - $body_tag $body_tag_for_src $logo $defaulttitle $address - $long_intro $short_instruction $shortLogLen - $show_author $dirtable $tablepadding $columnHeaderColorDefault - $columnHeaderColorSorted $hr_breakable $showfunc $hr_ignwhite - $hr_ignkeysubst $diffcolorHeading $diffcolorEmpty $diffcolorRemove - $diffcolorChange $diffcolorAdd $diffcolorDarkChange $difffontface - $difffontsize $inputTextSize $mime_types $allow_annotate - $allow_markup $use_java_script $open_extern_window - $extern_window_width $extern_window_height $edit_option_form - $show_subdir_lastmod $show_log_in_markup $v - $navigationHeaderColor $tableBorderColor $markupLogColor - $tabstop $state $annTable $sel $curbranch @HideModules - $module $use_descriptions %descriptions @mytz $dwhere $moddate - $use_moddate $has_zlib $gzip_open - $LOG_FILESEPARATOR $LOG_REVSEPARATOR + $VERSION $CheckoutMagic $MimeTypes $DEBUG + $config $allow_version_select + @CVSrepositories @CVSROOT %CVSROOT %CVSROOTdescr + %DEFAULTVALUE %ICONS %MTYPES + %DIFF_COMMANDS @DIFFTYPES %DIFFTYPES @LOGSORTKEYS %LOGSORTKEYS + %alltags %fileinfo %tags @branchnames %nameprinted + %symrev %revsym @allrevisions %date %author @revdisplayorder + @revisions %state %difflines %log %branchpoint @revorder $keywordsubstitution + $mancgi $doCheckout $scriptname $scriptwhere + $where $Browser $nofilelinks $maycompress @stickyvars + $is_links $is_lynx $is_w3m $is_msie $is_mozilla3 $is_textbased + %input $query $barequery $sortby $bydate $byrev $byauthor + $bylog $byfile $defaultDiffType $logsort $cvstree $cvsroot + $charset $output_filter + @command_path %CMD $allow_compress $backicon $diricon $fileicon + $fullname $logo $defaulttitle $address $binfileicon + $long_intro $short_instruction $shortLogLen $show_author + $tablepadding $hr_breakable $showfunc $hr_ignwhite $hr_ignkeysubst + $inputTextSize $mime_types $allow_annotate $allow_markup $allow_mailtos + $allow_log_extra $allow_dir_extra $allow_source_extra + $edit_option_form + $show_subdir_lastmod $show_log_in_markup $preformat_in_markup + $tabstop $state $annTable $sel @ForbiddenFiles + $use_descriptions %descriptions $dwhere + $use_moddate $gzip_open $file_list_len + $allow_tar @tar_options @gzip_options @cvs_options + @annotate_options @rcsdiff_options + $HTML_DOCTYPE $HTML_META $cssurl $CSS ); -sub printDiffSelect($); -sub printDiffLinks($$); -sub printLogSortSelect($); +require Compress::Zlib; +use Cwd qw(abs_path); +use File::Path qw(rmtree); +use File::Spec::Functions qw(canonpath catdir catfile curdir devnull rootdir + tmpdir updir); +use File::Temp qw(tempdir tempfile); +use IPC::Run qw(); +use Time::Local qw(timegm); +use URI::Escape qw(uri_escape uri_unescape); + +use constant VALID_PATH => qr/^([[:^cntrl:]]+)$/o; +use constant VALID_TAG1 => qr/^([a-zA-Z][[:graph:]]*)$/o; +use constant VALID_TAG2 => qr/^([^\$,.:;@]+)$/o; +use constant CVSWEBMARKUP => qr{^text/(x-cvsweb|vnd\.viewcvs)-markup$}io; +use constant LOG_FILESEPR => qr/^={77}$/o; +use constant LOG_REVSEPR => qr/^-{28}$/o; + +# ----------------------------------------------------------------------------- + +# All global initialization that can be done in compile time should go to +# the BEGIN block. Persistent environments, such as mod_perl, will benefit +# from this. + +BEGIN +{ + $VERSION = '3.1'; + + $HTML_DOCTYPE = + ''; + + $HTML_META = < + + +EOM + + # Use MIME::Types for MIME type lookups if it's available. + eval { + require MIME::Types; + $MimeTypes = MIME::Types->new(only_complete => 1); + }; + $MimeTypes = undef if $@; + + $CheckoutMagic = '~checkout~'; +} + +# ----------------------------------------------------------------------------- + +sub printDiffSelect(); +sub printDiffSelectStickyVars(); +sub getDiffLinks($$$); +sub printLogSortSelect(); sub findLastModifiedSubdirs(@); sub htmlify_sub(&$); sub htmlify($;$); sub spacedHtmlText($;$); sub link($$); sub revcmp($$); -sub fatal($$); -sub redirect($); +sub fatal($$@); +sub redirect($;$); sub safeglob($); -sub getMimeTypeFromSuffix($); +sub search_path($); +sub getMimeType($;$); sub head($;$); sub scan_directives(@); +sub openOutputFilter(); sub doAnnotate($$); -sub doCheckout($$); -sub cvswebMarkup($$$); +sub doCheckout($$$); +sub cvswebMarkup($$$$$$;$); sub viewable($); sub doDiff($$$$$$); sub getDirLogs($$@); sub readLog($;$); -sub printLog($;$); +sub printLog($$$;$$); sub doLog($); sub flush_diff_rows($$$$); -sub human_readable_diff($); -sub navigateHeader($$$$$); +sub human_readable_diff($$); +sub navigateHeader($$$$$;$); sub plural_write($$); sub readableTime($$); sub clickablePath($$); sub chooseCVSRoot(); -sub chooseMirror(); sub fileSortCmp(); sub download_url($$;$); sub download_link($$$;$); -sub toggleQuery($$); -sub urlencode($); +sub display_url($$;$); +sub display_link($$;$$); +sub toggleQuery($;$); sub htmlquote($); sub htmlunquote($); -sub http_header(;$); -sub html_header($); +sub uri_escape_path($); +sub http_header(;$$); +sub html_header($;$); sub html_footer(); sub link_tags($); -sub forbidden_module($); +sub forbidden($); +sub startproc(@); +sub runproc(@); +sub checkout_to_temp($$$); -##### Start of Configuration Area ######## -use Cwd; +# Get rid of unsafe environment vars. Don't do this in the BEGIN block +# (think mod_perl)... +delete(@ENV{qw(PATH IFS CDPATH ENV BASH_ENV)}); -# == EDIT this == -# Locations to search for user configuration, in order: -for ( - $ENV{CVSWEB_CONFIG}, - '/usr/local/etc/cvsweb.conf', - getcwd() . '/cvsweb.conf' - ) { - $config = $_ if defined($_) && -r $_; -} +# Location of the configuration file inside the web server chroot: +$config = '/conf/cvsweb/cvsweb.conf'; -# == Configuration defaults == -# Defaults for configuration variables that shouldn't need -# to be configured.. -$allow_version_select = 1; +######## Configuration parameters ######### -##### End of Configuration Area ######## +@CVSrepositories = @CVSROOT = %CVSROOT = %DEFAULTVALUE = %ICONS = + %MTYPES = %tags = %alltags = %fileinfo = %DIFF_COMMANDS = (); -######## Configuration variables ######### -# These are defined to allow checking with perl -cw -%CVSROOT = %MIRRORS = %DEFAULTVALUE = %ICONS = %MTYPES = -%tags = %alltags = @tabcolors = (); -$cvstreedefault = $body_tag = $body_tag_for_src = -$logo = $defaulttitle = $address = -$long_intro = $short_instruction = $shortLogLen = -$show_author = $dirtable = $tablepadding = $columnHeaderColorDefault = -$columnHeaderColorSorted = $hr_breakable = $showfunc = $hr_ignwhite = -$hr_ignkeysubst = $diffcolorHeading = $diffcolorEmpty = $diffcolorRemove = -$diffcolorChange = $diffcolorAdd = $diffcolorDarkChange = $difffontface = -$difffontsize = $inputTextSize = $mime_types = $allow_annotate = -$allow_markup = $use_java_script = $open_extern_window = -$extern_window_width = $extern_window_height = $edit_option_form = -$show_subdir_lastmod = $show_log_in_markup = $v = -$navigationHeaderColor = $tableBorderColor = $markupLogColor = -$tabstop = $use_moddate = $moddate = $gzip_open = undef; +$logo = $defaulttitle = + $address = $long_intro = $short_instruction = $shortLogLen = $show_author = + $tablepadding = $hr_breakable = $showfunc = $hr_ignwhite = + $hr_ignkeysubst = $inputTextSize = $mime_types = $allow_annotate = + $allow_markup = $allow_compress = $edit_option_form = + $show_subdir_lastmod = $show_log_in_markup = $preformat_in_markup = + $tabstop = $use_moddate = $gzip_open = $DEBUG = + $allow_tar = undef; -$LOG_FILESEPARATOR = q/^={77}$/; -$LOG_REVSEPARATOR = q/^-{28}$/; +$allow_version_select = $allow_mailtos = $allow_log_extra = 1; -@DIFFTYPES = qw(h H u c s); +@DIFFTYPES = qw(h H u c); @DIFFTYPES{@DIFFTYPES} = ( - { - 'descr' => 'colored', - 'opts' => [ '-u' ], - 'colored' => 1, - }, - { - 'descr' => 'long colored', - 'opts' => [ '--unified=15' ], - 'colored' => 1, - }, - { - 'descr' => 'unified', - 'opts' => [ '-u' ], - 'colored' => 0, - }, - { - 'descr' => 'context', - 'opts' => [ '-c' ], - 'colored' => 0, - }, - { - 'descr' => 'side by side', - 'opts' => [ '--side-by-side', '--width=164' ], - 'colored' => 0, - }, - ); + { + 'descr' => 'colored', + 'opts' => ['-u'], + 'colored' => 1, + }, + { + 'descr' => 'long colored', + 'opts' => ['--unified=15'], + 'colored' => 1, + }, + { + 'descr' => 'unified', + 'opts' => ['-u'], + 'colored' => 0, + }, + { + 'descr' => 'context', + 'opts' => ['-c'], + 'colored' => 0, + }, +); @LOGSORTKEYS = qw(cvs date rev); @LOGSORTKEYS{@LOGSORTKEYS} = ( - { - 'descr' => 'Not sorted', - }, - { - 'descr' => 'Commit date', - }, - { - 'descr' => 'Revision', - }, - ); + { descr => 'Not sorted', }, + { descr => 'Commit date', }, + { descr => 'Revision', }, +); +##### End of configuration parameters ##### -##### End of configuration variables ##### +my $pathinfo = ''; +if (defined($ENV{PATH_INFO}) && $ENV{PATH_INFO} ne '') { + ($pathinfo) = ($ENV{PATH_INFO} =~ VALID_PATH) + or fatal('500 Internal Error', + 'Illegal PATH_INFO in environment: %s', + $ENV{PATH_INFO}); +} +if ($ENV{SCRIPT_NAME}) { + ($scriptname) = ($ENV{SCRIPT_NAME} =~ VALID_PATH) + or fatal('500 Internal Error', + 'Illegal SCRIPT_NAME in environment: %s', + $ENV{SCRIPT_NAME}); +} -use Time::Local; -use IPC::Open2; +$scriptname = '' unless defined($scriptname); -# Check if the zlib C library interface is installed, and if yes -# we can avoid using the extra gzip process. -eval { - require Compress::Zlib; -}; -$has_zlib = !$@; +$where = $pathinfo; +$doCheckout = $where =~ s|^/$CheckoutMagic/|/|o; +$where =~ s|^/||; +$scriptname =~ s|^/+||; -$verbose = $v; -$checkoutMagic = "~checkout~"; -$pathinfo = defined($ENV{PATH_INFO}) ? $ENV{PATH_INFO} : ''; -$where = $pathinfo; -$doCheckout = ($where =~ /^\/$checkoutMagic/); -$where =~ s|^/($checkoutMagic)?||; -$where =~ s|/+$||; -$scriptname = defined($ENV{SCRIPT_NAME}) ? $ENV{SCRIPT_NAME} : ''; -$scriptname =~ s|^/?|/|; -$scriptname =~ s|/+$||; -$scriptwhere = $scriptname; -if ($where) { - $scriptwhere .= '/' . urlencode($where); +# Let's workaround thttpd's stupidity.. +if ($scriptname =~ m|/$|) { + $pathinfo .= '/'; + my $re = quotemeta $pathinfo; + $scriptname =~ s/$re$//; } +$scriptname = "/$scriptname" if $scriptname; -$is_mod_perl = defined($ENV{MOD_PERL}); +# $scriptname : the URI escaped path to this script +# $where : the path in the CVS repository (without leading /, or only /) +# $scriptwhere: the URI escaped $scriptname + '/' + $where +$scriptname = uri_escape_path($scriptname); +$scriptwhere = join('/', $scriptname, uri_escape_path($where)); +$where = '/' if ($where eq ''); -# in lynx, it it very annoying to have two links -# per file, so disable the link at the icon -# in this case: -$Browser = $ENV{HTTP_USER_AGENT}; -$is_links = ($Browser =~ m`^Links `); -$is_lynx = ($Browser =~ m`^Lynx/`i); -$is_w3m = ($Browser =~ m`^w3m/`i); -$is_msie = ($Browser =~ m`MSIE`); +# In text-based browsers, it's very annoying to have two links per file; +# skip linking the image for them. + +$Browser = $ENV{HTTP_USER_AGENT} || ''; +$is_links = ($Browser =~ m`^E?Links `); +$is_lynx = ($Browser =~ m`^Lynx/`i); +$is_w3m = ($Browser =~ m`^w3m/`i); +$is_msie = ($Browser =~ m`MSIE`); $is_mozilla3 = ($Browser =~ m`^Mozilla/[3-9]`); $is_textbased = ($is_links || $is_lynx || $is_w3m); @@ -264,2887 +300,3629 @@ $nofilelinks = $is_textbased; # display garbage then :-/ # Turn off gzip if running under mod_perl and no zlib is available, # piping does not work as expected inside the server. -$maycompress = (((defined($ENV{HTTP_ACCEPT_ENCODING}) - && $ENV{HTTP_ACCEPT_ENCODING} =~ m`gzip`) - || $is_mozilla3) - && !$is_msie - && !($is_mod_perl && !$has_zlib)); +$maycompress = ( + ((defined($ENV{HTTP_ACCEPT_ENCODING}) + && $ENV{HTTP_ACCEPT_ENCODING} =~ /gzip/) + || $is_mozilla3) + && !$is_msie + && !(defined($ENV{MOD_PERL})) +); -# put here the variables we need in order -# to hold our state - they will be added (with -# their current value) to any link/query string -# you construct -@stickyvars = qw(cvsroot hideattic sortby logsort f only_with_tag); +# Parameters that will be sticky in all constructed links/query strings. +@stickyvars = + qw(cvsroot hideattic ignorecase sortby logsort f only_with_tag ln + hidecvsroot hidenonreadable); -if (-f $config) { - do $config - || &fatal("500 Internal Error", - sprintf('Error in loading configuration file: %s

