]> git.cameronkatri.com Git - cgit.git/blob - ui-shared.c
ui-shared: exploit snapshot dwimmery in cgit_print_snapshot_links
[cgit.git] / ui-shared.c
1 /* ui-shared.c: common web output functions
2 *
3 * Copyright (C) 2006 Lars Hjemli
4 *
5 * Licensed under GNU General Public License v2
6 * (see COPYING for full license text)
7 */
8
9 #include "cgit.h"
10 #include "cmd.h"
11 #include "html.h"
12
13 const char cgit_doctype[] =
14 "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n"
15 " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
16
17 static char *http_date(time_t t)
18 {
19 static char day[][4] =
20 {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
21 static char month[][4] =
22 {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
23 "Jul", "Aug", "Sep", "Oct", "Now", "Dec"};
24 struct tm *tm = gmtime(&t);
25 return fmt("%s, %02d %s %04d %02d:%02d:%02d GMT", day[tm->tm_wday],
26 tm->tm_mday, month[tm->tm_mon], 1900+tm->tm_year,
27 tm->tm_hour, tm->tm_min, tm->tm_sec);
28 }
29
30 void cgit_print_error(char *msg)
31 {
32 html("<div class='error'>");
33 html_txt(msg);
34 html("</div>\n");
35 }
36
37 char *cgit_hosturl()
38 {
39 char *host, *port;
40
41 host = getenv("HTTP_HOST");
42 if (host) {
43 host = xstrdup(host);
44 } else {
45 host = getenv("SERVER_NAME");
46 if (!host)
47 return NULL;
48 port = getenv("SERVER_PORT");
49 if (port && atoi(port) != 80)
50 host = xstrdup(fmt("%s:%d", host, atoi(port)));
51 else
52 host = xstrdup(host);
53 }
54 return host;
55 }
56
57 char *cgit_rooturl()
58 {
59 if (ctx.cfg.virtual_root)
60 return fmt("%s/", ctx.cfg.virtual_root);
61 else
62 return ctx.cfg.script_name;
63 }
64
65 char *cgit_repourl(const char *reponame)
66 {
67 if (ctx.cfg.virtual_root) {
68 return fmt("%s/%s/", ctx.cfg.virtual_root, reponame);
69 } else {
70 return fmt("?r=%s", reponame);
71 }
72 }
73
74 char *cgit_fileurl(const char *reponame, const char *pagename,
75 const char *filename, const char *query)
76 {
77 char *tmp;
78 char *delim;
79
80 if (ctx.cfg.virtual_root) {
81 tmp = fmt("%s/%s/%s/%s", ctx.cfg.virtual_root, reponame,
82 pagename, (filename ? filename:""));
83 delim = "?";
84 } else {
85 tmp = fmt("?url=%s/%s/%s", reponame, pagename,
86 (filename ? filename : ""));
87 delim = "&";
88 }
89 if (query)
90 tmp = fmt("%s%s%s", tmp, delim, query);
91 return tmp;
92 }
93
94 char *cgit_pageurl(const char *reponame, const char *pagename,
95 const char *query)
96 {
97 return cgit_fileurl(reponame,pagename,0,query);
98 }
99
100 const char *cgit_repobasename(const char *reponame)
101 {
102 /* I assume we don't need to store more than one repo basename */
103 static char rvbuf[1024];
104 int p;
105 const char *rv;
106 strncpy(rvbuf,reponame,sizeof(rvbuf));
107 if(rvbuf[sizeof(rvbuf)-1])
108 die("cgit_repobasename: truncated repository name '%s'", reponame);
109 p = strlen(rvbuf)-1;
110 /* strip trailing slashes */
111 while(p && rvbuf[p]=='/') rvbuf[p--]=0;
112 /* strip trailing .git */
113 if(p>=3 && !strncmp(&rvbuf[p-3],".git",4)) {
114 p -= 3; rvbuf[p--] = 0;
115 }
116 /* strip more trailing slashes if any */
117 while( p && rvbuf[p]=='/') rvbuf[p--]=0;
118 /* find last slash in the remaining string */
