#<BASE HREF=\"$baseurl\">$&#i; s|\<([\w\$][-\w.\$]*\@\w[-\w.]+)>|\<a href="/cgi-bin/artbyid?$1"\>\<$1\>\</a\>|g; } else { s|\&|\&|g; s|\<|\<|g; s|\>|\>|g; s|\<([\w\$][-\w.\$]*\@\w[-\w.]+)>|\<a href="/cgi-bin/artbyid?$1"\>\<$1\>\</a\>|g; # s|\bgopher://([^ ><'")(]*[\w\/])\b|\<a href="$&">$&\</a>|g; # s|\bhttp://[-.\w?/+&\%:]+[.\w/]\b|\<a href="$&">$&\</a>|g; # s|\bftp://[-.\w/+]+[.\w/]\b|\<a href="$&"\>$&\</a\>|g; s#\bgopher://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g; s#\bhttp://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g; s#\bftp://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g; } if ($line && $. == $line) { print "<A NAME=\"mfs\"><B>"; } if ($line && $. == $line+1) { print " </B></A>"; } print; } if ($HTML == 0) { print "</PRE>\n"; } close(INPUT); sub err

#!/usr/bin/perl $gunzip = "/bin/gunzip"; $GLIMPSE_LOC = "/home/agraham/globalcourierguide-www/glimpse-4.1-bin-Linux-2.0.30-i486/bin/glimpse"; $GREP_LOC = $GLIMPSE_LOC; # ------------------- added - j.holler 97/10/06 $WEBGLIMPSE_HOME = "/home/agraham/globalcourierguide-www"; ############################################## # # # no configuration is needed below this line # # # ############################################## # added - j.holler 97/10/06 $WEBGLIMPSE_LIB = "$WEBGLIMPSE_HOME/lib"; # site-specific configuration file $wgConfPath = "$WEBGLIMPSE_HOME/.wgsiteconf"; #--------------------------------- # make my libraries more important unshift(@INC, "$WEBGLIMPSE_LIB"); require "config.pl"; #--------------------------------- print "Content-type: text/html\n\n"; $query = $ENV{'QUERY_STRING'}; # Strip the variables out from the query string, # and assign them into variables, prefixed by 'QS_' # Replaced eval with $$varname= code as per Jim Ellis suggestion. --GB 7/24/97 # (Security reasons - we don't want to call an eval with anything user-supplied) @qvars = split( /\&/, $query ); foreach (@qvars) { split(/=/); $fname = $_[0]; $fvalue = $_[1]; $fvalue =~ s/\'//g; $varname = "QS_$fname"; $$varname = $fvalue if ( $fname =~ /^[a-z_A-Z]\w*$/ ); # $cmd = "\$QS_$fname = '$fvalue';" ; # print ">>>",$cmd,"\n"; # $cmd = eval $cmd if ( $fname =~ /^[a-z_A-Z]\w*$/ ); } $indexdir = $ARGV[0]; # Added link argument for BASE HREF tag. --GB 11/1/97 $link = $QS_link; $file = $QS_file; $path = $QS_file; if ($path =~ m#/\.\./#) { &err_noaccess;} $line = $QS_line; # make sure the indexdir exists, and is a valid archive dir if ($indexdir =~ m/^\s*\&/) { # Don't let anybody open specific descriptors. &err_file ($indexdir); die ("UNREACHABLE REACHED"); } if (!(-d $indexdir)){ &err_noindexdir; } if (!(-e "$indexdir/archive.cfg")){ &err_badindexdir; } # get the url for the file from the config open(CFG, "<$indexdir/archive.cfg") || &err_badconfig; $input = ; ($title,$url,$subindex) = split("\t", $input); close(CFG); # print "indexdir = $indexdir
file = $file
line = $line
query=$query
\n"; # you may comment this check if you want to decrease security # for a shorter execution # Made the security check more secure -- GB 7/24/97 # This original code just checks that glimpse can execute and look for the # filename in .glimpse_filenames - it doesn't actually check that the file is there! # (The return code from system is 0 if the command executed without error, whatever the result) --G # if (system("$GREP_LOC -k $file $indexdir/.glimpse_filenames >/dev/null". # " 2>/dev/null") != 0) { # &err_noaccess; # } # The following code checks if the filename is in .glimpse_filenames $found = 0; ($lookfor = $file) =~ s/(\W)/\\\1/g; open (F, "<$indexdir/.glimpse_filenames") || &err_noaccess; ; while (($_ = ) && !($found)) { $found = (/^${lookfor}\s/ || /^${lookfor}$/); } close(F); if (! $found) { &err_noaccess; } # End of security check. if (($path =~ m/^\s*-\s*$/) || ($path =~ m/^\s*\&/)) { # Don't let anybody open stdin, or specific descriptors. &err_file ($path); die ("UNREACHABLE REACHED"); } $effname = "<$path"; $name = $path; if ($path =~ /^(.*)\.Z$/) { $effname = "exec $gunzip < $path|"; $name = $1; } elsif ($path =~ /^(.*)\.gz$/) { $effname = "exec $gunzip < $path|"; $name = $1; } elsif ($path =~ /^(.*)\.zip$/) { $effname = "exec $gunzip < $path|"; $name = $1; } if (! -f $path) { &err_file($path); die ("UNREACHABLE REACHED"); } if (!open(INPUT,$effname)) { &err_file($path); die ("UNREACHABLE REACHED"); } $HTML = 1; # Allow .html or .htm --GB 11/1/97 if ($name !~ /\.s?htm[l]*?$/) { print "