%s
', - $config, &htmlify($@))); -} else { - &fatal("500 Internal Error", - 'Configuration not found. Set the variable $config ' - . 'in cvsweb.cgi, or the environment variable ' - . 'CVSWEB_CONFIG, to your cvsweb.conf ' - . 'configuration file first.'); +# Load configuration. +{ + $config =~ m|^/| or fatal '500 Internal Error', + 'Configuration file name "%s" is not an absolute path.', + $config; + defined do $config and last; + $@ and fatal '500 Internal Error', + 'Error loading configuration file "%s": 
%s
', + $config, $@; + fatal '500 Internal Error', + 'Cannot read configuration file "%s": %s', + $config, $! || 'unknown error'; } +# Try to find a readable dir where we can cd into. Some abs_path() +# implementations as well as various cvs operations require such a dir to +# work properly. +{ + local $^W = 0; + for my $dir (tmpdir(), rootdir()) { + last if (-r $dir && chdir($dir)); + } +} + +$CSS = $cssurl ? + sprintf("\n", + htmlquote($cssurl)) : ''; + +# --- input parameters + +my %query = (); +if (defined($ENV{QUERY_STRING})) { + for my $p (split(/[;&]+/, $ENV{QUERY_STRING})) { + next unless $p; + $p =~ y/+/ /; + my ($key, $val) = split(/=/, $p, 2); + next unless defined($key); + $key = uri_unescape($key); + $key =~ /([^a-z_12-])/ and fatal('404 Not Found', + 'Invalid character "%s" in query parameter "%s"', $1, $key); + if (defined $val) { + $val = uri_unescape($val); + $val =~ /([^a-zA-Z_01-9.\/-])/ and fatal('404 Not Found', + 'Invalid character "%s" in the value "%s" of the query parameter "%s"', + $1, $val, $key); + } else { + $val = 1; + } + $query{$key} = $val; + } +} + undef %input; -$query = $ENV{QUERY_STRING}; -if (defined($query) && $query ne '') { - foreach (split(/&/, $query)) { - s/%(..)/sprintf("%c", hex($1))/ge; # unquote %-quoted - if (/(\S+)=(.*)/) { - $input{$1} = $2 if ($2 ne ""); - } - else { - $input{$_}++; - } +my $t; +for my $p (qw(hideattic hidecvsroot hidenonreadable ignorecase ln copt + options tarball)) { + $t = $query{$p}; + if (defined($t)) { + ($input{$p}) = ($t =~ /^([01]|on)$/) + or fatal('500 Internal Error', + 'Invalid boolean value: %s=%s', $p, $t); + } +} +for my $p (qw(annotate r1 r2 rev tr1 tr2)) { + $t = $query{$p}; + if (defined($t)) { + if (($p eq 'r1' || $p eq 'r2') && $t eq 'text') { + # Special case for the "Use text field" option in the log view diff form. + $input{$p} = $t; + next; + } elsif (($p eq 'rev' || $p eq 'annotate') && ($t eq '.' || $t eq 'HEAD')){ + # Another special case, allow linking to latest revision using these. + $input{$p} = '.'; + next; } + my ($rev, $tag) = split(/:/, $t, 2); + ($input{$p}) = ($rev =~ /^(\d+(?:\.\d+)*)$/) + or fatal('500 Internal Error', + 'Invalid revision: %s=%s', $p, $t); + if (defined($tag)) { + ($tag) = ($tag =~ VALID_TAG1) + or fatal('500 Internal Error', + 'Invalid tag/branch name in revision: %s=%s', + $p, $t); + ($tag) = ($tag =~ VALID_TAG2) + or fatal('500 Internal Error', + 'Invalid tag/branch name in revision: %s=%s', + $p, $t); + $input{$p} .= ':' . $tag; + } + } } +$t = defined($query{only_with_tag}) ? + $query{only_with_tag} : $query{only_on_branch}; # Backwards compatibility. +if (defined($t)) { + ($input{only_with_tag}) = ($t =~ VALID_TAG1) + or fatal('500 Internal Error', + 'Invalid tag/branch name: %s', $t); + ($input{only_with_tag}) = ($t =~ VALID_TAG2) + or fatal('500 Internal Error', + 'Invalid tag/branch name: %s', $t); +} +$t = $query{logsort}; +if (defined($t)) { + ($input{logsort}) = ($t =~ /^(cvs|date|rev)$/) + or fatal('500 Internal Error', + 'Unsupported log sort key: %s', $t); +} +$t = $query{f}; +if (defined($t)) { + ($input{f}) = ($t =~ /^(([hH]|[ucs]c?)|ext\d*)$/) + or fatal('500 Internal Error', + 'Unsupported diff format: %s', $t); +} +$t = $query{sortby}; +if (defined($t)) { + ($input{sortby}) = ($t =~ /^(file|date|rev|author|log)$/) + or fatal('500 Internal Error', + 'Unsupported dir sort key: %s', $t); +} +$t = $query{'content-type'}; +if (defined($t)) { + ($input{'content-type'}) = ($t =~ m|^([-0-9A-Za-z]+/[-0-9A-Za-z\.\+]+)$|) + or fatal('500 Internal Error', + 'Unsupported content type: %s', $t); +} +$t = $query{cvsroot}; +if (defined($t)) { + ($input{cvsroot}) = ($t =~ /^([[:print:]]+)$/) + or fatal('500 Internal Error', + 'Invalid symbolic CVS root name: %s', $t); +} +$t = $query{path}; +if (defined($t)) { + ($input{path}) = ($t =~ VALID_PATH) + or fatal('500 Internal Error', + 'Invalid path: %s', $t); +} +undef($t); +undef(%query); -# For backwards compability, set only_with_tag to only_on_branch if set. -$input{only_with_tag} = $input{only_on_branch} - if (defined($input{only_on_branch})); +# --- end input parameters -$DEFAULTVALUE{'cvsroot'} = $cvstreedefault; +# +# CVS roots +# +my $rootfound = 0; +for (my $i = 0; $i < scalar(@CVSrepositories); $i += 2) { + my $key = $CVSrepositories[$i]; + my ($descr, $root) = @{$CVSrepositories[$i+1]}; + $root = canonpath($root); + unless (-d $root) { + warn("Root '$root' defined in \@CVSrepositories is not a directory, " . + 'entry ignored'); + next; + } + $rootfound ||= 1; + $CVSROOTdescr{$key} = $descr; + $CVSROOT{$key} = $root; + push(@CVSROOT, $key); +} +unless ($rootfound) { + fatal('500 Internal Error', + 'No valid CVS roots found! See @CVSrepositories in ' . + 'the configuration file (%s).', + $config); +} +undef $rootfound; -foreach (keys %DEFAULTVALUE) -{ - # replace not given parameters with the default parameters - if (!defined($input{$_}) || $input{$_} eq "") { - # Empty Checkboxes in forms return -- nothing. So we define a helper - # variable in these forms (copt) which indicates that we just set - # parameters with a checkbox - if (!defined($input{"copt"})) { - # 'copt' isn't defined --> empty input is not the result - # of empty input checkbox --> set default - $input{$_} = $DEFAULTVALUE{$_} if (defined($DEFAULTVALUE{$_})); - } - else { - # 'copt' is defined -> the result of empty input checkbox - # -> set to zero (disable) if default is a boolean (0|1). - $input{$_} = 0 - if (defined($DEFAULTVALUE{$_}) - && ($DEFAULTVALUE{$_} eq "0" || $DEFAULTVALUE{$_} eq "1")); - } - } +$DEFAULTVALUE{cvsroot} = $CVSrepositories[0]; + +while (my ($key, $defval) = each %DEFAULTVALUE) { + + # Replace not given parameters with defaults. + next unless (defined($defval) && $defval =~ /\S/ && !defined($input{$key})); + + # Empty checkboxes in forms return nothing, so we define a helper parameter + # in these forms (copt) which indicates that we just set parameters with a + # checkbox. + if ($input{copt}) { + + # 'copt' is set -> the result of empty input checkbox + # -> set to zero (disable) if default is a boolean (0|1). + $input{$key} = 0 if ($defval eq '0' || $defval eq '1'); + + } else { + + # 'copt' isn't set --> empty input is not the result + # of empty input checkbox --> set default. + $input{$key} = $defval; + } } $barequery = ""; my @barequery; foreach (@stickyvars) { - # construct a query string with the sticky non default parameters set - if (defined($input{$_}) && $input{$_} ne '' && - !(defined($DEFAULTVALUE{$_}) && $input{$_} eq $DEFAULTVALUE{$_})) { - push @barequery, join('=', urlencode($_), urlencode($input{$_})); - } + + # construct a query string with the sticky non default parameters set + if (defined($input{$_}) + && !(defined($DEFAULTVALUE{$_}) && $input{$_} eq $DEFAULTVALUE{$_})) + { + push(@barequery, join('=', uri_escape($_), uri_escape($input{$_}))); + } } + # is there any query ? if (@barequery) { - $barequery = join('&', @barequery); - $query = "?$barequery"; - $barequery = "&$barequery"; + $barequery = join (';', @barequery); + $query = "?$barequery"; + $barequery = ";$barequery"; +} else { + $query = ""; } -else { - $query = ""; -} undef @barequery; +if (defined($input{path})) { + redirect("$scriptname/$input{path}$query"); +} + # get actual parameters -$sortby = $input{"sortby"}; -$bydate = 0; -$byrev = 0; -$byauthor = 0; -$bylog = 0; -$byfile = 0; -if ($sortby eq "date") { +{ + my $sortby = $input{sortby} || 'file'; + $bydate = 0; + $byrev = 0; + $byauthor = 0; + $bylog = 0; + $byfile = 0; + if ($sortby eq 'date') { $bydate = 1; -} -elsif ($sortby eq "rev") { + } elsif ($sortby eq 'rev') { $byrev = 1; -} -elsif ($sortby eq "author") { + } elsif ($sortby eq 'author') { $byauthor = 1; -} -elsif ($sortby eq "log") { + } elsif ($sortby eq 'log') { $bylog = 1; -} -else { + } else { $byfile = 1; + } } -$defaultDiffType = $input{'f'}; +$defaultDiffType = $input{f}; -$logsort = $input{'logsort'}; +$logsort = $input{logsort}; - -## Default CVS-Tree -if (!defined($CVSROOT{$cvstreedefault})) { - &fatal("500 Internal Error", - "\$cvstreedefault points to a repository " - . "not defined in %CVSROOT " - . "(edit your configuration file $config)"); -} - # alternate CVS-Tree, configured in cvsweb.conf -if ($input{'cvsroot'} && $CVSROOT{$input{'cvsroot'}}) { - $cvstree = $input{'cvsroot'}; +if ($input{cvsroot} && $CVSROOT{$input{cvsroot}}) { + $cvstree = $input{cvsroot}; } else { - $cvstree = $cvstreedefault; + $cvstree = $CVSrepositories[0]; } $cvsroot = $CVSROOT{$cvstree}; # create icons out of description -my $k; -foreach $k (keys %ICONS) { - no strict 'refs'; - my ($itxt,$ipath,$iwidth,$iheight) = @{$ICONS{$k}}; - if ($ipath) { - ${"${k}icon"} = sprintf('%s', - htmlquote($ipath), htmlquote($itxt), $iwidth, $iheight) - } - else { - ${"${k}icon"} = $itxt; - } +foreach my $k (keys %ICONS) { + my ($itxt, $ipath, $iwidth, $iheight) = @{$ICONS{$k}}; + no strict 'refs'; + if ($ipath) { + ${"${k}icon"} = + sprintf('%s', + htmlquote($ipath), htmlquote($itxt), $iwidth, $iheight); + } else { + ${"${k}icon"} = $itxt; + } } -undef $k; my $config_cvstree = "$config-$cvstree"; # Do some special configuration for cvstrees if (-f $config_cvstree) { - do $config_cvstree - || &fatal("500 Internal Error", - sprintf('Error in loading configuration file: %s

