# chooser.cgi
# Outputs HTML for a frame-based file chooser
+BEGIN { push(@INC, ".."); };
+use WebminCore;
+
@icon_map = ( "c", "text.gif",
"txt", "text.gif",
"pl", "text.gif",
"tar", "binary.gif"
);
-require (-r './web-lib.pl' ? './web-lib.pl' : '../web-lib.pl');
+$trust_unknown_referers = 1;
&init_config();
+if (&get_product_name() eq 'usermin') {
+ &switch_to_remote_user();
+ }
%access = &get_module_acl();
# Work out root directory
+local @uinfo = getpwnam($remote_user);
if (!$access{'root'}) {
- local @uinfo = getpwnam($remote_user);
$rootdir = $uinfo[7] ? $uinfo[7] : "/";
}
else {
$rootdir = $access{'root'};
+ $rootdir =~ s/^\~/$uinfo[7]/;
}
# Switch to correct Unix user
$fileunix = $access{'fileunix'} || $remote_user;
@uinfo = getpwnam($fileunix);
if (@uinfo) {
- ($(, $)) = ( $uinfo[3],
- "$uinfo[3] ".join(" ", $uinfo[3],
- &other_groups($uinfo[0])) );
- ($>, $<) = ( $uinfo[2], $uinfo[2] );
+ &switch_to_unix_user(\@uinfo);
}
}
}
# Work out the top allowed dir
$topdir = $rootdir eq "/" || $rootdir eq "c:" ? $rootdir :
$access{'otherdirs'} ? "/" : $rootdir;
+$uchroot = &urlize($in{'chroot'});
+$utype = &urlize($in{'type'});
+$ufile = &urlize($in{'file'});
if ($in{'frame'} == 0) {
# base frame
}
print "<frameset rows='*,50'>\n";
print "<frame marginwidth=5 marginheight=5 name=topframe ",
- "src=\"chooser.cgi?frame=1&file=".&urlize($in{'file'}).
- "&chroot=".&urlize($in{'chroot'}).
- "&type=".&urlize($in{'type'})."&add=$add\">\n";
+ "src=\"chooser.cgi?frame=1&file=".$ufile.
+ "&chroot=".$uchroot."&type=".$utype."&add=$add\">\n";
print "<frame marginwidth=0 marginheight=0 name=bottomframe ",
- "src=\"chooser.cgi?frame=2&file=".&urlize($in{'file'}).
- "&chroot=".&urlize($in{'chroot'}).
- "&type=".&urlize($in{'type'})."&add=$add\" scrolling=no>\n";
+ "src=\"chooser.cgi?frame=2&file=".$ufile.
+ "&chroot=".$uchroot."&type=".$utype."&add=$add\" scrolling=no>\n";
print "</frameset>\n";
}
elsif ($in{'frame'} == 1) {
// Double-click! Enter directory or select file
if (d) {
// Enter this directory
- location = "chooser.cgi?frame=1&add=$add&chroot=$in{'chroot'}&type=$in{'type'}&file="+f+"/";
+ location = "chooser.cgi?frame=1&add=$add&chroot=$uchroot&type=$utype&file="+f+"/";
}
else {
// Select this file and close the window
function parentdir(p)
{
top.frames[1].document.forms[0].elements[1].value = p;
-location = "chooser.cgi?frame=1&chroot=$in{'chroot'}&type=$in{'type'}&file="+p;
+location = "chooser.cgi?frame=1&chroot=$uchroot&type=$utype&file="+p;
}
</script>
EOF
print "<b>",&text('chooser_dir', &html_escape($dir)),"</b>\n";
opendir(DIR, $in{'chroot'}.$dir) ||
&popup_error(&text('chooser_eopen', "$!"));
- print "<table width=100%>\n";
+ print &ui_columns_start(undef, 100);
foreach $f (sort { $a cmp $b } readdir(DIR)) {
$path = "$in{'chroot'}$dir$f";
if ($f eq ".") { next; }
if (!(-d $path) && $in{'type'} == 1) { next; }
@st = stat($path);
- print "<tr>\n";
$isdir = 0; undef($icon);
if (-d $path) { $icon = "dir.gif"; $isdir = 1; }
elsif ($path =~ /\.([^\.\/]+)$/) { $icon = $icon_map{$1}; }
if ($f eq "..") {
$dir =~ /^(.*\/)[^\/]+\/$/;
- $link = "<a href=\"\" onClick='parentdir(\"".&html_escape(quotemeta($1))."\"); return false'>";
+ $link = "<a href=\"\" onClick='parentdir(\""."e_escape($1)."\"); return false'>";
}
else {
- $link = "<a href=\"\" onClick='fileclick(\"".&html_escape(quotemeta("$dir$f"))."\", $isdir); return false'>";
+ $link = "<a href=\"\" onClick='fileclick(\""."e_escape("$dir$f")."\", $isdir); return false'>";
}
- print "<td>$link<img border=0 src=/images/$icon></a></td>\n";
- print "<td nowrap>$link".&html_escape($f)."</a></td>\n";
- printf "<td nowrap>%s</td>\n",
- $st[7] > 1000000 ? int($st[7]/1000000)." MB" :
- $st[7] > 1000 ? int($st[7]/1000)." kB" :
- $st[7];
+ local @cols;
+ push(@cols, "$link<img border=0 src=$gconfig{'webprefix'}/images/$icon></a>");
+ push(@cols, "$link".&html_escape($f)."</a>");
+ push(@cols, &nice_size($st[7]));
@tm = localtime($st[9]);
- printf "<td nowrap><tt>%.2d/%s/%.4d</tt></td>\n",
- $tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900;
- printf "<td nowrap><tt>%.2d:%.2d</tt></td>\n", $tm[2], $tm[1];
- print "</tr>\n";
+ push(@cols, sprintf "<tt>%.2d/%s/%.4d</tt>",
+ $tm[3], $text{'smonth_'.($tm[4]+1)}, $tm[5]+1900);
+ push(@cols, sprintf "<tt>%.2d:%.2d</tt>", $tm[2], $tm[1]);
+ print &ui_columns_row(\@cols);
}
closedir(DIR);
- print "</table>\n";
+ print &ui_columns_end();
&popup_footer();
}
elsif ($in{'frame'} == 2) {
}
</script>
EOF
- print "<table>\n";
- print "<form onSubmit='filechosen(); return false'>\n";
- print "<tr><td><input type=submit value=\"$text{'chooser_ok'}\"></td>\n";
- print "<td><input name=path size=45 value=\"$dir$file\"></td></tr>\n";
- print "</form>\n";
- print "</table>\n";
+ print &ui_form_start(undef, undef, undef,
+ "onSubmit='filechosen(); return false'");
+ print &ui_table_start(undef, "width=100%", 2);
+ print &ui_table_row(undef,
+ &ui_submit($text{'chooser_ok'})." ".
+ &ui_textbox("path", $dir.$file, 45, 0, undef,
+ "style='width:90%'"), 2);
+ print &ui_table_end();
+ print &ui_form_end();
&popup_footer();
}