119 rv = strrchr(rvbuf,'/');
120 if(rv)
121 return ++rv;
122 return rvbuf;
123 }
124
125 char *cgit_currurl()
126 {
127 if (!ctx.cfg.virtual_root)
128 return ctx.cfg.script_name;
129 else if (ctx.qry.page)
130 return fmt("%s/%s/%s/", ctx.cfg.virtual_root, ctx.qry.repo, ctx.qry.page);
131 else if (ctx.qry.repo)
132 return fmt("%s/%s/", ctx.cfg.virtual_root, ctx.qry.repo);
133 else
134 return fmt("%s/", ctx.cfg.virtual_root);
135 }
136
137 static void site_url(char *page, char *search, int ofs)
138 {
139 char *delim = "?";
140
141 if (ctx.cfg.virtual_root) {
142 html_attr(ctx.cfg.virtual_root);
143 if (ctx.cfg.virtual_root[strlen(ctx.cfg.virtual_root) - 1] != '/')
144 html("/");
145 } else
146 html(ctx.cfg.script_name);
147
148 if (page) {
149 htmlf("?p=%s", page);
150 delim = "&";
151 }
152 if (search) {
153 html(delim);
154 html("q=");
155 html_attr(search);
156 delim = "&";
157 }
158 if (ofs) {
159 html(delim);
160 htmlf("ofs=%d", ofs);
161 }
162 }
163
164 static void site_link(char *page, char *name, char *title, char *class,
165 char *search, int ofs)
166 {
167 html("<a");
168 if (title) {
169 html(" title='");
170 html_attr(title);
171 html("'");
172 }
173 if (class) {
174 html(" class='");
175 html_attr(class);
176 html("'");
177 }
178 html(" href='");
179 site_url(page, search, ofs);
180 html("'>");
181 html_txt(name);
182 html("</a>");
183 }
184
185 void cgit_index_link(char *name, char *title, char *class, char *pattern,
186 int ofs)
187 {
188 site_link(NULL, name, title, class, pattern, ofs);
189 }
190
191 static char *repolink(char *title, char *class, char *page, char *head,
192 char *path)
193 {
194 char *delim = "?";
195
196 html("<a");
197 if (title) {
198 html(" title='");
199 html_attr(title);
200 html("'");
201 }
202 if (class) {
203 html(" class='");
204 html_attr(class);
205 html("'");
206 }
207 html(" href='");
208 if (ctx.cfg.virtual_root) {
209 html_url_path(ctx.cfg.virtual_root);
210 if (ctx.cfg.virtual_root[strlen(ctx.cfg.virtual_root) - 1] != '/')
211 html("/");
212 html_url_path(ctx.repo->url);
213 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
214 html("/");
215 if (page) {
216 html_url_path(page);
217 html("/");
218 if (path)
219 html_url_path(path);
220 }
221 } else {
222 html(ctx.cfg.script_name);
223 html("?url=");
224 html_url_arg(ctx.repo->url);
225 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
226 html("/");
227 if (page) {
228 html_url_arg(page);
229 html("/");
230 if (path)
231 html_url_arg(path);
232 }
233 delim = "&amp;";
234 }
235 if (head && strcmp(head, ctx.repo->defbranch)) {
236 html(delim);
237 html("h=");
238 html_url_arg(head);
239 delim = "&amp;";
240 }
241 return fmt("%s", delim);
242 }
243
244 static void reporevlink(char *page, char *name, char *title, char *class,
245 char *head, char *rev, char *path)
246 {
247 char *delim;
248
249 delim = repolink(title, class, page, head, path);
250 if (rev && strcmp(rev, ctx.qry.head)) {
251 html(delim);
252 html("id=");
253 html_url_arg(rev);
254 }
255 html("'>");
256 html_txt(name);
257 html("</a>");
258 }
259
260 void cgit_summary_link(char *name, char *title, char *class, char *head)
261 {
262 reporevlink(NULL, name, title, class, head, NULL, NULL);
