diff options
Diffstat (limited to 'lib/cgi-lib.rb')
-rw-r--r-- | lib/cgi-lib.rb | 77 |
1 files changed, 59 insertions, 18 deletions
diff --git a/lib/cgi-lib.rb b/lib/cgi-lib.rb index afadbff3b6..5234e046cc 100644 --- a/lib/cgi-lib.rb +++ b/lib/cgi-lib.rb @@ -9,29 +9,59 @@ # foo.keys <== array of fields # foo.inputs <== hash of { <field> => <value> } +# if running on Windows(IIS or PWS) then change cwd. +if ENV['SERVER_SOFTWARE'] =~ /^Microsoft-/ then + Dir.chdir ENV['PATH_TRANSLATED'].sub(/[^\\]+$/, '') +end + +require "shellwords.rb" + class CGI + include Shellwords + attr("inputs") + + # original is CGI.pm + def read_from_cmdline + words = shellwords(if not ARGV.empty? then + ARGV.join(' ') + else + print "(offline mode: enter name=value pairs on standard input)\n" + readlines.join(' ').gsub(/\n/, '') + end.gsub(/\\=/, '%3D').gsub(/\\&/, '%26')) + + if words.find{|x| x =~ /=/} then words.join('&') else words.join('+') end + end + # escape url encode + def escape(str) + str.gsub!(/[^a-zA-Z0-9_\-.]/n){ sprintf("%%%02X", $&.unpack("C")[0]) } + str + end + + # unescape url encoded + def unescape(str) + str.gsub! /\+/, ' ' + str.gsub!(/%([0-9a-fA-F]{2})/){ [$1.hex].pack("c") } + str + end + module_function :escape, :unescape + def initialize - str = if ENV['REQUEST_METHOD'] == "GET" - ENV['QUERY_STRING'] - elsif ENV['REQUEST_METHOD'] == "POST" - $stdin.read ENV['CONTENT_LENGTH'].to_i - else - "" - end - arr = str.split(/&/) + # exception messages should be printed to stdout. + STDERR.reopen(STDOUT) + @inputs = {} - arr.each do |x| - x.gsub!(/\+/, ' ') - key, val = x.split(/=/, 2) - val = "" unless val - - key.gsub!(/%(..)/) { [$1.hex].pack("c") } - val.gsub!(/%(..)/) { [$1.hex].pack("c") } - - @inputs[key] += "\0" if @inputs[key] - @inputs[key] += val + case ENV['REQUEST_METHOD'] + when "GET" + ENV['QUERY_STRING'] or "" + when "POST" + $stdin.read ENV['CONTENT_LENGTH'].to_i + else + read_from_cmdline + end.split(/&/).each do |x| + key, val = x.split(/=/,2).collect{|x|unescape(x)} + @inputs[key] += ("\0" if @inputs[key]) + (val or "") end end @@ -53,4 +83,15 @@ class CGI TRUE end + def CGI.error + m = $!.dup + m.gsub!(/&/, '&') + m.gsub!(/</, '<') + m.gsub!(/>/, '>') + msgs = ["<pre>ERROR: <strong>#{m}</strong>"] + msgs << $@ + msgs << "</pre>" + CGI.message(msgs.join("\n"), "ERROR") + exit + end end |