sub gen_srcdump_link_html ($$$$) {
my ($c,$r,$anchor,$specval) = @_;
my %params = ($r->{S}{srcdump_param_name} => [ $specval ]);
- return '<a href="'.escapeHTML($r->url_with_query_params(\%params)).'">'.
- $anchor."</a>";
+ return '<a href="'.
+ escapeHTML($r->url_with_query_params(\%params,'SRCDUMP')).
+ '">'.$anchor."</a>";
}
sub gen_plain_licence_link_html ($$) {
my ($c,$r) = @_;
}
#print STDERR "VCS $item $upwards $try GO\n";
$try =~ m/\w+/ or die;
- return $v->_ch(('srcdump_byvcs_'.lc $&),
- $dumpdir, $upwards, $outfn);
+ return $v->_ch('srcdump_byvcs', $dumpdir, $upwards, $outfn, lc $&);
}
$upwards =~ s#/*[^/]+$##;
}
}
}
-sub srcdump_byvcs_git ($$$$$) {
- my ($c, $v, $dumpdir, $dir, $outfn) = @_;
+sub srcdump_byvcs ($$$$$$) {
+ my ($c, $v, $dumpdir, $dir, $outfn, $vcs) = @_;
#print STDERR "BYVCS GIT $dir\n";
- return srcdump_dir_cpio($c,$v,$dumpdir,$dir,$outfn,'git',"
- git ls-files -z
- git ls-files -z --others --exclude-from=.gitignore
- find .git -print0
- ");
+ return srcdump_dir_cpio($c,$v,$dumpdir,$dir,$outfn,$vcs,
+ $v->{S}{"srcdump_vcsscript_$vcs"});
}
sub srcdump_file ($$$$) {
die $!;
}
$!=0; (waitpid $pid, 0) == $pid or die "$!";
- die "$dir ($script) $outfile $?" if $?;
+ die "$dir ($how $script) $outfile $?" if $?;
}
sub srcdump_dirscan_prepare ($$) {
$dirsdone{$item}++;
}
close $reportfh or die $!;
+ srcdump_install($c,$v, $dumpdir, 'licence', 'text/plain');
$!=0;
my @cmd = (qw(tar -zvvcf), "$dumpdir/source.tmp",
"-C", $dumpdir, qw( --), @srcfiles);
die "tar failed";
}
die "licence file not found" unless defined $needlicence;
- srcdump_install($c,$v, $dumpdir, 'licence', 'text/plain');
srcdump_install($c,$v, $dumpdir, 'source', 'application/octet-stream');
close $lockf or die $!;
}
$_[2] =~ m#^/etc/|^/usr/(?!local/)(?!lib/cgi)#;
},
srcdump_process_item => \&srcdump_process_item,
- srcdump_vcs_dirs => [qw(.git .hg .svn CVS)],
- srcdump_byvcs_git => \&srcdump_byvcs_git,
- srcdump_byvcs_hg => \&srcdump_byvcs_hg,
- srcdump_byvcs_svn => \&srcdump_byvcs_svn,
- srcdump_byvcs_cvs => \&srcdump_byvcs_cvs,
+ srcdump_vcs_dirs => [qw(.git .hg .bzr .svn CVS)],
+ srcdump_vcsscript_git => "
+ git ls-files -z
+ git ls-files -z --others --exclude-from=.gitignore
+ find .git -print0
+ ",
+ srcdump_vcsscript_hg => "false hg",
+ srcdump_vcsscript_bzr => "false bzr",
+ srcdump_vcsscript_svn => "false svn",
+ srcdump_vcsscript_cvs => "false cvs",
+ srcdump_byvcs => \&srcdump_byvcs,
srcdump_novcs => \&srcdump_novcs,
srcdump_excludes => [qw(*~ *.bak *.tmp), '#*#'],
dump => \&dump_plain,
};
my ($k,$v);
while (($k,$v,@_) = @_) {
- die "unknown setting $k" unless exists $verifier->{S}{$k};
+ die "unknown setting $k" unless
+ $k =~ m/^promise_/ or
+ exists $verifier->{S}{$k};
$verifier->{S}{$k} = $v;
}
bless $verifier, $class;
# pages/param-sets are
# n normal non-mutating page
-# r retrieval of information for JS, non-mutating
+# r retrieval of information for JS etc., non-mutating
# m mutating page
-# u update of information by JS, mutating
+# u update of information by JS etc., mutating
# i login
# o logout
# O "you have just logged out" page load
die unless $parmt eq 'y';
die unless $cookh eq $parmh;
}
+ $r->{ParmT} = $parmt;
$r->{AssocSecret} = $cooks;
$r->{UserOK} = $cooku;
#print STDERR "C-D-C OK\n";
return $r->{UserOK};
}
-sub url_with_query_params ($$) {
- my ($r, $params) = @_;
+sub url_with_query_params ($$;$) {
+ my ($r, $params, $nonpagetype) = @_;
#print STDERR "PARAMS ",Dumper($params);
my $uri = URI->new($r->_ch('get_url'));
$uri->path($uri->path() . $params->{''}[0]) if $params->{''};
- $uri->query_form(flatten_params($params));
+ my @flatparams = flatten_params($params);
+ if (defined $nonpagetype
+ && $r->nonpage_get_needs_secret_hidden($nonpagetype)) {
+ push @flatparams, $r->{S}{assoc_param_name}, $r->secret_hidden_val();
+ }
+ $uri->query_form(@flatparams);
return $uri->as_string();
}
return $r->_is_post();
}
+our %_resource_get_needs_secret_hidden =
+ (map { $_ => 0 } qw(PAGE FRAME IFRAME SRCDUMP STYLESHEET FAVICON ROBOTS),
+ map { $_ => 1 } qw(IMAGE SCRIPT AJAX-XML AJAX-JSON AJAX-OTHER));
+
+die todo make so can add new ones;
+
+sub need_add_hidden ($$) {
+ my ($r, $method, $reqtype) = @_;
+ return 1 if $method ne 'GET';
+ my $ent = $_resource_get_needs_secret_hidden{$reqtype};
+ die "unsupported nonpage GET type $reqtype" unless defined $ent;
+ return $ent;
+}
+
+sub check_nonpage ($$) {
+ my ($r, $reqtype) = @_;
+ $r->_assert_checked();
+ return unless $r->resource_get_needs_secret_hidden($nonpagetype);
+ return if $r->{ParmT};
+ die "missing hidden secret parameter on nonpage request $nonpagetype";
+}
+
#---------- output ----------
sub secret_cookie_val ($) {
}
1;
-
-__END__
-
-=head1 NAME
-
-CGI::Auth::Flexible - web authentication optionally using cookies
-
-=head1 SYNOPSYS - STARTUP
-
- my $verifier = CGI::Auth::Flexible->new_verifier(setting => value,...);
- my $authreq = $verifier->new_request($cgi_request_object);
-
-=head1 SYNOPSYS - SIMPLE APPLICATIONS
-
- $authreq->check_ok() or return;
- ...
- $authreq->check_mutate();
- ...
-
-=head1 SYNOPSIS - SOPHISTICATED APPLICATIONS
-
- my $divert_kind = $authreq->check_divert();
- if ($divert_kind) { ... print diversion page and quit ... }
- ...
- $authreq->check_mutate();
- ...
-
-=head1 DESCRIPTION
-
-CGI::Auth::Flexible is a
~ian / cgi-auth-flexible.git / blobdiff