263 }
264
265 void cgit_tag_link(char *name, char *title, char *class, char *head,
266 char *rev)
267 {
268 reporevlink("tag", name, title, class, head, rev, NULL);
269 }
270
271 void cgit_tree_link(char *name, char *title, char *class, char *head,
272 char *rev, char *path)
273 {
274 reporevlink("tree", name, title, class, head, rev, path);
275 }
276
277 void cgit_plain_link(char *name, char *title, char *class, char *head,
278 char *rev, char *path)
279 {
280 reporevlink("plain", name, title, class, head, rev, path);
281 }
282
283 void cgit_log_link(char *name, char *title, char *class, char *head,
284 char *rev, char *path, int ofs, char *grep, char *pattern)
285 {
286 char *delim;
287
288 delim = repolink(title, class, "log", head, path);
289 if (rev && strcmp(rev, ctx.qry.head)) {
290 html(delim);
291 html("id=");
292 html_url_arg(rev);
293 delim = "&";
294 }
295 if (grep && pattern) {
296 html(delim);
297 html("qt=");
298 html_url_arg(grep);
299 delim = "&";
300 html(delim);
301 html("q=");
302 html_url_arg(pattern);
303 }
304 if (ofs > 0) {
305 html(delim);
306 html("ofs=");
307 htmlf("%d", ofs);
308 }
309 html("'>");
310 html_txt(name);
311 html("</a>");
312 }
313
314 void cgit_commit_link(char *name, char *title, char *class, char *head,
315 char *rev)
316 {
317 if (strlen(name) > ctx.cfg.max_msg_len && ctx.cfg.max_msg_len >= 15) {
318 name[ctx.cfg.max_msg_len] = '\0';
319 name[ctx.cfg.max_msg_len - 1] = '.';
320 name[ctx.cfg.max_msg_len - 2] = '.';
321 name[ctx.cfg.max_msg_len - 3] = '.';
322 }
323 reporevlink("commit", name, title, class, head, rev, NULL);
324 }
325
326 void cgit_refs_link(char *name, char *title, char *class, char *head,
327 char *rev, char *path)
328 {
329 reporevlink("refs", name, title, class, head, rev, path);
330 }
331
332 void cgit_snapshot_link(char *name, char *title, char *class, char *head,
333 char *rev, char *archivename)
334 {
335 reporevlink("snapshot", name, title, class, head, rev, archivename);
336 }
337
338 void cgit_diff_link(char *name, char *title, char *class, char *head,
339 char *new_rev, char *old_rev, char *path)
340 {
341 char *delim;
342
343 delim = repolink(title, class, "diff", head, path);
344 if (new_rev && strcmp(new_rev, ctx.qry.head)) {
345 html(delim);
346 html("id=");
347 html_url_arg(new_rev);
348 delim = "&amp;";
349 }
350 if (old_rev) {
351 html(delim);
352 html("id2=");
353 html_url_arg(old_rev);
354 }
355 html("'>");
356 html_txt(name);
357 html("</a>");
358 }
359
360 void cgit_patch_link(char *name, char *title, char *class, char *head,
361 char *rev)
362 {
363 reporevlink("patch", name, title, class, head, rev, NULL);
364 }
365
366 void cgit_object_link(struct object *obj)
367 {
368 char *page, *rev, *name;
369
370 if (obj->type == OBJ_COMMIT) {
371 cgit_commit_link(fmt("commit %s", sha1_to_hex(obj->sha1)), NULL, NULL,
372 ctx.qry.head, sha1_to_hex(obj->sha1));
373 return;
374 } else if (obj->type == OBJ_TREE)
375 page = "tree";
376 else if (obj->type == OBJ_TAG)
377 page = "tag";
378 else
379 page = "blob";
380 rev = sha1_to_hex(obj->sha1);
381 name = fmt("%s %s", typename(obj->type), rev);
382 reporevlink(page, name, NULL, NULL, ctx.qry.head, rev, NULL);