%s
', - $config_cvstree, &htmlify($@))); + do "$config_cvstree" + or fatal("500 Internal Error", + 'Error in loading configuration file: %s

%s
', + $config_cvstree, $@); } undef $config_cvstree; -$prcategories = '(?:' . join('|', @prcategories) . ')'; -$prcgi .= '%s' if defined($prcgi) && $prcgi !~ /%s/; +$fullname = catfile($cvsroot, $where); -$fullname = $cvsroot . '/' . $where; -$mimetype = &getMimeTypeFromSuffix ($fullname); -$defaultTextPlain = ($mimetype eq "text/plain"); -$defaultViewable = $allow_markup && viewable($mimetype); - -# search for GZIP if compression allowed -# We've to find out if the GZIP-binary exists .. otherwise -# ge get an Internal Server Error if we try to pipe the -# output through the nonexistent gzip .. -# any more elegant ways to prevent this are welcome! -if ($allow_compress && $maycompress && !$has_zlib) { - foreach (split(/:/, $ENV{PATH})) { - if (-x "$_/gzip") { - $GZIPBIN = "$_/gzip"; - last; - } - } +my $rewrite = 0; +if ($pathinfo =~ m|//|) { + $pathinfo =~ y|/|/|s; + $rewrite = 1; } - if (-d $fullname) { - # - # ensure, that directories always end with (exactly) one '/' - # to allow relative URL's. If they're not, make a redirect. - ## - if (!($pathinfo =~ m|/$|) || ($pathinfo =~ m |/{2,}$|)) { - redirect ($scriptwhere . '/' . $query); - } - else { - $where .= '/'; - $scriptwhere .= '/'; - } + if ($pathinfo !~ m|/$|) { + $pathinfo .= '/'; + $rewrite = 1; + } +} elsif ($pathinfo =~ m|/$|) { + chop $pathinfo; + $rewrite = 1; } +if ($rewrite) { + redirect($scriptname . uri_escape_path($pathinfo) . $query, 1); +} +undef $rewrite; +undef $pathinfo; + if (!-d $cvsroot) { - &fatal("500 Internal Error",'$CVSROOT not found!

The server on which the CVS tree lives is probably down. Please try again in a few minutes.'); + fatal("500 Internal Error", + '$CVSROOT not found!

