1 # Vend::Util - Interchange utility functions
3 # Copyright (C) 2002-2009 Interchange Development Group
4 # Copyright (C) 1996-2002 Red Hat, Inc.
6 # This program was originally based on Vend 0.2 and 0.3
7 # Copyright 1995 by Andrew M. Wilcox <amw@wilcoxsolutions.com>
9 # This program is free software; you can redistribute it and/or modify
10 # it under the terms of the GNU General Public License as published by
11 # the Free Software Foundation; either version 2 of the License, or
12 # (at your option) any later version.
14 # This program is distributed in the hope that it will be useful,
15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # GNU General Public License for more details.
19 # You should have received a copy of the GNU General Public
20 # License along with this program; if not, write to the Free
21 # Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
27 unless( $ENV{MINIVEND_DISABLE_UTF8} ) {
29 import Encode qw( is_utf8 encode_utf8 );
46 file_modification_time
91 no warnings qw(uninitialized numeric);
96 require HTML::Entities;
99 use subs qw(logError logGlobal);
100 use vars qw($VERSION @EXPORT @EXPORT_OK);
101 $VERSION = substr(q$Revision: 2.127 $, 10);
104 my $Eval_routine_file;
107 my $Fast_uneval_file;
109 ### END CONFIGURABLE MODULES
113 $ESCAPE_CHARS::ok_in_filename =
114 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' .
115 'abcdefghijklmnopqrstuvwxyz' .
120 $ESCAPE_CHARS::ok_in_url =
121 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' .
122 'abcdefghijklmnopqrstuvwxyz' .
127 ## This is a character class for HTML::Entities
128 $ESCAPE_CHARS::std = qq{^\n\t\X !\#\$%\'-;=?-Z\\\]-~};
130 ## Some standard error templates
132 ## This is an alias for a commonly-used function
133 *dbref = \&Vend::Data::database_exists_ref;
137 sub setup_escape_chars {
140 ## HTML::Entities caches this, let's get it cached right away so
141 ## each child doesn't have to re-eval
142 my $junk = ">>>123<<<";
143 HTML::Entities::encode($junk, $ESCAPE_CHARS::std);
145 foreach $i (0..255) {
147 if (index($ESCAPE_CHARS::ok_in_filename,$a) == -1) {
148 $t = '%' . sprintf( "%02X", $i );
153 $ESCAPE_CHARS::translate[$i] = $t;
154 if (index($ESCAPE_CHARS::ok_in_url,$a) == -1) {
155 $t = '%' . sprintf( "%02X", $i );
160 $ESCAPE_CHARS::translate_url[$i] = $t;
163 my $string = "[^$ESCAPE_CHARS::ok_in_url]";
164 $need_escape = qr{$string};
167 # Replace any characters that might not be safe in a filename (especially
168 # shell metacharacters) with the %HH notation.
175 foreach $c (split(m{}, $in)) {
176 $r .= $ESCAPE_CHARS::translate[ord($c)];
183 # Replace any characters that might not be safe in an URL
184 # with the %HH notation.
186 sub escape_chars_url {
188 return $in unless $in =~ $need_escape;
192 foreach $c (split(m{}, $in)) {
193 $r .= $ESCAPE_CHARS::translate_url[ord($c)];
200 # Returns its arguments as a string of tab-separated fields. Tabs in the
201 # argument values are converted to spaces.
204 return join("\t", map { $_ = '' unless defined $_;
210 # Returns time in HTTP common log format
212 return POSIX::strftime("[%d/%B/%Y:%H:%M:%S %z]", localtime());
219 # IP, Session, REMOTE_USER (if any) and time
220 push @params, ($CGI::remote_host || $CGI::remote_addr || '-');
221 push @params, ($Vend::SessionName || '-');
222 push @params, ($CGI::user || '-');
223 push @params, logtime() unless $Global::SysLog;
226 my $string = ! defined $Vend::Cfg ? '-' : ($Vend::Cat || '-');
227 push @params, $string;
229 # Path info and script
230 $string = $CGI::script_name || '-';
231 $string .= $CGI::path_info || '';
232 push @params, $string;
234 # Message, quote newlined area
237 return join " ", @params;
240 sub round_to_frac_digits {
241 my ($num, $digits) = @_;
242 if (defined $digits) {
243 # use what we were given
245 elsif ( $Vend::Cfg->{Locale} ) {
246 $digits = $Vend::Cfg->{Locale}{frac_digits};
247 $digits = 2 if ! defined $digits;
253 $num =~ /^(-?)(\d*)(?:\.(\d+))?$/
257 @frac = split(m{}, ($3 || 0));
259 my $frac = join "", @frac[0 .. $digits - 1];
260 if($frac[$digits] > 4) {
263 if(length($frac) > $digits) {
267 $frac .= '0' while length($frac) < $digits;
268 return "$sign$int.$frac";
271 use vars qw/%MIME_type/;
283 xls application/vnd.ms-excel
284 default application/octet-stream
287 # Return a mime type based on either catalog configuration or some defaults
292 ! length($val) and return $Vend::Cfg->{MimeType}{default} || 'text/plain';
296 return $Vend::Cfg->{MimeType}{$val}
298 || $Vend::Cfg->{MimeType}{default}
299 || $MIME_type{default};
302 # Return AMOUNT formatted as currency.
