]> git.ipfire.org Git - people/stevee/ipfire-2.x.git/blame - html/cgi-bin/pakfire.cgi
projects / people / stevee / ipfire-2.x.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
pakfire.cgi: Check user given package list for invalid characters.
[people/stevee/ipfire-2.x.git] / html / cgi-bin / pakfire.cgi
CommitLineData
3ea75603 1#!/usr/bin/perl
70df8302
MT		 2###############################################################################
3# #
4# IPFire.org - A linux based firewall #
324bb888 5# Copyright (C) 2007-2011 Michael Tremer & Christian Schmidt #
70df8302
MT		 6# #
7# This program is free software: you can redistribute it and/or modify #
8# it under the terms of the GNU General Public License as published by #
9# the Free Software Foundation, either version 3 of the License, or #
10# (at your option) any later version. #
11# #
12# This program is distributed in the hope that it will be useful, #
13# but WITHOUT ANY WARRANTY; without even the implied warranty of #
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15# GNU General Public License for more details. #
16# #
17# You should have received a copy of the GNU General Public License #
18# along with this program. If not, see <http://www.gnu.org/licenses/>. #
19# #
20###############################################################################
3ea75603
MT		 21
22use strict;
23
24# enable only the following on debugging purpose
cb5e9c6c
CS		 25#use warnings;
26#use CGI::Carp 'fatalsToBrowser';
3ea75603 27
986e08d9 28require '/var/ipfire/general-functions.pl';
3ea75603
MT		 29require "${General::swroot}/lang.pl";
30require "${General::swroot}/header.pl";
1bd42c89 31require "/opt/pakfire/lib/functions.pl";
3ea75603 32
131f163c 33my %cgiparams=();
3ea75603 34my $errormessage = '';
cb5e9c6c 35my %color = ();
131f163c 36my %pakfiresettings = ();
cb5e9c6c 37my %mainsettings = ();
3ea75603
MT		 38
39&Header::showhttpheaders();
40
131f163c
MT		 41$cgiparams{'ACTION'} = '';
42$cgiparams{'VALID'} = '';
3ea75603 43
131f163c
MT		 44$cgiparams{'INSPAKS'} = '';
45$cgiparams{'DELPAKS'} = '';
3ea75603 46
5595bc03
CS		 47sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'pagerefresh'}</font></center>";&Header::closebox();}
48
131f163c 49&Header::getcgihash(\%cgiparams);
d40aff35 50
cb5e9c6c 51&General::readhash("${General::swroot}/main/settings", \%mainsettings);
8186b372 52&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
3ea75603 53
1bd42c89
MT		 54&Header::openpage($Lang::tr{'pakfire configuration'}, 1);
55&Header::openbigbox('100%', 'left', '', $errormessage);
3ea75603 56
d06b0ef1 57
131f163c
MT		 58if ($cgiparams{'ACTION'} eq 'install'){
59 $cgiparams{'INSPAKS'} =~ s/\|/\ /g;
60 if ("$cgiparams{'FORCE'}" eq "on") {
d06b0ef1
SS		 61 # Check for invalid package names.
62 if (&check_input($cgiparams{'INSPAKS'})) {
63 # Assign error message.