The server on which the CVS tree lives is probably down. Please try again in a few minutes.'); } # -# See if the module is in our forbidden list. +# Short-circuit forbidden things. Note that $fullname should not change +# after this, because the rest of the code assumes this check has already +# been done. # -$where =~ m:([^/]*):; -$module = $1; -if ($module && &forbidden_module($module)) { - &fatal("403 Forbidden", "Access to $where forbidden."); +fatal('403 Forbidden', 'Access to %s forbidden.', $where) + if forbidden($fullname); + +# +# Handle tarball downloads before any headers are output. +# +if ($input{tarball}) { + fatal('403 Forbidden', 'Downloading tarballs is prohibited.') + unless $allow_tar; + + my ($module) = ($where =~ m,^/?(.*),); # untaint + $module =~ s,/([^/]*)$,,; + my ($ext) = ($1 =~ /(\.t(?:ar\.)?gz)$/); + my ($basedir) = ($module =~ m,([^/]+)$,); + + if ($basedir eq '' || $module eq '') { + fatal('500 Internal Error', + 'You cannot download the top level directory.'); + } + + my $istar = $ext eq '.tar.gz' || $ext eq '.tgz'; + if ($istar) { + fatal('500 Internal Error', 'tar command not found.') unless $CMD{tar}; + fatal('500 Internal Error', 'gzip command not found.') unless $CMD{gzip}; + } else { + fatal('500 Internal Error', 'Unsupported archive type.'); + } + + my $tmpexportdir; + eval { + local $SIG{__DIE__}; + # Don't use the CLEANUP argument to tempdir() here, since we might be under + # mod_perl (the process runs for a long time), unlink explicitly later. + $tmpexportdir = tempdir('.cvsweb.XXXXXXXX', TMPDIR => 1); + }; + if ($@) { + fatal('500 Internal Error', 'Unable to make temporary directory: %s', $@); + } + if (!chdir($tmpexportdir)) { + fatal('500 Internal Error', + "Can't cd to temporary directory %s: %s", $tmpexportdir, $!); + } + + my @fatal; + my $tag = $input{only_with_tag} || 'HEAD'; + $tag = 'HEAD' if ($tag eq 'MAIN'); + + my @cmd = + ($CMD{cvs}, @cvs_options, '-Qd', $cvsroot, 'export', '-r', $tag, + '-d', $basedir, $module); + my $export_err; + my ($errcode, $err) = runproc(\@cmd, '2>', \$export_err); + if ($errcode) { + @fatal = + ('500 Internal Error', + 'Export failure (exit status %s), output: 

%s
', + $errcode, $err || $export_err); + + } else { + + $| = 1; # Essential to get the buffering right. + local (*TAR_OUT); + + my (@cmd, $ctype); + if ($istar) { + my @tar = ($CMD{tar}, @tar_options, '-cf', '-', $basedir); + my @gzip = ($CMD{gzip}, @gzip_options, '-c'); + push(@cmd, \@tar, '|', \@gzip); + $ctype = 'application/x-gzip'; + } + push(@cmd, '>pipe', \*TAR_OUT); + + my ($h, $err) = startproc(@cmd); + if ($h) { + print "Content-Type: $ctype\r\n\r\n"; + local $/ = undef; + print ; + $h->finish(); + } else { + @fatal = ('500 Internal Error', + 'tar failure (exit status %s), output: 
%s
', + $? >> 8 || -1, $err); + } + } + + # Clean up. + chdir(".."); + rmtree($tmpexportdir); + + &fatal(@fatal) if @fatal; + + exit; } + ############################## # View a directory ############################### -elsif (-d $fullname) { - my $dh = do {local(*DH);}; - opendir($dh, $fullname) || &fatal("404 Not Found","$where: $!"); - my @dir = readdir($dh); - closedir($dh); - my @subLevelFiles = findLastModifiedSubdirs(@dir) - if ($show_subdir_lastmod); - getDirLogs($cvsroot,$where,@subLevelFiles); +if (-d $fullname) { - if ($where eq '/') { - html_header($defaulttitle); - $long_intro =~ s/!!CVSROOTdescr!!/$CVSROOTdescr{$cvstree}/g; - print $long_intro; - } - else { - html_header($where); - print $short_instruction; - } + my $dh = do { local (*DH); }; + opendir($dh, $fullname) or fatal("404 Not Found", '%s: %s', $where, $!); + my @dir = grep(!forbidden(catfile($fullname, $_)), readdir($dh)); + closedir($dh); + my @subLevelFiles = findLastModifiedSubdirs(@dir) if $show_subdir_lastmod; + my @unreadable = getDirLogs($cvsroot, $where, @subLevelFiles); - my $descriptions; - if (($use_descriptions) && open (DESC, "<$cvsroot/CVSROOT/descriptions")) { - while () { - chomp; - my ($dir,$description) = /(\S+)\s+(.*)/; - $descriptions{$dir} = $description; - } - } + if ($where eq '/') { + html_header($defaulttitle); + $long_intro =~ s/!!CVSROOTdescr!!/$CVSROOTdescr{$cvstree}/g; + print $long_intro; + } else { + html_header($where); + my $html = (-f catfile($fullname, 'README.cvs.html,v') || + -f catfile($fullname, 'Attic', 'README.cvs.html,v')); + my $text = (!$html && + (-f catfile($fullname, 'README.cvs,v') || + -f catfile($fullname, 'Attic', 'README.cvs,v'))); + if ($html || $text) { + my $rev = $input{only_with_tag} || 'HEAD'; + my $cr = abs_path($cvsroot) || $cvsroot; + my $co = "$where/README.cvs.html" if $html; + $co ||= "$where/README.cvs" if $text; + # abs_path() taints when run as a CGI... + if ($cr =~ VALID_PATH) { + $cr = $1; + } else { + fatal('500 Internal Error', 'Illegal CVS root: %s', $cr); + } + my @cmd = ($CMD{cvs}, @cvs_options, '-d', $cr, 'co', '-p', "-r$rev",$co); + local (*CVS_OUT, *CVS_ERR); + my ($h, $err) = startproc(\@cmd, \"", '>pipe', \*CVS_OUT, + '2>pipe', \*CVS_ERR); + fatal('500 Internal Error', $err) unless $h; + if ($html) { + local $/ = undef; + print ; + } else { + print "

\n"; + while () { + chomp; + print htmlquote($_), '
'; + } + print "

"; + } + $h->finish(); + } + print $short_instruction; + } - print "

\n"; - # give direct access to dirs - if ($where eq '/') { - chooseMirror(); - chooseCVSRoot(); - } - else { - print "

Current directory: ", &clickablePath($where,0), "\n"; + if ($use_descriptions && + open(DESC, catfile($cvsroot, 'CVSROOT', 'descriptions'))) { + while () { + chomp; + my ($dir, $description) = /(\S+)\s+(.*)/; + $descriptions{$dir} = $description; + } + close(DESC); + } - print "

Current tag: ", $input{only_with_tag}, "\n" if - $input{only_with_tag}; + print "

\n"; - } + # give direct access to dirs + if ($where eq '/') { + chooseCVSRoot(); + } else { + print '

Current directory: ', clickablePath($where, 0), ''; + print "

\n"; + print "

Current tag: ", htmlquote($input{only_with_tag}), "