383 }
384
385 void cgit_print_date(time_t secs, char *format, int local_time)
386 {
387 char buf[64];
388 struct tm *time;
389
390 if (!secs)
391 return;
392 if(local_time)
393 time = localtime(&secs);
394 else
395 time = gmtime(&secs);
396 strftime(buf, sizeof(buf)-1, format, time);
397 html_txt(buf);
398 }
399
400 void cgit_print_age(time_t t, time_t max_relative, char *format)
401 {
402 time_t now, secs;
403
404 if (!t)
405 return;
406 time(&now);
407 secs = now - t;
408
409 if (secs > max_relative && max_relative >= 0) {
410 cgit_print_date(t, format, ctx.cfg.local_time);
411 return;
412 }
413
414 if (secs < TM_HOUR * 2) {
415 htmlf("<span class='age-mins'>%.0f min.</span>",
416 secs * 1.0 / TM_MIN);
417 return;
418 }
419 if (secs < TM_DAY * 2) {
420 htmlf("<span class='age-hours'>%.0f hours</span>",
421 secs * 1.0 / TM_HOUR);
422 return;
423 }
424 if (secs < TM_WEEK * 2) {
425 htmlf("<span class='age-days'>%.0f days</span>",
426 secs * 1.0 / TM_DAY);
427 return;
428 }
429 if (secs < TM_MONTH * 2) {
430 htmlf("<span class='age-weeks'>%.0f weeks</span>",
431 secs * 1.0 / TM_WEEK);
432 return;
433 }
434 if (secs < TM_YEAR * 2) {
435 htmlf("<span class='age-months'>%.0f months</span>",
436 secs * 1.0 / TM_MONTH);
437 return;
438 }
439 htmlf("<span class='age-years'>%.0f years</span>",
440 secs * 1.0 / TM_YEAR);
441 }
442
443 void cgit_print_http_headers(struct cgit_context *ctx)
444 {
445 if (ctx->page.mimetype && ctx->page.charset)
446 htmlf("Content-Type: %s; charset=%s\n", ctx->page.mimetype,
447 ctx->page.charset);
448 else if (ctx->page.mimetype)
449 htmlf("Content-Type: %s\n", ctx->page.mimetype);
450 if (ctx->page.size)
451 htmlf("Content-Length: %ld\n", ctx->page.size);
452 if (ctx->page.filename)
453 htmlf("Content-Disposition: inline; filename=\"%s\"\n",
454 ctx->page.filename);
455 htmlf("Last-Modified: %s\n", http_date(ctx->page.modified));
456 htmlf("Expires: %s\n", http_date(ctx->page.expires));
457 html("\n");
458 }
459
460 void cgit_print_docstart(struct cgit_context *ctx)
461 {
462 char *host = cgit_hosturl();
463 html(cgit_doctype);
464 html("<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>\n");
465 html("<head>\n");
466 html("<title>");
467 html_txt(ctx->page.title);
468 html("</title>\n");
469 htmlf("<meta name='generator' content='cgit %s'/>\n", cgit_version);
470 if (ctx->cfg.robots && *ctx->cfg.robots)
471 htmlf("<meta name='robots' content='%s'/>\n", ctx->cfg.robots);
472 html("<link rel='stylesheet' type='text/css' href='");
473 html_attr(ctx->cfg.css);
474 html("'/>\n");
475 if (ctx->cfg.favicon) {
476 html("<link rel='shortcut icon' href='");
477 html_attr(ctx->cfg.favicon);
478 html("'/>\n");
479 }
480 if (host && ctx->repo) {
481 html("<link rel='alternate' title='Atom feed' href='http://");
482 html_attr(cgit_hosturl());
483 html_attr(cgit_fileurl(ctx->repo->url, "atom", ctx->qry.path,
484 fmt("h=%s", ctx->qry.head)));
485 html("' type='application/atom+xml'/>");
486 }
487 html("</head>\n");
488 html("<body>\n");
489 }
490
491 void cgit_print_docend()
492 {
493 html("</div>");
494 if (ctx.cfg.footer)
495 html_include(ctx.cfg.footer);
496 else {
497 htmlf("<div class='footer'>generated by cgit %s at ",
