X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=cgi-bin%2FBackupPC_Admin;h=bc4f1e90509d407490a13524f78371af3713dac2;hb=refs%2Ftags%2Fv2_0_2;hp=d61bdb1ea19eb27b3ba748085958a9ffbbde7981;hpb=e4a233559926fe41888b2f6c5cc716401b715162;p=BackupPC.git diff --git a/cgi-bin/BackupPC_Admin b/cgi-bin/BackupPC_Admin index d61bdb1..bc4f1e9 100755 --- a/cgi-bin/BackupPC_Admin +++ b/cgi-bin/BackupPC_Admin @@ -1,4 +1,4 @@ -#!/bin/perl -T +#!/bin/perl #============================================================= -*-perl-*-w # # BackupPC_Admin: Apache/CGI interface for BackupPC. @@ -39,15 +39,16 @@ # #======================================================================== # -# Version 2.0.0beta2, released 11 May 2003. +# Version 2.0.2, released 6 Oct 2003. # # See http://backuppc.sourceforge.net. # #======================================================================== use strict; +no utf8; use CGI; -use lib "/usr/local/BackupPC/lib"; +use lib "/usr/local/BackupPC2.0.2/lib"; use BackupPC::Lib; use BackupPC::FileZIO; use BackupPC::Attrib qw(:all); @@ -65,15 +66,6 @@ use vars qw ($Lang); $Cgi = new CGI; %In = $Cgi->Vars; -# -# We require that Apache pass in $ENV{SCRIPT_NAME} and $ENV{REMOTE_USER}. -# The latter requires .ht_access style authentication. Replace this -# code if you are using some other type of authentication, and have -# a different way of getting the user name. -# -$MyURL = $ENV{SCRIPT_NAME}; -$User = $ENV{REMOTE_USER}; - if ( !defined($bpc) ) { ErrorExit($Lang->{BackupPC__Lib__new_failed__check_apache_error_log}) if ( !($bpc = BackupPC::Lib->new(undef, undef, 1)) ); @@ -89,6 +81,16 @@ if ( !defined($bpc) ) { $Lang = $bpc->Lang(); } +# +# We require that Apache pass in $ENV{SCRIPT_NAME} and $ENV{REMOTE_USER}. +# The latter requires .ht_access style authentication. Replace this +# code if you are using some other type of authentication, and have +# a different way of getting the user name. +# +$ENV{REMOTE_USER} = $Conf{BackupPCUser} if ( $ENV{REMOTE_USER} eq "" ); +$MyURL = $ENV{SCRIPT_NAME}; +$User = $ENV{REMOTE_USER}; + # # Clean up %ENV for taint checking # @@ -204,7 +206,8 @@ sub Action_Summary $incrTot += $incrCnt; $fullSize = sprintf("%.2f", $fullSize / 1000); $incrAge = " " if ( $incrAge eq "" ); - $reasonHilite = $Conf{CgiStatusHilightColor}{$Status{$host}{reason}}; + $reasonHilite = $Conf{CgiStatusHilightColor}{$Status{$host}{reason}} + || $Conf{CgiStatusHilightColor}{$Status{$host}{state}}; $reasonHilite = " bgcolor=\"$reasonHilite\"" if ( $reasonHilite ne "" ); if ( $Status{$host}{state} ne "Status_backup_in_progress" && $Status{$host}{state} ne "Status_restore_in_progress" @@ -387,6 +390,7 @@ sub Action_View } elsif ( $type eq "docs" ) { $file = "$BinDir/../doc/BackupPC.html"; if ( open(LOG, $file) ) { + binmode(LOG); Header($Lang->{BackupPC__Documentation}); print while ( ); close(LOG); @@ -433,19 +437,20 @@ sub Action_View if ( /smb: \\>/ || /^\s*(\d+) \(\s*\d+\.\d kb\/s\) (.