\n" + if $input{only_with_tag}; + } + print "
\n"; - print "
\n"; - # Using in this manner violates the HTML2.0 spec but - # provides the results that I want in most browsers. Another - # case of layout spooging up HTML. + my $infocols = 1; - my $infocols = 0; - if ($dirtable) { - if (defined($tableBorderColor)) { - # Can't this be done by defining the border for the inner table? - print "
"; - } - print "\n"; - $infocols++; - printf '"; - # do not display the other column-headers, if we do not have any files - # with revision information: - if (scalar(%fileinfo)) { - $infocols++; - printf '"; - $infocols++; - printf '"; - if ($show_author) { - $infocols++; - printf '"; - } - $infocols++; - printf '"; - } - elsif ($use_descriptions) { - printf '\n"; - } - else { - print "\n"; - } - my $dirrow = 0; + printf(< + +EOF + printf('\n"; - my $hideAtticToggleLink = $input{'hideattic'} ? '' : - &link('[Hide]', sprintf('./%s#dirlist', - &toggleQuery ("hideattic"))); + # Do not display the other column headers if we do not have any files + # with revision information. + if (scalar(%fileinfo)) { + $infocols++; + printf('', ($byrev ? ' class="sorted"' : '')); - # Sort without the Attic/ pathname. - # place directories first + if ($byrev) { + print 'Rev.'; + } else { + print &link('Rev.', + sprintf('./%s#dirlist', toggleQuery('sortby', 'rev'))); + } + print "\n"; + $infocols++; + printf('', ($bydate ? ' class="sorted"' : '')); - my $attic; - my $url; - my $fileurl; - my $filesexists; - my $filesfound; + if ($bydate) { + print 'Age'; + } else { + print &link('Age', + sprintf('./%s#dirlist', toggleQuery('sortby', 'date'))); + } + print "\n"; - foreach (sort { &fileSortCmp } @dir) { - if ($_ eq '.') { - next; - } - # ignore CVS lock and stale NFS files - next if (/^#cvs\.|^,|^\.nfs/); + if ($show_author) { + $infocols++; + printf('', ($byauthor ? ' class="sorted"' : '')); - # Check whether to show the CVSROOT path - next if ($input{'hidecvsroot'} && ($_ eq 'CVSROOT')); + if ($byauthor) { + print 'Author'; + } else { + print + &link('Author', + sprintf('./%s#dirlist', toggleQuery('sortby', 'author'))); + } + print "\n"; + } + $infocols++; + printf('', ($bylog ? ' class="sorted"' : '')); - # Check whether the module is in the restricted list - next if ($_ && &forbidden_module($_)); + if ($bylog) { + print 'Last log entry'; + } else { + print &link('Last log entry', + sprintf('./%s#dirlist', toggleQuery('sortby', 'log'))); + } + print "\n"; + } elsif ($use_descriptions) { + print "\n"; + $infocols++; + } + print "\n"; - # Ignore non-readable files - next if ($input{'hidenonreadable'} && !(-r "$fullname/$_")); + my $dirrow = 0; - if (s|^Attic/||) { - $attic = " (in the Attic) " . $hideAtticToggleLink; - } - else { - $attic = ""; - } + my $i; + lookingforattic: + for ($i = 0; $i <= $#dir; $i++) { + if ($dir[$i] eq "Attic") { + last lookingforattic; + } + } - if ($_ eq '..' || -d "$fullname/$_") { - next if ($_ eq '..' && $where eq '/'); - my ($rev,$date,$log,$author,$filename) = @{$fileinfo{$_}} - if (defined($fileinfo{$_})); - printf '\n"; - } - else { - print "
\n"; - } - $dirrow++; - } - elsif (s/,v$//) { - $fileurl = ($attic ? "Attic/" : "") . urlencode($_); - $url = $fileurl . $query; - my $rev = ''; - my $date = ''; - my $log = ''; - my $author = ''; - $filesexists++; - next if (!defined($fileinfo{$_})); - ($rev,$date,$log,$author) = @{$fileinfo{$_}}; - $filesfound++; - printf '" if ($dirtable); - print (($dirtable) ? "" : "
"); - $dirrow++; - } - print "\n"; - } - if ($dirtable && defined($tableBorderColor)) { - print "
', - $byfile ? $columnHeaderColorSorted : $columnHeaderColorDefault; - if ($byfile) { - print 'File'; - } else { - print &link('File', sprintf('./%s#dirlist', - &toggleQuery("sortby", "file"))); - } - print "', - $byrev ? $columnHeaderColorSorted : $columnHeaderColorDefault; - if ($byrev) { - print 'Rev.'; - } else { - print &link('Rev.', sprintf('./%s#dirlist', - &toggleQuery("sortby", "rev"))); - } - print "', - $bydate ? $columnHeaderColorSorted : $columnHeaderColorDefault; - if ($bydate) { - print 'Age'; - } else { - print &link('Age', sprintf('./%s#dirlist', - &toggleQuery("sortby", "date"))); - } - print "', - $byauthor ? $columnHeaderColorSorted : $columnHeaderColorDefault; - if ($byauthor) { - print 'Author'; - } else { - print &link('Author', sprintf('./%s#dirlist', - &toggleQuery("sortby", "author"))); - } - print "', - $bylog ? $columnHeaderColorSorted : $columnHeaderColorDefault; - if ($bylog) { - print 'Last log entry'; - } else { - print &link('Last log entry', sprintf('./%s#dirlist', - &toggleQuery("sortby", "log"))); - } - print "', $columnHeaderColorDefault; - print "Description"; - $infocols++; - } - print "
', ($byfile ? ' class="sorted"' : '')); - my $i; - lookingforattic: - for ($i = 0; $i <= $#dir; $i++) { - if ($dir[$i] eq "Attic") { - last lookingforattic; - } - } - if (!$input{'hideattic'} && ($i <= $#dir) && - opendir($dh, $fullname . "/Attic")) { - splice(@dir, $i, 1, - grep((s|^|Attic/|,!m|/\.|), readdir($dh))); - closedir($dh); - } + if ($byfile) { + print 'File'; + } else { + print &link('File', + sprintf('./%s#dirlist', toggleQuery('sortby', 'file'))); + } + print "Description
', $tabcolors[$dirrow % 2] if $dirtable; - if ($_ eq '..') { - $url = "../$query"; - if ($nofilelinks) { - print $backicon; - } - else { - print &link($backicon, $url); - } - print " ", &link("Previous Directory", $url); - } - else { - $url = urlencode($_) . "/$query"; - print ""; - if ($nofilelinks) { - print $diricon; - } - else { - print &link($diricon, $url); - } - print " ", &link("$_/", $url), $attic; - if ($_ eq "Attic") { - print "  "; - print &link("[Don't hide]", sprintf('./%s#dirlist', - &toggleQuery ("hideattic"))); - } - } - # Show last change in dir - if ($filename) { - print "  " if ($dirtable); - if ($date) { - print " ", readableTime(time() - $date,0), ""; - } - if ($show_author) { - print " " if ($dirtable); - print $author; - } - print " " if ($dirtable); - $filename =~ s%^[^/]+/%%; - print "$filename/$rev"; - print "
" if ($dirtable); - if ($log) { - print " ", - &htmlify(substr($log,0,$shortLogLen)); - if (length $log > 80) { - print "..."; - } - print ""; - } - } - else { - my ($dwhere) = ($where ne "/" ? $where : "") . $_; - if ($use_descriptions && defined $descriptions{$dwhere}) { - print "		 " if $dirtable; - print $descriptions{$dwhere}; - } elsif ($dirtable && $infocols > 1) { - # close the row with the appropriate number of - # columns, so that the vertical seperators are visible - my($cols) = $infocols; - while ($cols > 1) { - print " "; - $cols--; - } - } - } - if ($dirtable) { - print "
', $tabcolors[$dirrow % 2] if $dirtable; - print ""; - if ($nofilelinks) { - print $fileicon; - } - else { - print &link($fileicon,$url); - } - print " ", &link($_, $url), $attic; - print " " if ($dirtable); - download_link($fileurl, - $rev, $rev, - $defaultViewable ? "text/x-cvsweb-markup" : undef); - print " " if ($dirtable); - if ($date) { - print " ", readableTime(time() - $date,0), ""; - } - if ($show_author) { - print " " if ($dirtable); - print $author; - } - print " " if ($dirtable); - if ($log) { - print " ", &htmlify(substr($log,0,$shortLogLen)); - if (length $log > 80) { - print "..."; - } - print ""; - } - print "
"; - } - print( $dirtable == 1 ? "
\n" : "\n" ); + if (!$input{hideattic} + && ($i <= $#dir) + && opendir($dh, $fullname . '/Attic')) + { + splice(@dir, $i, 1, grep((s|^|Attic/|, !m|/\.|), readdir($dh))); + closedir($dh); + } - if ($filesexists && !$filesfound) { - print "