498 cgit_version);
499 cgit_print_date(time(NULL), FMT_LONGDATE, ctx.cfg.local_time);
500 html("</div>\n");
501 }
502 html("</body>\n</html>\n");
503 }
504
505 int print_branch_option(const char *refname, const unsigned char *sha1,
506 int flags, void *cb_data)
507 {
508 char *name = (char *)refname;
509 html_option(name, name, ctx.qry.head);
510 return 0;
511 }
512
513 int print_archive_ref(const char *refname, const unsigned char *sha1,
514 int flags, void *cb_data)
515 {
516 struct tag *tag;
517 struct taginfo *info;
518 struct object *obj;
519 char buf[256], *url;
520 unsigned char fileid[20];
521 int *header = (int *)cb_data;
522
523 if (prefixcmp(refname, "refs/archives"))
524 return 0;
525 strncpy(buf, refname+14, sizeof(buf));
526 obj = parse_object(sha1);
527 if (!obj)
528 return 1;
529 if (obj->type == OBJ_TAG) {
530 tag = lookup_tag(sha1);
531 if (!tag || parse_tag(tag) || !(info = cgit_parse_tag(tag)))
532 return 0;
533 hashcpy(fileid, tag->tagged->sha1);
534 } else if (obj->type != OBJ_BLOB) {
535 return 0;
536 } else {
537 hashcpy(fileid, sha1);
538 }
539 if (!*header) {
540 html("<h1>download</h1>\n");
541 *header = 1;
542 }
543 url = cgit_pageurl(ctx.qry.repo, "blob",
544 fmt("id=%s&amp;path=%s", sha1_to_hex(fileid),
545 buf));
546 html_link_open(url, NULL, "menu");
547 html_txt(strlpart(buf, 20));
548 html_link_close();
549 return 0;
550 }
551
552 void add_hidden_formfields(int incl_head, int incl_search, char *page)
553 {
554 char *url;
555
556 if (!ctx.cfg.virtual_root) {
557 url = fmt("%s/%s", ctx.qry.repo, page);
558 if (ctx.qry.path)
559 url = fmt("%s/%s", url, ctx.qry.path);
560 html_hidden("url", url);
561 }
562
563 if (incl_head && ctx.qry.head && ctx.repo->defbranch &&
564 strcmp(ctx.qry.head, ctx.repo->defbranch))
565 html_hidden("h", ctx.qry.head);
566
567 if (ctx.qry.sha1)
568 html_hidden("id", ctx.qry.sha1);
569 if (ctx.qry.sha2)
570 html_hidden("id2", ctx.qry.sha2);
571
572 if (incl_search) {
573 if (ctx.qry.grep)
574 html_hidden("qt", ctx.qry.grep);
575 if (ctx.qry.search)
576 html_hidden("q", ctx.qry.search);
577 }
578 }
579
580 char *hc(struct cgit_cmd *cmd, const char *page)
581 {
582 return (strcmp(cmd->name, page) ? NULL : "active");
583 }
584
585 void cgit_print_pageheader(struct cgit_context *ctx)
586 {
587 struct cgit_cmd *cmd = cgit_get_cmd(ctx);
588
589 html("<table id='header'>\n");
590 html("<tr>\n");
591 html("<td class='logo' rowspan='2'><a href='");
592 if (ctx->cfg.logo_link)
593 html_attr(ctx->cfg.logo_link);
594 else
595 html_attr(cgit_rooturl());
596 html("'><img src='");
597 html_attr(ctx->cfg.logo);
598 html("' alt='cgit logo'/></a></td>\n");
599
600 html("<td class='main'>");
601 if (ctx->repo) {
602 cgit_index_link("index", NULL, NULL, NULL, 0);
603 html(" : ");
604 cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL);
605 html("</td><td class='form'>");
606 html("<form method='get' action=''>\n");
607 add_hidden_formfields(0, 1, ctx->qry.page);
608 html("<select name='h' onchange='this.form.submit();'>\n");
609 for_each_branch_ref(print_branch_option, ctx->qry.head);
610 html("</select> ");
611 html("<input type='submit' name='' value='switch'/>");