64 $errormessage = "$Lang::tr{'pakfire invalid characters in package list'}";
65 } else {
66 my $command = "/usr/local/bin/pakfire install --non-interactive --no-colors $cgiparams{'INSPAKS'} &>/dev/null &";
67 system("$command");
68 system("/bin/sleep 1");
69 }
5b2a12ff 70 } else {
40228ef4 71 &Header::openbox("100%", "center", $Lang::tr{'request'});
131f163c 72 my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'INSPAKS'}`;
5b2a12ff 73 print <<END;
131f163c 74 <table><tr><td colspan='2'>$Lang::tr{'pakfire install package'}.$cgiparams{'INSPAKS'}.$Lang::tr{'pakfire possible dependency'}
fee5c6b7 75 <pre>
5b2a12ff
MT		 76END
77 foreach (@output) {
fee5c6b7 78 $_ =~ s/\\e\[[0-1]\;[0-9]+m//g;
5b2a12ff
MT		 79 print "$_\n";
80 }
81 print <<END;
82 </pre>
bac7231b 83 <tr><td colspan='2'>$Lang::tr{'pakfire accept all'}
5b2a12ff
MT		 84 <tr><td colspan='2'>&nbsp;
85 <tr><td align='right'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
131f163c 86 <input type='hidden' name='INSPAKS' value='$cgiparams{'INSPAKS'}' />
5b2a12ff
MT		 87 <input type='hidden' name='FORCE' value='on' />
88 <input type='hidden' name='ACTION' value='install' />
f8aa0679 89 <input type='image' alt='$Lang::tr{'install'}' title='$Lang::tr{'install'}' src='/images/go-next.png' />
5b2a12ff
MT		 90 </form>
91 <td align='left'>
92 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
93 <input type='hidden' name='ACTION' value='' />
f8aa0679 94 <input type='image' alt='$Lang::tr{'abort'}' title='$Lang::tr{'abort'}' src='/images/dialog-error.png' />
5b2a12ff
MT		 95 </form>
96 </table>
97END
98 &Header::closebox();
99 &Header::closebigbox();
100 &Header::closepage();
101 exit;
102 }
131f163c 103} elsif ($cgiparams{'ACTION'} eq 'remove') {
131f163c
MT		 104 $cgiparams{'DELPAKS'} =~ s/\|/\ /g;
105 if ("$cgiparams{'FORCE'}" eq "on") {
d06b0ef1
SS		 106 # Check for invalid package names.
107 if (&check_input($cgiparams{'DELPAKS'})) {
108 # Assign error message.
109 $errormessage = "$Lang::tr{'pakfire invalid characters in package list'}";
110 } else {
111 my $command = "/usr/local/bin/pakfire remove --non-interactive --no-colors $cgiparams{'DELPAKS'} &>/dev/null &";
112 system("$command");
113 system("/bin/sleep 1");
114 }
74693811 115 } else {
40228ef4 116 &Header::openbox("100%", "center", $Lang::tr{'request'});
131f163c 117 my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'DELPAKS'}`;
74693811 118 print <<END;
131f163c 119 <table><tr><td colspan='2'>$Lang::tr{'pakfire uninstall package'}.$cgiparams{'DELPAKS'}.$Lang::tr{'pakfire possible dependency'}
fee5c6b7 120 <pre>
74693811
CS		 121END
122 foreach (@output) {
fee5c6b7 123 $_ =~ s/\\e\[[0-1]\;[0-9]+m//g;
74693811
CS		 124 print "$_\n";
125 }
126 print <<END;
127 </pre>
c8915626 128 <tr><td colspan='2'>$Lang::tr{'pakfire uninstall all'}
74693811
CS		 129 <tr><td colspan='2'>&nbsp;
130 <tr><td align='right'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
131f163c 131 <input type='hidden' name='DELPAKS' value='$cgiparams{'DELPAKS'}' />
74693811
CS		 132 <input type='hidden' name='FORCE' value='on' />
133 <input type='hidden' name='ACTION' value='remove' />
f8aa0679 134 <input type='image' alt='$Lang::tr{'uninstall'}' title='$Lang::tr{'uninstall'}' src='/images/go-next.png' />
74693811
CS		 135 </form>
136 <td align='left'>
137 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
138 <input type='hidden' name='ACTION' value='' />
f8aa0679 139 <input type='image' alt='$Lang::tr{'abort'}' title='$Lang::tr{'abort'}' src='/images/dialog-error.png' />
74693811
CS		 140 </form>
141 </table>
142END
143 &Header::closebox();
144 &Header::closebigbox();
145 &Header::closepage();
146 exit;
147 }
148
131f163c 149} elsif ($cgiparams{'ACTION'} eq 'update') {
fee5c6b7 150
28593a79 151 system("/usr/local/bin/pakfire update --force --no-colors &>/dev/null &");
25dea62a 152 system("/bin/sleep 1");
131f163c 153} elsif ($cgiparams{'ACTION'} eq 'upgrade') {
28593a79 154 my $command = "/usr/local/bin/pakfire upgrade -y --no-colors &>/dev/null &";
c506cad0 155 system("$command");
25dea62a 156 system("/bin/sleep 1");
131f163c 157} elsif ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
f61be862
MT		 158 $pakfiresettings{"TREE"} = $cgiparams{"TREE"};
159
160 # Check for valid input
161 if ($pakfiresettings{"TREE"} !~ m/^(stable|testing|unstable)$/) {
162 $errormessage .= $Lang::tr{'pakfire invalid tree'};
163 }
164
165 unless ($errormessage) {
166 &General::writehash("${General::swroot}/pakfire/settings", \%pakfiresettings);
167
168 # Update lists
169 system("/usr/local/bin/pakfire update --force --no-colors &>/dev/null &");
170 }
3ea75603
MT		 171}
172
173&General::readhash("${General::swroot}/pakfire/settings", \%pakfiresettings);
174
3ea75603
MT		 175my %selected=();
176my %checked=();
177
f61be862
MT		 178$selected{"TREE"} = ();
179$selected{"TREE"}{"stable"} = "";
180$selected{"TREE"}{"testing"} = "";
181$selected{"TREE"}{"unstable"} = "";
182$selected{"TREE"}{$pakfiresettings{"TREE"}} = "selected";
183
3ea75603
MT		 184# DPC move error message to top so it is seen!