NOTE: There are $filesexists files, but none matches the current tag ($input{only_with_tag})\n"; - } - if ($input{only_with_tag} && (!%tags || !$tags{$input{only_with_tag}})) { - %tags = %alltags - } - if (scalar %tags - || $input{only_with_tag} - || $edit_option_form - || defined($input{"options"})) { - print "

"; - } + my $hideAtticToggleLink = + $input{hideattic} + ? '' + : &link('[hide]', sprintf('./%s#dirlist', &toggleQuery('hideattic'))); - if (scalar %tags || $input{only_with_tag}) { - print "
\n"; - foreach my $var (@stickyvars) { - print "\n" - if (defined($input{$var}) - && (!defined($DEFAULTVALUE{$var}) - || $input{$var} ne $DEFAULTVALUE{$var}) - && $input{$var} ne "" - && $var ne "only_with_tag"); - } - print "Show only files with tag:\n"; - print "\n"; - print "\n"; - print "
\n"; - } - my $formwhere = $scriptwhere; - $formwhere =~ s|Attic/?$|| if ($input{'hideattic'}); + # Sort without the Attic/ pathname. + # place directories first - if ($edit_option_form || defined($input{"options"})) { - print "
\n"; - print "\n"; - if ($cvstree ne $cvstreedefault) { - print "\n"; - } - print "
"; - print ""; - print ""; - print ""; - print ""; - print "\n"; - print "
Preferences
Sort files by Sort log by: "; - printLogSortSelect(0); - print "
Diff format: "; - printDiffSelect(0); - print "Show Attic files: "; - print "
"; - print "
\n"; - } - print &html_footer; - print "\n"; + my $filesexists; + my $filesfound; + + foreach my $file (sort { &fileSortCmp } @dir) { + + next if ($file eq curdir()); + + # ignore CVS lock and stale NFS files + next if ($file =~ /^\#cvs\.|^,|^\.nfs/); # \# for XEmacs cperl-mode... + + # Check whether to show the CVSROOT path + next if ($input{hidecvsroot} && $where eq '/' && $file eq 'CVSROOT'); + + # Is it a directory? + my $isdir = -d catdir($fullname, $file); + + # Ignore non-readable files and directories? + next if ($input{hidenonreadable} && (! -r _ || ($isdir && ! -x _))); + + my $attic = ''; + if ($file =~ s|^Attic/||) { + $attic = ' (in the Attic) ' . + $hideAtticToggleLink . ''; } + if ($file eq updir() || $isdir) { + next if ($file eq updir() && $where eq '/'); + my ($rev, $date, $log, $author, $filename, $keywordsubst) = + @{$fileinfo{$file}} if (defined($fileinfo{$file})); + printf "\n", + ($dirrow % 2) ? 'even' : 'odd'; + + if ($file eq updir()) { + my $url = "../$query"; + print $nofilelinks ? $backicon : &link($backicon, $url); + print ' ', &link("Parent Directory", $url); + + } else { + my $url = './' . uri_escape_path($file) . "/$query"; + print ''; + print $nofilelinks ? $diricon : &link($diricon, $url); + print ' ', &link(htmlquote("$file/"), $url), $attic; + if ($file eq "Attic") { + print ' ', + &link('[show]', + sprintf('./%s#dirlist', &toggleQuery('hideattic'))), + ''; + } + } + + # Show last change in dir + if ($filename) { + my $ageclass = 'age'; + my $age = ''; + if ($date) { + $age = readableTime(time() - $date, 0); + $ageclass .= " $1" if ($age =~ /^\d+ ([a-z]+)/); + } + print "\n \n$age"; + print "\n", htmlquote($author) + if $show_author; + print "\n"; + $filename =~ s%^[^/]+/%%; + print &link(htmlquote("$filename/$rev"), + sprintf('%s/%s%s#rev%s', + uri_escape($file), uri_escape($filename), + $query, $rev)), '
'; + if ($log) { + print htmlify(substr($log, 0, $shortLogLen), $allow_dir_extra); + print '...' if (length($log) > 80); + } + + } else { + my $dwhere = ($where ne '/' ? $where : '') . $file; + + if ($use_descriptions && defined $descriptions{$dwhere}) { + print ''; + print $descriptions{$dwhere}; + + } elsif ($infocols > 1) { + + # close the row with the appropriate number of + # columns, so that the vertical seperators are visible + my ($cols) = $infocols; + while ($cols > 1) { + print "\n "; + $cols--; + } + } + } + + print "\n\n"; + $dirrow++; + + } elsif ($file =~ s/,v$//) { + + my $fileurl = ($attic ? 'Attic/' : '') . uri_escape_path($file); + my $url = './' . $fileurl . $query; + $filesexists++; + next if (!defined($fileinfo{$file})); + my ($rev, $date, $log, $author, $filename, $keywordsubst) = + @{$fileinfo{$file}}; + my $isbinary = $keywordsubst eq 'b' ? 1 : 0; + $filesfound++; + + printf "\n", ($dirrow % 2) ? 'even' : 'odd'; + printf ''; + + my $icon = $isbinary ? $binfileicon : $fileicon; + print $nofilelinks ? $icon : &link($icon, $url); + print ' ', &link(htmlquote($file), $url), $attic; + print "\n", display_link($fileurl, $rev); + my $ageclass = 'age'; + my $age = ''; + if ($date) { + $age = readableTime(time() - $date, 0); + $ageclass .= " $1" if ($age =~ /^\d+ ([a-z]+)/); + } + print "\n$age"; + print "\n", htmlquote($author) if $show_author; + print "\n"; + + if ($log) { + print htmlify(substr($log, 0, $shortLogLen), $allow_dir_extra); + print '...' if (length $log > 80); + } + print "\n"; + $dirrow++; + } + print "\n"; + } + + print "\n"; + + if ((my $num = scalar(@unreadable)) && ! $input{hidenonreadable}) { + printf(< + NOTE: The following %d unreadable files were ignored:
+ %s +

+EOF + } + + if ($filesexists && !$filesfound) { + my $currtag = defined($input{only_with_tag}) ? + sprintf(' (%s)', htmlquote($input{only_with_tag})) : ''; + printf(< + NOTE: There are %d files, but none matches the current tag%s. +