612 html("</form>");
613 } else
614 html_txt(ctx->cfg.root_title);
615 html("</td></tr>\n");
616
617 html("<tr><td class='sub'>");
618 if (ctx->repo) {
619 html_txt(ctx->repo->desc);
620 html("</td><td class='sub right'>");
621 html_txt(ctx->repo->owner);
622 } else {
623 if (ctx->cfg.root_desc)
624 html_txt(ctx->cfg.root_desc);
625 else if (ctx->cfg.index_info)
626 html_include(ctx->cfg.index_info);
627 }
628 html("</td></tr></table>\n");
629
630 html("<table class='tabs'><tr><td>\n");
631 if (ctx->repo) {
632 cgit_summary_link("summary", NULL, hc(cmd, "summary"),
633 ctx->qry.head);
634 cgit_refs_link("refs", NULL, hc(cmd, "refs"), ctx->qry.head,
635 ctx->qry.sha1, NULL);
636 cgit_log_link("log", NULL, hc(cmd, "log"), ctx->qry.head,
637 NULL, NULL, 0, NULL, NULL);
638 cgit_tree_link("tree", NULL, hc(cmd, "tree"), ctx->qry.head,
639 ctx->qry.sha1, NULL);
640 cgit_commit_link("commit", NULL, hc(cmd, "commit"),
641 ctx->qry.head, ctx->qry.sha1);
642 cgit_diff_link("diff", NULL, hc(cmd, "diff"), ctx->qry.head,
643 ctx->qry.sha1, ctx->qry.sha2, NULL);
644 if (ctx->repo->readme)
645 reporevlink("about", "about", NULL,
646 hc(cmd, "about"), ctx->qry.head, NULL,
647 NULL);
648 html("</td><td class='form'>");
649 html("<form class='right' method='get' action='");
650 if (ctx->cfg.virtual_root)
651 html_url_path(cgit_fileurl(ctx->qry.repo, "log",
652 ctx->qry.path, NULL));
653 html("'>\n");
654 add_hidden_formfields(1, 0, "log");
655 html("<select name='qt'>\n");
656 html_option("grep", "log msg", ctx->qry.grep);
657 html_option("author", "author", ctx->qry.grep);
658 html_option("committer", "committer", ctx->qry.grep);
659 html("</select>\n");
660 html("<input class='txt' type='text' size='10' name='q' value='");
661 html_attr(ctx->qry.search);
662 html("'/>\n");
663 html("<input type='submit' value='search'/>\n");
664 html("</form>\n");
665 } else {
666 site_link(NULL, "index", NULL, hc(cmd, "repolist"), NULL, 0);
667 if (ctx->cfg.root_readme)
668 site_link("about", "about", NULL, hc(cmd, "about"),
669 NULL, 0);
670 html("</td><td class='form'>");
671 html("<form method='get' action='");
672 html_attr(cgit_rooturl());
673 html("'>\n");
674 html("<input type='text' name='q' size='10' value='");
675 html_attr(ctx->qry.search);
676 html("'/>\n");
677 html("<input type='submit' value='search'/>\n");
678 html("</form>");
679 }
680 html("</td></tr></table>\n");
681 html("<div class='content'>");
682 }
683
684 void cgit_print_filemode(unsigned short mode)
685 {
686 if (S_ISDIR(mode))
687 html("d");
688 else if (S_ISLNK(mode))
689 html("l");
690 else if (S_ISGITLINK(mode))
691 html("m");
692 else
693 html("-");
694 html_fileperm(mode >> 6);
695 html_fileperm(mode >> 3);
696 html_fileperm(mode);
697 }
698
699 void cgit_print_snapshot_links(const char *repo, const char *head,
700 const char *hex, int snapshots)
701 {
702 const struct cgit_snapshot_format* f;
703 char *filename;
704
705 for (f = cgit_snapshot_formats; f->suffix; f++) {
706 if (!(snapshots & f->bit))
707 continue;
708 filename = fmt("%s-%s%s", cgit_repobasename(repo), hex,
709 f->suffix);
710 cgit_snapshot_link(filename, NULL, NULL, NULL, NULL, filename);
711 html("<br/>");
712 }
713 }