185if ($errormessage) {
186 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
187 print "<font class='base'>$errormessage&nbsp;</font>\n";
188 &Header::closebox();
5b2a12ff
MT		 189}
190
186e3d2c
MT		 191my $return = `pidof pakfire`;
192chomp($return);
193if ($return) {
ca4c317c 194 &Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='10;'>" );
5b2a12ff
MT		 195 print <<END;
196 <table>
197 <tr><td>
6666b93d 198 <img src='/images/indicator.gif' alt='$Lang::tr{'active'}' title='$Lang::tr{'active'}' />&nbsp;
5b2a12ff 199 <td>
bac7231b 200 $Lang::tr{'pakfire working'}
5b2a12ff
MT		 201 <tr><td colspan='2' align='center'>
202 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
f8aa0679 203 <input type='image' alt='$Lang::tr{'reload'}' title='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
5b2a12ff 204 </form>
212fd689 205 <tr><td colspan='2' align='left'><code>
186e3d2c 206END
28593a79 207 my @output = `grep pakfire /var/log/messages | tail -20`;
750c1528 208 foreach (@output) {
212fd689 209 print "$_<br>";
750c1528
MT		 210 }
211 print <<END;
212fd689 212 </code>
750c1528 213 </table>
5b2a12ff
MT		 214END
215 &Header::closebox();
216 &Header::closebigbox();
217 &Header::closepage();
218 exit;
28593a79 219 refreshpage();
5b2a12ff 220}
3ea75603 221
91a08eac 222my $core_release = `cat /opt/pakfire/db/core/mine 2>/dev/null`;
377560fb
MT		 223chomp($core_release);
224my $core_update_age = &General::age("/opt/pakfire/db/core/mine");
225my $corelist_update_age = &General::age("/opt/pakfire/db/lists/core-list.db");
226my $server_update_age = &General::age("/opt/pakfire/db/lists/server-list.db");
227my $packages_update_age = &General::age("/opt/pakfire/db/lists/packages_list.db");
228
1bd42c89
MT		 229&Header::openbox("100%", "center", "Pakfire");
230
231print <<END;
6666b93d 232 <table width='95%' cellpadding='5'>
337305ef 233END
324bb888 234if ( -e "/var/run/need_reboot") {
337305ef
JPT		 235 print "<tr><td align='center' colspan='2'><font color='red'>$Lang::tr{'needreboot'}!</font></td></tr>";
236 print "<tr><td colspan='2'>&nbsp;</font></td></tr>"
237}
238print <<END;
c5d106c1 239 <tr><td width="50%" bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire system state'}:</b>
6666b93d
MF		 240
241 <td width="50%" bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'available updates'}:</b></tr>
242
c5d106c1 243 <tr><td align="center">$Lang::tr{'pakfire core update level'}: $core_release<hr />
1e908471
JPT		 244 $Lang::tr{'pakfire last update'} $core_update_age $Lang::tr{'pakfire ago'}<br />
245 $Lang::tr{'pakfire last serverlist update'} $server_update_age $Lang::tr{'pakfire ago'}<br />
246 $Lang::tr{'pakfire last core list update'} $corelist_update_age $Lang::tr{'pakfire ago'}<br />
247 $Lang::tr{'pakfire last package update'} $packages_update_age $Lang::tr{'pakfire ago'}
377560fb 248 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
6666b93d 249 <input type='hidden' name='ACTION' value='update' /><br />
1dd22be2 250 <input type='submit' value='$Lang::tr{'calamaris refresh list'}' /><br />
377560fb 251 </form>
6666b93d 252<br />
377560fb 253 <td align="center">
6666b93d 254 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
377560fb
MT		 255 <select name="UPDPAKS" size="5" disabled>
256END
257 &Pakfire::dblist("upgrade", "forweb");
258 print <<END;