*)$/ || /^tar: dumped \d+ files/ - || /^added interface/i - || /^restore tar file /i - || /^restore directory /i - || /^tarmode is now/i - || /^Total bytes written/i - || /^Domain=/i - || /^Getting files newer than/i - || /^Output is \/dev\/null/ + || /^\s*added interface/i + || /^\s*restore tar file /i + || /^\s*restore directory /i + || /^\s*tarmode is now/i + || /^\s*Total bytes written/i + || /^\s*Domain=/i + || /^\s*Getting files newer than/i + || /^\s*Output is \/dev\/null/ || /^\([\d\.]* kb\/s\) \(average [\d\.]* kb\/s\)$/ || /^\s+directory \\/ - || /^Timezone is/ + || /^\s*Timezone is/ + || /^\s*creating lame (up|low)case table/i || /^\.\// - || /^ / + || /^ / ) { $skipped++; next; @@ -471,6 +476,7 @@ sub Action_View # remove any passwords and user names s/(SmbSharePasswd.*=.*['"]).*(['"])/$1$2/ig; s/(SmbShareUserName.*=.*['"]).*(['"])/$1$2/ig; + s/(RsyncdPasswd.*=.*['"]).*(['"])/$1$2/ig; s/(ServerMesgSecret.*=.*['"]).*(['"])/$1$2/ig; print ${EscHTML($_)}; } @@ -602,6 +608,9 @@ sub Action_Browse $dir = "/$dir" if ( $dir !~ /^\// ); my $relDir = $dir; my $currDir = undef; + if ( $dir =~ m{(^|/)\.\.(/|$)} ) { + ErrorExit($Lang->{Nice_try__but_you_can_t_put}); + } # # Loop up the directory tree until we hit the top. @@ -883,7 +892,9 @@ EOF if ( @fileListTrim > 10 ) { @fileListTrim = (@fileListTrim[0..9], '...'); } - $bpc->ServerMesg(eval("qq{$Lang->{log_User__User_downloaded_tar_archive_for__host}}")); + $bpc->ServerMesg("log User $User downloaded tar archive for $host," + . " backup $num; files were: " + . join(", ", @fileListTrim)); my @pathOpts; if ( $In{relative} ) { @@ -917,7 +928,9 @@ EOF if ( @fileListTrim > 10 ) { @fileListTrim = (@fileListTrim[0..9], '...'); } - $bpc->ServerMesg(eval("qq{$Lang->{log_User__User_downloaded_zip_archive_for__host}}")); + $bpc->ServerMesg("log User $User downloaded zip archive for $host," + . " backup $num; files were: " + . join(", ", @fileListTrim)); my @pathOpts; if ( $In{relative} ) { @@ -1012,6 +1025,7 @@ EOF [qw(*RestoreReq)]); $dump->Indent(1); if ( open(REQ, ">$TopDir/pc/$hostDest/$reqFileName") ) { + binmode(REQ); print(REQ $dump->Dump); close(REQ); } else { @@ -1434,6 +1448,7 @@ EOF } foreach my $host ( sort(keys(%Status)) ) { next if ( $Status{$host}{reason} ne "Reason_backup_failed" + && $Status{$host}{reason} ne "Reason_restore_failed" && (!$Status{$host}{userReq} || $Status{$host}{reason} ne "Reason_no_ping") ); my $startTime = timeStamp2($Status{$host}{startTime}); @@ -1698,7 +1713,8 @@ sub CheckPermission my($host) = @_; my $Privileged = 0; - return 0 if ( $User eq "" || ($host ne "" && !defined($Hosts->{$host})) ); + return 0 if ( $User eq "" && $Conf{CgiAdminUsers} ne "*" + || $host ne "" && !defined($Hosts->{$host}) ); if ( $Conf{CgiAdminUserGroup} ne "" ) { my($n,$p,$gid,$mem) = getgrnam($Conf{CgiAdminUserGroup}); $Privileged ||= ($mem =~ /\b$User\b/); @@ -1835,7 +1851,7 @@ EOF } NavSectionTitle($Lang->{Hosts}); if ( defined($Hosts) && %$Hosts > 0 ) { - NavSectionStart(0); + NavSectionStart(1); foreach my $host ( GetUserHosts() ) { NavLink("?host=${EscURI($host)}", $host); } @@ -1891,7 +1907,7 @@ sub NavSectionStart { my($padding) = @_; - $padding = 2 if ( !defined($padding) ); + $padding = 1 if ( !defined($padding) ); print < EOF