305 my $sep = shift || ',';
306 1 while s/^(-?\d+)(\d{3})/$1$sep$2/;
318 # need to supply $fmt as a scalar to prevent prototype problems
322 my $save = POSIX::setlocale (&POSIX::LC_NUMERIC);
324 # This should be faster than doing set every time....but when
325 # is locale C anymore? Should we set this by default?
326 return sprintf($fmt, @_) if $safe_locale{$save};
329 POSIX::setlocale (&POSIX::LC_NUMERIC, 'C');
330 my $val = sprintf($fmt, @_);
331 POSIX::setlocale (&POSIX::LC_NUMERIC, $save);
336 my($amount, $pic, $sep, $point) = @_;
338 $point = '.' unless defined $point;
339 $sep = ',' unless defined $sep;
340 my $len = $pic =~ /(#+)\Q$point/
344 $amount = sprintf('%.' . $len . 'f', $amount);
345 $amount =~ tr/0-9//cd;
346 my (@dig) = split m{}, $amount;
347 $pic =~ s/#/pop(@dig)/eg;
348 $pic =~ s/\Q$sep\E+(?!\d)//;
349 $pic =~ s/\d/*/g if @dig;
350 $amount = reverse $pic;
355 my ($locale, $currency, $opt) = @_;
356 #::logDebug("original locale " . (defined $locale ? $locale : 'undef') );
357 #::logDebug("default locale " . (defined $::Scratch->{mv_locale} ? $::Scratch->{mv_locale} : 'undef') );
360 my $loc = $Vend::Cfg->{Locale_repository} or return;
361 my $currloc = $Vend::Cfg->{Locale} or return;
363 return $_ if $loc->{$_} eq $currloc;
368 $locale = $::Scratch->{mv_locale} unless defined $locale;
369 #::logDebug("locale is now " . (defined $locale ? $locale : 'undef') );
371 if ( $locale and not defined $Vend::Cfg->{Locale_repository}{$locale}) {
372 ::logError( "attempt to set non-existant locale '%s'" , $locale );
376 if ( $currency and not defined $Vend::Cfg->{Locale_repository}{$currency}) {
377 ::logError("attempt to set non-existant currency '%s'" , $currency);
382 my $loc = $Vend::Cfg->{Locale} = $Vend::Cfg->{Locale_repository}{$locale};
384 for(@Vend::Config::Locale_directives_scalar) {
385 $Vend::Cfg->{$_} = $loc->{$_}
386 if defined $loc->{$_};
389 for(@Vend::Config::Locale_directives_ary) {
390 @{$Vend::Cfg->{$_}} = split (/\s+/, $loc->{$_})
394 for(@Vend::Config::Locale_directives_code) {
395 next unless $loc->{$_->[0]};
396 my ($routine, $args) = @{$_}[1,2];
406 for(qw/LC_COLLATE LC_CTYPE LC_TIME/) {
407 next unless $loc->{$_};
408 POSIX::setlocale(&{"POSIX::$_"}, $loc->{$_});
413 my $curr = $Vend::Cfg->{Currency_repository}{$currency};
415 for(@Vend::Config::Locale_directives_currency) {
416 $Vend::Cfg->{$_} = $curr->{$_}
417 if defined $curr->{$_};
420 for(@Vend::Config::Locale_keys_currency) {
421 $Vend::Cfg->{Locale}{$_} = $curr->{$_}
422 if defined $curr->{$_};
426 if(my $ref = $Vend::Cfg->{CodeDef}{LocaleChange}) {
427 $ref = $ref->{Routine};
429 $ref->{all}->($locale, $opt);
431 if($ref->{lc $locale}) {
432 $ref->{lc $locale}->($locale, $opt);
436 if($opt->{persist}) {
437 $::Scratch->{mv_locale} = $locale if $locale;
438 delete $::Scratch->{mv_currency_tmp};
439 delete $::Scratch->{mv_currency};
440 $::Scratch->{mv_currency} = $currency if $currency;
443 Vend::Interpolate::set_tmp('mv_currency_tmp')
444 unless defined $::Scratch->{mv_currency_tmp};
445 $::Scratch->{mv_currency_tmp} = $currency;