259 </select>
260 <br />
261 <input type='hidden' name='ACTION' value='upgrade' />
f8aa0679 262 <input type='image' alt='$Lang::tr{'upgrade'}' title='$Lang::tr{'upgrade'}' src='/images/document-save.png' />
377560fb 263 </form>
fee5c6b7 264
377560fb
MT		 265 <tr><td colspan="2"><!-- Just an empty line -->&nbsp;
266 <tr><td bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire available addons'}</b>
267 <td bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire installed addons'}</b>
6666b93d 268 <tr><td style="padding:5px 10px 20px 20px" align="center">
5d22ef4e 269 <p>$Lang::tr{'pakfire install description'}</p>
fee5c6b7 270 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
1bd42c89
MT		 271 <select name="INSPAKS" size="10" multiple>
272END
273 &Pakfire::dblist("notinstalled", "forweb");
fee5c6b7 274
1bd42c89
MT		 275print <<END;
276 </select>
377560fb 277 <br />
1bd42c89 278 <input type='hidden' name='ACTION' value='install' />
f8aa0679 279 <input type='image' alt='$Lang::tr{'install'}' title='$Lang::tr{'install'}' src='/images/list-add.png' />
1bd42c89 280 </form>
377560fb 281
6666b93d 282 <td style="padding:5px 10px 20px 20px" align="center">
5d22ef4e 283 <p>$Lang::tr{'pakfire uninstall description'}</p>
377560fb 284 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
1bd42c89 285 <select name="DELPAKS" size="10" multiple>
957363eb 286END
5b2a12ff
MT		 287
288 &Pakfire::dblist("installed", "forweb");
289
290print <<END;
377560fb
MT		 291 </select>
292 <br />
293 <input type='hidden' name='ACTION' value='remove' />
f8aa0679 294 <input type='image' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' src='/images/list-remove.png' />
377560fb
MT		 295 </form>
296 </table>
4b122800
MT		 297END
298
f61be862
MT		 299&Header::closebox();
300&Header::openbox("100%", "center", "$Lang::tr{'settings'}");
301
302print <<END;
303 <form method='POST' action='$ENV{'SCRIPT_NAME'}'>
304 <table width='95%'>
305 <tr>
306 <td align='left' width='45%'>$Lang::tr{'pakfire tree'}</td>
307 <td width="55%" align="left">
308 <select name="TREE">
309 <option value="stable" $selected{"TREE"}{"stable"}>$Lang::tr{'pakfire tree stable'}</option>
310 <option value="testing" $selected{"TREE"}{"testing"}>$Lang::tr{'pakfire tree testing'}</option>
311 <option value="unstable" $selected{"TREE"}{"unstable"}>$Lang::tr{'pakfire tree unstable'}</option>
312 </select>
313 </td>
314 </tr>
315 <tr>
316 <td colspan="2">&nbsp;</td>
317 </tr>
318 <tr>
319 <td colspan="2" align="center">
320 <input type="submit" name="ACTION" value="$Lang::tr{'save'}" />
321 </td>
322 </tr>
323 </table>
324 </form>
325END
326
3ea75603 327&Header::closebox();
3ea75603 328&Header::closebigbox();
3ea75603 329&Header::closepage();
d06b0ef1
SS		 330
331#
332## Function to check a given package list for invalid characters.
333#
334## Valid characters are a-z, A-Z, - and and the underscrore.
335## In case an invalid character will be detected, the function will return true.
336#
337sub check_input (@) {
338 my (@packages) = @_;
339
340 # Loop through the array of given pakages.
341 foreach my $name (@packages) {
342 # Check if it contains any unallowed charackters.
343 unless ($name =~ /^[\w-]+$/) {
344 # An unallowed character has been detected. Return "1" - True.
345 return 1;
346 }
347 }
348}
Stefan's tree of IPFire 2.x.