| 1 |
<?PHP |
|---|
| 2 |
/* |
|---|
| 3 |
* Copyright (c) 2006 Gregor Richards |
|---|
| 4 |
* |
|---|
| 5 |
* Permission is hereby granted, free of charge, to any person obtaining a |
|---|
| 6 |
* copy of this software and associated documentation files (the "Software"), |
|---|
| 7 |
* to deal in the Software without restriction, including without limitation |
|---|
| 8 |
* the rights to use, copy, modify, merge, publish, distribute, sublicense, |
|---|
| 9 |
* and/or sell copies of the Software, and to permit persons to whom the |
|---|
| 10 |
* Software is furnished to do so, subject to the following conditions: |
|---|
| 11 |
* |
|---|
| 12 |
* The above copyright notice and this permission notice shall be included in |
|---|
| 13 |
* all copies or substantial portions of the Software. |
|---|
| 14 |
* |
|---|
| 15 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|---|
| 16 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|---|
| 17 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|---|
| 18 |
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|---|
| 19 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
|---|
| 20 |
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
|---|
| 21 |
* DEALINGS IN THE SOFTWARE. |
|---|
| 22 |
*/ |
|---|
| 23 |
|
|---|
| 24 |
require("chkpw.php"); |
|---|
| 25 |
require("config.php"); |
|---|
| 26 |
validate(); |
|---|
| 27 |
|
|---|
| 28 |
// pkg must be set |
|---|
| 29 |
if (!isset($_POST['pkg'])) die("Package name not set."); |
|---|
| 30 |
|
|---|
| 31 |
// and the user must have the proper privileges |
|---|
| 32 |
if (!isset($privileges[$_COOKIE['DSSS_SMI_UN']]) || |
|---|
| 33 |
!in_array($_POST['pkg'], $privileges[$_COOKIE['DSSS_SMI_UN']])) |
|---|
| 34 |
die("You do not have permission to edit that package."); |
|---|
| 35 |
|
|---|
| 36 |
// store the package filename |
|---|
| 37 |
$pkgfname = "sources/" . $_POST['pkg']; |
|---|
| 38 |
|
|---|
| 39 |
if (!isset($_POST['s'])) { |
|---|
| 40 |
// not yet changed, show the current data |
|---|
| 41 |
?> |
|---|
| 42 |
<HTML><head><title>DSSS Source Management Interface - Edit</title></head><body> |
|---|
| 43 |
<h2>Editing <?PHP print $_POST['pkg']; ?></h2> |
|---|
| 44 |
<form action='edit.php' method='post'> |
|---|
| 45 |
<input type='hidden' name='s' value='1'> |
|---|
| 46 |
<?PHP |
|---|
| 47 |
print "<input type='hidden' name='pkg' value='" . $_POST['pkg'] . "'>\n"; |
|---|
| 48 |
?> |
|---|
| 49 |
|
|---|
| 50 |
<pre> |
|---|
| 51 |
<?PHP |
|---|
| 52 |
if ($_POST['pkg'] == "privileges") { |
|---|
| 53 |
print "Registered users:\n"; |
|---|
| 54 |
foreach (array_keys($pws) as $nam) { |
|---|
| 55 |
print "$nam\n"; |
|---|
| 56 |
} |
|---|
| 57 |
} else { |
|---|
| 58 |
?> |
|---|
| 59 |
Format: name protocol/format source [patch] |
|---|
| 60 |
svn: |
|---|
| 61 |
<name> svn <repo path> |
|---|
| 62 |
zip/tgz/bz2: |
|---|
| 63 |
<name> <format> <url> |
|---|
| 64 |
patch format (not useful in the general case): |
|---|
| 65 |
patchfile |
|---|
| 66 |
or |
|---|
| 67 |
directory:patchfile |
|---|
| 68 |
<?PHP } ?> |
|---|
| 69 |
</pre><br> |
|---|
| 70 |
<textarea name='cont' rows=10 cols=120><?PHP |
|---|
| 71 |
if (file_exists($pkgfname)) { |
|---|
| 72 |
readfile($pkgfname); |
|---|
| 73 |
} |
|---|
| 74 |
?></textarea><br> |
|---|
| 75 |
|
|---|
| 76 |
<input type='submit' value='Submit changes'> |
|---|
| 77 |
</form> |
|---|
| 78 |
</body></HTML> |
|---|
| 79 |
<?PHP |
|---|
| 80 |
|
|---|
| 81 |
} else { |
|---|
| 82 |
// submitted (not yet fully implemented) |
|---|
| 83 |
|
|---|
| 84 |
// 1) sanity |
|---|
| 85 |
if (!isset($_POST['cont'])) die("No content submitted"); |
|---|
| 86 |
|
|---|
| 87 |
// 2) sanitize input data |
|---|
| 88 |
$indat = str_replace("\r", "", $_POST['cont']); |
|---|
| 89 |
$indat = stripslashes(stripslashes($indat)); |
|---|
| 90 |
$indat = escapeshellcmd($indat); |
|---|
| 91 |
$indat = str_replace("\\\n", "\n", $indat); |
|---|
| 92 |
$indat = str_replace("\\#", "#", $indat); |
|---|
| 93 |
|
|---|
| 94 |
$inlines = explode("\n", $indat); |
|---|
| 95 |
foreach ($inlines as $line) { |
|---|
| 96 |
if (substr($line, 0, 1) == "#") continue; |
|---|
| 97 |
if ($line == "") continue; |
|---|
| 98 |
|
|---|
| 99 |
// special packages 'other' and 'privileges' are OK for any data |
|---|
| 100 |
if ($_POST['pkg'] == "other" || |
|---|
| 101 |
$_POST['pkg'] == "privileges") { |
|---|
| 102 |
continue; |
|---|
| 103 |
} |
|---|
| 104 |
|
|---|
| 105 |
// check for invalid package name |
|---|
| 106 |
$elems = explode(" ", $line); |
|---|
| 107 |
if (!preg_match("/" . $_POST['pkg'] . ".*/", $elems[0])) { |
|---|
| 108 |
die("Line '$line' is invalid, does not correspond to the tool you're editing"); |
|---|
| 109 |
} |
|---|
| 110 |
} |
|---|
| 111 |
|
|---|
| 112 |
// 3) Write out the new data |
|---|
| 113 |
$handle = fopen($pkgfname, "w"); |
|---|
| 114 |
if ($handle === false) die("Failed to output new data!"); |
|---|
| 115 |
|
|---|
| 116 |
fwrite($handle, $indat); |
|---|
| 117 |
fclose($handle); |
|---|
| 118 |
|
|---|
| 119 |
// 3) Update the sources |
|---|
| 120 |
system($dsss_home . "/updateSources " . getcwd() . "/sources " . $_POST['pkg']); |
|---|
| 121 |
|
|---|
| 122 |
?> |
|---|
| 123 |
<HTML><head><title>DSSS Source Management Interface - Edit</title></head><body> |
|---|
| 124 |
Package updated, mirroring in progress. <a href='menu.php'>Return to the menu.</a> |
|---|
| 125 |
</body></HTML> |
|---|
| 126 |
<?PHP |
|---|
| 127 |
} |
|---|
| 128 |
?> |
|---|
