--- parser3/src/classes/file.C 2002/09/10 10:55:32 1.97 +++ parser3/src/classes/file.C 2002/11/25 14:10:51 1.104 @@ -5,7 +5,7 @@ Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char* IDENT_FILE_C="$Date: 2002/09/10 10:55:32 $"; +static const char* IDENT_FILE_C="$Date: 2002/11/25 14:10:51 $"; #include "pa_config_includes.h" @@ -95,7 +95,7 @@ static void _save(Request& r, const Stri Value& vfile_name=params->as_no_junction(1, "file name must not be code"); // save - static_cast(r.self)->save(r.absolute(vfile_name.as_string()), + static_cast(r.get_self())->save(r.absolute(vfile_name.as_string()), vmode_name.as_string()==TEXT_MODE_NAME); } @@ -120,17 +120,32 @@ static void _load(Request& r, const Stri Pool& pool=r.pool(); Value& vmode_name=params-> as_no_junction(0, "mode must not be code"); const String& lfile_name=r.absolute(params->as_no_junction(1, "file name must not be code").as_string()); + Value *third_param=params->size()>2?¶ms->as_no_junction(2, "filename or options must not be code"):0; + Hash *third_param_hash=third_param?third_param->get_hash(&method_name):0; + int alt_filename_param_index=2; + if(third_param_hash) + alt_filename_param_index++; void *data; size_t size; + Hash *fields=0; file_read(pool, lfile_name, data, size, - vmode_name.as_string()==TEXT_MODE_NAME); + vmode_name.as_string()==TEXT_MODE_NAME, + third_param_hash, + &fields + ); - char *user_file_name=params->size()>2? - params->as_string(2, "filename must be string").cstr(String::UL_FILE_SPEC) + char *user_file_name=params->size()>alt_filename_param_index? + params->as_string(alt_filename_param_index, "filename must be string").cstr(String::UL_FILE_SPEC) :lfile_name.cstr(String::UL_FILE_SPEC); + + Value *vcontent_type=0; + if(fields) + vcontent_type=static_cast(fields->get(*content_type_name)); + if(!vcontent_type) + vcontent_type=new(pool) VString(r.mime_type_of(user_file_name)); - static_cast(r.self)->set(true/*tainted*/, data, size, - user_file_name, new(pool) VString(r.mime_type_of(user_file_name))); + VFile& self=*static_cast(r.get_self()); + self.set(true/*tainted*/, data, size, user_file_name, vcontent_type); } static void _stat(Request& r, const String& method_name, MethodParams *params) { @@ -145,7 +160,7 @@ static void _stat(Request& r, const Stri size, atime, mtime, ctime); - VFile& vfile=*static_cast(r.self); + VFile& vfile=*static_cast(r.get_self()); vfile.set(true/*tainted*/, 0/*no bytes*/, size); Hash& ff=vfile.fields(); ff.put(*new(pool) String(pool, "adate"), new(pool) VDate(pool, atime)); @@ -168,21 +183,21 @@ static bool is_safe_env_key(const char * #ifndef DOXYGEN struct Append_env_pair_info { Hash* hash; - const String* sstdin; + Value* vstdin; }; #endif -static void append_env_pair(const Hash::Key& key, Hash::Val *value, void *info) { +static void append_env_pair(const Hash::Key& key, Hash::Val *avalue, void *info) { Append_env_pair_info& pi=*static_cast(info); - const String& svalue=static_cast(value)->as_string(); + Value& value=*static_cast(avalue); if(key==STDIN_EXEC_PARAM_NAME) { - pi.sstdin=&svalue; + pi.vstdin=&value; } else { if(!is_safe_env_key(key.cstr())) throw Exception("parser.runtime", &key, "not safe environment variable"); - pi.hash->put(key, &svalue); + pi.hash->put(key, &value.as_string()); } } #ifndef DOXYGEN @@ -248,6 +263,7 @@ static void _exec_cgi(Request& r, const env.put(*new(pool) String(pool, "SCRIPT_NAME"), &script_name); //env.put(*new(pool) String(pool, "SCRIPT_FILENAME"), ??