File Coverage

blib/lib/LibWeb/CGI.pm

Criterion	Covered	Total	%
statement	16	51	31.3
branch	3	18	16.6
condition	1	11	9.0
subroutine	3	11	27.2
pod	3	8	37.5
total	26	99	26.2

line	stmt	bran	cond	sub	pod	time	code
1							#==============================================================================
2							# LibWeb::CGI -- Extra cgi supports for libweb applications.
3
4							package LibWeb::CGI;
5
6							# Copyright (C) 2000 Colin Kong
7							#
8							# This program is free software; you can redistribute it and/or
9							# modify it under the terms of the GNU General Public License
10							# as published by the Free Software Foundation; either version 2
11							# of the License, or (at your option) any later version.
12							#
13							# This program is distributed in the hope that it will be useful,
14							# but WITHOUT ANY WARRANTY; without even the implied warranty of
15							# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16							# GNU General Public License for more details.
17							#
18							# You should have received a copy of the GNU General Public License
19							# along with this program; if not, write to the Free Software
20							# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
21							#=============================================================================
22
23							# $Id: CGI.pm,v 1.4 2000/07/18 06:33:30 ckyc Exp $
24
25							#-#############################
26							# Use standard library.
27	1			1		1439	use strict;
	1					3
	1					48
28	1			1		6	use vars qw(@ISA $VERSION $AutoloadClass);
	1					2
	1					7888
29
30							#-#############################
31							# Use custom library.
32							require LibWeb::Class;
33							require LibWeb::Core;
34
35							$VERSION = '0.02';
36
37							#-#############################
38							# Inheritance.
39							# Require CGI.pm version > 2.66.
40							require CGI;
41							@ISA = qw( LibWeb::Class CGI );
42							# This variable tells CGI what type of default object to create when
43							# called in the function-oriented manner.
44							$CGI::DefaultClass = __PACKAGE__;
45							# This tells the CGI autoloader where to look for functions that are
46							# not defined. If you wish to override CGI's autoloader, set this to
47							# the name of your own package.
48							$AutoloadClass = 'CGI';
49							# Avoid denial of service attacks.
50							$CGI::POST_MAX = 1024 * 100; # Default: Max 100K posts.
51							$CGI::DISABLE_UPLOADS = 1; # Default: No uploads.
52
53							#-#############################
54							# Methods.
55							sub new {
56							#
57							# Params: [ -post_max=>, -disable_uploads=>, -auto_escape=> ]
58							#
59							# Pre:
60							# - -post_max is the ceiling on the size of POSTings, in bytes.
61							# The default for LibWeb::CGI is 100 Kilobytes.
62							# - -disable_uploads, if non-zero, will disable file uploads completely
63							# which is the default for LibWeb::CGI.
64							# - -auto_escape determines whether the text and labels that you provide
65							# for form elements are escaped according to HTML rules. Non-zero value
66							# will enable auto escape, and undef will disable auto escape (default
67							# for LibWeb::CGI).
68							#
69	1			1	1	773	my ($class, $Class, $self, $rc, $post_max, $disable_uploads, $auto_escape);
70	1					3	$class = shift;
71	1		33			11	$Class = ref($class) \|\| $class;
72
73	1					13	($rc, $post_max, $disable_uploads, $auto_escape) =
74							$Class->rearrange( ['RC', 'POST_MAX', 'DISABLE_UPLOADS', 'AUTO_ESCAPE'], @_ );
75
76							# Set up base class: CGI accordingly.
77	1	50				8	$CGI::POST_MAX = $post_max if defined($post_max);
78	1	50				3	$CGI::DISABLE_UPLOADS = $disable_uploads if defined($disable_uploads);
79
80							# Inherit instance variables from the base class.
81	1					7	$self = $Class->CGI::new();
82	1					5119	bless($self, $Class);
83
84							# This doesn't work. Some HTMLs still printed
85							# out as escaped. I don't know why.
86	1	50				18	($auto_escape) ? $self->autoEscape( $auto_escape ) :
87							$self->autoEscape( undef );
88
89							# Any necessary initialization.
90							#$self->_init($rc);
91
92							# Returns a reference to this object.
93	1					200	return $self;
94							}
95
96							#sub _init {
97							# #
98							# # Params: $rc
99							# #
100							# # Pre:
101							# # - $rc is absolute path to the rc file for LibWeb.
102							# #
103							# # Initialization whenever an object of this class is created.