\n";
	$HTML = 0;
}

# Use the $link argument for baseurl --GB 11/1/97
#$baseurl = $url.$file;
$baseurl = $link;


LINE:
while () {
	if ($HTML) {
		$baseurl &&
			s##<BASE HREF=\"$baseurl\">$&#i;
		s|\<([\w\$][-\w.\$]*\@\w[-\w.]+)>|\<a href="/cgi-bin/artbyid?$1"\>\<$1\>\</a\>|g;
	} else {
		s|\&|\&|g;
		s|\<|\<|g;
		s|\>|\>|g;
		s|\<([\w\$][-\w.\$]*\@\w[-\w.]+)>|\<a href="/cgi-bin/artbyid?$1"\>\<$1\>\</a\>|g;
		# s|\bgopher://([^ ><'")(]*[\w\/])\b|\<a href="$&">$&\</a>|g;
		# s|\bhttp://[-.\w?/+&\%:]+[.\w/]\b|\<a href="$&">$&\</a>|g;
		# s|\bftp://[-.\w/+]+[.\w/]\b|\<a href="$&"\>$&\</a\>|g;
		s#\bgopher://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g;
		s#\bhttp://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g;
		s#\bftp://[^\s><'")(]+[\w/]#\<a href="$&">$&\</a>#g;
	}
	if ($line && $. == $line) {
		print "<A NAME=\"mfs\"><B>";
	}
	if ($line && $. == $line+1) {
		print " </B></A>";
	}

	print;
}
if ($HTML == 0) {
	print "</PRE>\n";
}
close(INPUT);

sub err_badconfig {
	print "<TITLE>Error\n";
	print "Error with \"$indexdir\"\n";
	print "Cannot open configuration file for archive directory.\n";
	exit;
}
sub err_noindexdir {
	print "Error\n";
	print "Error with \"$indexdir\"\n";
	print "Archive directory does not exist.\n";
	exit;
}
sub err_badindexdir {
	print "Error\n";
	print "Error with \"$indexdir\"\n";
	print "Directory is not an archive directory.\n";
	exit;
}
sub err_noaccess {
	print "Access denied\n";
	print "Access to \"$path\" denied\n";
	print "You don't have permission to get file \"$path\"\n";
	print "from this site.\n";
	exit;
}
sub err_file {
	local ($path) = @_;
	print "Cannot read file \"$path\"\n";
	print "Cannot read file \"$path\": $!\n";
	exit;
}