&script_name); + bool stdin_specified=false; // environment & stdin from param String in(pool); if(params->size()>1) { @@ -255,8 +271,19 @@ static void _exec_cgi(Request& r, const if(Hash *user_env=venv.get_hash(&method_name)) { Append_env_pair_info info={&env}; user_env->for_each(append_env_pair, &info); - if(info.sstdin) - in.append(*info.sstdin, String::UL_CLEAN, true); + if(info.vstdin) { + stdin_specified=true; + if(const String *sstdin=info.vstdin->get_string()) { + in.append(*sstdin, String::UL_CLEAN, true); + } else + if(VFile *vfile=static_cast(info.vstdin->as("file", false))) + in.APPEND_TAINTED((const char *)vfile->value_ptr(), vfile->value_size(), + "$.stdin[assigned]", 0); + else + throw Exception("parser.runtime", + &method_name, + STDIN_EXEC_PARAM_NAME " parameter must be string or file"); + } } } @@ -269,7 +296,7 @@ static void _exec_cgi(Request& r, const } // passing POST data - if(in.is_empty()) // if $.stdin[...] not specified + if(!stdin_specified) // if $.stdin[...] not specified in.APPEND(r.post_data, r.post_size, String::UL_CLEAN, "POST data (passed)", 0); // exec! @@ -277,22 +304,30 @@ static void _exec_cgi(Request& r, const String& err=*new(pool) String(pool); int status=pa_exec(false/*forced_allow*/, script_name, &env, argv, in, out, err); - VFile& self=*static_cast(r.self); + VFile& self=*static_cast(r.get_self()); const String *body=&out; // ^file:exec Value *content_type=0; - const char *eol_marker="\r\n"; size_t eol_marker_size=2; + const char *eol_marker=0; size_t eol_marker_size; const String *header=0; if(cgi) { // ^file:cgi // construct with 'out' body and header - int delim_size; - int pos=out.pos("\r\n\r\n", delim_size=4); - if(pos<0) { - eol_marker="\n"; eol_marker_size=1; - pos=out.pos("\n\n", delim_size=2); - } - if(pos<0) { - delim_size=0; // calm down, compiler + int dos_pos=out.pos("\r\n\r\n", 4); + int unix_pos=out.pos("\n\n", 2); + + bool unix_header_break; + switch((dos_pos >= 0?10:00) + (unix_pos >= 0?01:00)) { + case 10: // dos + unix_header_break=false; + break; + case 01: // unix + unix_header_break=true; + break; + case 11: // dos & unix + unix_header_break=unix_poscstr(), body->size()); // $fields << header - if(header) { + if(header && eol_marker) { Array rows(pool); header->split(rows, 0, eol_marker, eol_marker_size); Pass_cgi_header_attribute_info info={&self.fields()}; @@ -320,7 +365,7 @@ static void _exec_cgi(Request& r, const // $status self.fields().put( - *new(pool) String(pool, "status"), + *file_status_name, new(pool) VInt(pool, status)); // $stderr @@ -394,7 +439,7 @@ static void _list(Request& r, const Stri char *file_name_cstr=(char *)pool.malloc(file_name_size); memcpy(file_name_cstr, ffblk.ff_name, file_name_size); String &file_name=*new(pool) String(pool); - file_name.APPEND(file_name_cstr, file_name_size, String::UL_FILE_SPEC, + file_name.APPEND_TAINTED(file_name_cstr, file_name_size, method_name.origin().file, method_name.origin().line); Array& row=*new(pool) Array(pool); @@ -518,6 +563,22 @@ static void _justext(Request& r, const S r.write_assign_lang(file_spec.mid(afterdot, file_spec.size())); } +static void _fullpath(Request& r, const String& method_name, MethodParams *params) { + const String& file_spec=params->as_string(0, "file name must be string"); + const String *result; + if(file_spec.first_char()=='/') + result=&file_spec; + else { + // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif + const String& full_disk_path=r.absolute(file_spec); + size_t document_root_length=strlen(r.info.document_root); + if(document_root_length>0) + --document_root_length; + result=&full_disk_path.mid(document_root_length, full_disk_path.size()); + } + r.write_assign_lang(*result); +} + // constructor @@ -568,6 +629,8 @@ MFile::MFile(Pool& apool) : Methoded(apo add_native_method("justname", Method::CT_STATIC, _justname, 1, 1); // ^file:justext[/a/some.tar.gz]=gz add_native_method("justext", Method::CT_STATIC, _justext, 1, 1); + // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif + add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1); } // global variable