104							# # Put site customizations here to override several CGI.pm's variables.
105							# #
106							# my ($self, $key, $value);
107							# $self = shift;
108
109							# # Instance variables for this class.
110							# $self->{__PACKAGE__.'.core'} = new LibWeb::Core(shift);
111
112							# # A work-around to inherit LibWeb.pm instance variables without doing MI.
113							# while ( ($key,$value) = each (%LibWeb::Core::RC) ) {
114							# $self->{__PACKAGE__.$key} = $value
115							# unless exists $self->{__PACKAGE__.$key};
116							# }
117							#}
118
119	0			0			sub DESTROY {}
120
121							sub header {
122	0			0	1		my $self = shift;
123							#$self->delete_all();
124							#$self->autoEscape(undef);
125	0	0					if (@_) { return $self->SUPER::header(@_); }
	0
126							else {
127	0		0				my $crlf = $LibWeb::Core::RC{CRLF} \|\| "\n\n";
128	0						return "Content-Type: text/html$crlf$crlf";
129							}
130							}
131
132							sub is_param_not_null {
133	0			0	0		my $self = shift;
134	0		0				return ( defined($_[0]) && ($_[0] ne "") && ($_[0] ne " ") );
135							}
136
137							sub parameter {
138							#
139							# Sample usage: $this->parameter(cgi_parameter).
140							#
141							# Pre:
142							# 1. cgi_parameter is the parameter passed by either `GET' or `POST'.
143							#
144							# Post:
145							# 1. If cgi_parameter is a mandatory form value (the ones without `.' as prefix
146							# in the parameter's name) and it is null, print an error message and abort
147							# the program.
148							# 2. Return the value of the parameter.
149							#
150	0			0	1		my ( $self, $key, $value, $param_is_not_null );
151	0						$self = shift;
152	0						$key = shift;
153	0						$value = $self->CGI::param($key);
154
155							# Check for denial of service attacks.
156							# CGI::cgi_error() is available since CGI 2.47.
157							# Where is CGI::cgi_error()?? It's supported pre CGI3, but seems to be
158							# disappeared in new release of CGI.pm 3.01 alpha (24/04/2000).
159							# Need to apply patch here if CGI version is < 2.47 or >= 3.01 alpha.
160	0						eval {
161	0	0	0				$self->fatal( -msg => 'Invalid post. Post too large.',
162							-alertMsg => "413 POST too large for CGI param: $key",
163							-helpMsg => $self->{HHTML}->post_too_large() )
164							if ( !$value && $self->cgi_error() );
165							};
166
167
168							# Check to see if mandatory cgi form values are non-null.
169	0						$param_is_not_null = $self->is_param_not_null($value);
170	0	0					unless ($key =~ m:^[.].*$:) {
171	0	0					unless ( $param_is_not_null ) {
172	0						$key =~ s:[_]+: :g;
173	0						$self->fatal(-msg => ucfirst($key)." not entered.",
174							-alertMsg => "$key not entered.",
175							-helpMsg => $LibWeb::Core::RC{HHTML}->hit_back_and_edit()
176							);
177							}
178							}
179
180							# Return undef for non-mandatory cgi parameter's value if
181							# it's not entered by user.
182	0	0					return undef unless($param_is_not_null);
183
184							# Sanitize all html tags.
185							#$value = $self->sanitize(-html => $value) if defined($value);
186	0						return $value;
187							}
188
189							sub redirect {
190							#
191							# Params: -url=> [, -cookie=> ].
192							# e.g. 'http://www.your_site.org/help.html' or '/help.html'.
193							#
194							# Post:
195							# 1. Redirect the client Web browser to the specified page.
196							#
197	0			0	0		my ($self, $url, $cookie);
198	0						$self = shift;
199	0						($url, $cookie) = $self->rearrange( ['URL', 'COOKIE'], @_ );
200
201							# Append 'http://' to the url to make sure redirect work.
202	0	0					unless ($url =~ m"^http://") {
203							# remove front slash of url.
204							#$url =~ s:^[/]::;
205	0						chop $self->{URL_ROOT};
206	0						$url = $self->{URL_ROOT} . $url;
207							}
208
209	0						print $self->SUPER::redirect( -url => $url, -cookie => $cookie );
210							# $self->send_cookie($cookie) if defined($cookie);
211							# print "Status: 302 Moved\nLocation: $url\n\n" if defined($url);
212							# #print "Content-Type: text/html\n\n";
213	0						exit(0);
214							}
215
216							sub send_cookie {
217	0			0	0		shift;
218	0						LibWeb::Core->new()->send_cookie(@_);
219							}
220
221							sub fatal {
222	0			0	0		shift;
223	0						LibWeb::Core->new()->fatal(@_);
224							}
225
226							sub sanitize {
227	0			0	0		shift;
228	0						LibWeb::Core->new()->sanitize(@_);
229							}
230
231							1;
232							__DATA__