+EOF + } + + if ($input{only_with_tag} && (!%tags || !$tags{$input{only_with_tag}})) { + %tags = %alltags; + } + + if (scalar %tags + || $input{only_with_tag} + || $edit_option_form + || defined($input{options})) + { + print "
\n"; + } + + if (scalar %tags || $input{only_with_tag}) { + print "
\n

\n"; + foreach my $var (@stickyvars) { + printf("\n", + $var, htmlquote($input{$var})) + if (defined($input{$var}) + && (!defined($DEFAULTVALUE{$var}) + || $input{$var} ne $DEFAULTVALUE{$var}) + && $var ne 'only_with_tag'); + } + print < + + + +

+
+EOF + } + + if ($allow_tar && $filesfound) { + my ($basefile) = ($where =~ m,(?:.*/)?([^/]+),); + my $havetar = $CMD{tar} && $CMD{gzip}; + if (defined($basefile) && $basefile ne '' && $havetar) { + my $q = ($query ? "$query;" : '?') . 'tarball=1'; + print "
\n", + '
Download this directory in '; + # Mangle the filename so browsers show a reasonable filename to download. + $basefile = uri_escape($basefile); + print &link('tarball', "$basefile.tar.gz$q"); + print "
\n"; + } + } + + if ($edit_option_form || defined($input{options})) { + + print < +
+General options + +EOF + for my $v (qw(hidecvsroot hidenonreadable)) { + printf(qq{\n}, + $v, $input{$v} || 0); + } + if ($cvstree ne $CVSrepositories[0]) { + print "\n"; + } + print < + + + + + +\n"; + print < + + + + +EOF + print ''; + print < + + + + + + +EOF + printLogSortSelect(); + print < + + + + +EOF + print '\n"; + print < + + + + + + +EOF + printDiffSelect(); + print < + + + + + +
+ +EOF + } + html_footer(); +} + ############################### # View Files ############################### - elsif (-f $fullname . ',v') { - if (defined($input{'rev'}) || $doCheckout) { - &doCheckout($fullname, $input{'rev'}); - gzipclose(); - exit; - } - if (defined($input{'annotate'}) && $allow_annotate) { - &doAnnotate($input{'annotate'}); - gzipclose(); - exit; - } - if (defined($input{'r1'}) && defined($input{'r2'})) { - &doDiff($fullname, $input{'r1'}, $input{'tr1'}, - $input{'r2'}, $input{'tr2'}, $input{'f'}); - gzipclose(); - exit; - } - print("going to dolog($fullname)\n") if ($verbose); - &doLog($fullname); +elsif (-f $fullname . ',v') { + + if (defined($input{rev}) || $doCheckout) { + &doCheckout($fullname, $input{rev}, $input{only_with_tag}); + gzipclose(); + exit; + } + + if (defined($input{annotate}) && $allow_annotate) { + &doAnnotate($input{annotate}, $input{only_with_tag}); + gzipclose(); + exit; + } + + if (defined($input{r1}) && defined($input{r2})) { + &doDiff($fullname, $input{r1}, $input{tr1}, + $input{r2}, $input{tr2}, $input{f}); + gzipclose(); + exit; + } + + &doLog($fullname); +} + ############################## # View Diff ############################## - } - elsif ($fullname =~ s/\.diff$// && -f $fullname . ",v" && - $input{'r1'} && $input{'r2'}) { +elsif ($fullname =~ s/\.diff$// + && -f $fullname . ',v' && $input{r1} && $input{r2}) +{ - # $where-diff-removal if 'cvs rdiff' is used - # .. but 'cvs rdiff'doesn't support some options - # rcsdiff does (-w and -p), so it is disabled - # $where =~ s/\.diff$//; + # $where-diff-removal if 'cvs rdiff' is used + # .. but 'cvs rdiff'doesn't support some options + # rcsdiff does (-w and -p), so it is disabled + # $where =~ s/\.diff$//; - # Allow diffs using the ".diff" extension - # so that browsers that default to the URL - # for a save filename don't save diff's as - # e.g. foo.c - &doDiff($fullname, $input{'r1'}, $input{'tr1'}, - $input{'r2'}, $input{'tr2'}, $input{'f'}); - gzipclose(); - exit; + # Allow diffs using the ".diff" extension so that browsers that default + # to the filename in the URL when saving don't save diffs as eg. foo.c. + &doDiff($fullname, $input{r1}, $input{tr1}, + $input{r2}, $input{tr2}, $input{f}); + gzipclose(); + exit; + +} + +elsif (do { (my $tmp = $fullname) =~ s|/([^/]+)$|/Attic/$1|; -f "$tmp,v" }) { + # The file has been removed and is in the Attic. + # Send a redirect pointing to the file in the Attic. + (my $newplace = $scriptwhere) =~ s|/([^/]+)$|/Attic/$1|; + if ($ENV{QUERY_STRING} ne "") { + redirect("$newplace?$ENV{QUERY_STRING}"); + } else { + redirect($newplace); + } + exit; + +} + +elsif (0 && (my @files = &safeglob($fullname . ",v"))) { + http_header("text/plain"); + print "You matched the following files:\n"; + print join ("\n", @files); + + # TODO: + # Find the tags from each file + # Display a form offering diffs between said tags +} + +else { + # Assume it's a module name with a potential path following it. + my $module; + my $xtra = (($module = $where) =~ s|(/.*)||) ? $1 : ''; + + # Is there an indexed version of modules? + my $fh = do { local (*FH); }; + if (open($fh, catfile($cvsroot, 'CVSROOT', 'modules'))) { + while (<$fh>) { + if (/^(\S+)\s+(\S+)/o + && $module eq $1 + && $module ne $2 + && -d "$cvsroot/$2") + { + close($fh); + redirect("$scriptname/$2$xtra$query"); + } } - elsif (($newname = $fullname) =~ s|/([^/]+)$|/Attic/$1| && - -f $newname . ",v") { - # The file has been removed and is in the Attic. - # Send a redirect pointing to the file in the Attic. - (my $newplace = $scriptwhere) =~ s|/([^/]+)$|/Attic/$1|; - &redirect($newplace); - exit; - } - elsif (0 && (my @files = &safeglob($fullname . ",v"))) { - http_header("text/plain"); - print "You matched the following files:\n"; - print join("\n", @files); - # Find the tags from each file - # Display a form offering diffs between said tags - } - else { - my $fh = do {local(*FH);}; - my ($xtra, $module); - # Assume it's a module name with a potential path following it. - $xtra = $& if (($module = $where) =~ s|/.*||); - # Is there an indexed version of modules? - if (open($fh, "$cvsroot/CVSROOT/modules")) { - while (<$fh>) { - if (/^(\S+)\s+(\S+)/o && $module eq $1 - && -d "${cvsroot}/$2" && $module ne $2) { - &redirect($scriptname . '/' . $2 . $xtra); - } - } - } - &fatal("404 Not Found","$where: no such file or directory"); - } + close($fh); + } + fatal("404 Not Found", '%s: no such file or directory', $where); +} gzipclose(); + ## End MAIN -sub printDiffSelect($) { - my ($use_java_script) = @_; - my $f = $input{'f'}; - print '\n"; - local $_; - for (@DIFFTYPES) { - printf('\n", + $difftype, $input{f} eq $difftype ? ' selected="selected"' : '', + "\u$DIFFTYPES{$difftype}{descr}"); + } - print ""; + print ""; } -sub printLogSortSelect($) { - my ($use_java_script) = @_; - print '\n"; + } +} - local $_; - for (@LOGSORTKEYS) { - printf('