448 delete $::Scratch->{mv_currency_tmp};
449 delete $::Scratch->{mv_currency};
457 my($amount, $noformat, $convert, $opt) = @_;
458 $opt = {} unless $opt;
459 $convert ||= $opt->{convert};
461 my $pd = $Vend::Cfg->{PriceDivide};
463 $convert = 1 unless length($convert);
464 $pd = $Vend::Cfg->{Locale_repository}{$opt->{locale}}{PriceDivide};
467 if($pd and $convert) {
468 $amount = $amount / $pd;
473 $noformat =~ /\w+=\w\w/
475 ref($hash = get_option_hash($noformat)) eq 'HASH'
478 $opt->{display} ||= $hash->{display};
479 $noformat = $opt->{noformat} = $hash->{noformat};
482 return $amount if $noformat;
489 my $loc = $opt->{locale}
490 || $::Scratch->{mv_currency_tmp}
491 || $::Scratch->{mv_currency}
492 || $Vend::Cfg->{Locale};
495 ## Do nothing, is a hash reference
498 $loc = $Vend::Cfg->{Locale_repository}{$loc};
505 $sep = $loc->{mon_thousands_sep} || $loc->{thousands_sep} || ',';
506 $dec = $loc->{mon_decimal_point} || $loc->{decimal_point} || '.';
507 return picture_format($amount, $loc->{price_picture}, $sep, $dec)
508 if defined $loc->{price_picture};
509 if (defined $loc->{frac_digits}) {
510 $fmt = "%." . $loc->{frac_digits} . "f";
515 my $display = lc($opt->{display}) || 'symbol';
516 my $sep_by_space = $loc->{p_sep_by_space};
517 my $cs_precedes = $loc->{p_cs_precedes};
519 if( $loc->{int_currency_symbol} && $display eq 'text' ) {
520 $cs = $loc->{int_currency_symbol};
523 if (length($cs) > 3 || $cs =~ /\W$/) {
530 elsif ( $display eq 'none' ) {
533 elsif ( $display eq 'symbol' ) {
534 $cs = $loc->{currency_symbol} || '';
539 $precede = "$precede " if $sep_by_space;
543 $succede = " $succede" if $sep_by_space;
548 $amount = safe_sprintf($fmt, $amount);
549 $amount =~ s/\./$dec/ if defined $dec;
550 $amount = commify($amount, $sep || undef)
551 if $Vend::Cfg->{PriceCommas};
552 return "$precede$amount$succede";
557 # leaving out 0, O and 1, l
558 my $random_chars = "ABCDEFGHIJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789";
560 # Return a string of random characters.
564 $len = 8 unless $len;
568 for ($i = 0; $i < $len; ++$i) {
569 $r .= substr($random_chars, int(rand(length($random_chars))), 1);
574 # To generate a unique key for caching
575 # Not very good without MD5
580 eval {require Digest::MD5 };
583 $Md = new Digest::MD5;
585 @_ = time() unless @_;
588 $Md->add(map encode_utf8($_), @_);
599 @_ = time() unless @_;
601 $out .= unpack "%32c*", $_;
602 $out .= unpack "%32c*", substr($_,5);
603 $out .= unpack "%32c*", substr($_,-1,5);
609 sub generate_key { &$Keysub(@_) }
613 $string =~ s/(\W)/sprintf '%%%02x', ord($1)/ge;
619 $s =~ s/%([0-9A-Fa-f][0-9A-Fa-f])/chr(hex($1))/ge;
623 *unescape_chars = \&unhexify;
628 $url =~ s/<!--.*?-->//sg;
629 return unhexify($url);
634 # Returns a string representation of an anonymous array, hash, or scaler
635 # that can be eval'ed to produce the same value.
636 # uneval([1, 2, 3, [4, 5]]) -> '[1,2,3,[4,5,],]'
637 # Uses either Storable::freeze or Data::Dumper::DumperX or uneval
641 my($o) = @_; # recursive
642 my($r, $s, $i, $key, $value);
647 $o =~ s/([\\"\$@])/\\$1/g;
649 } elsif ($r eq 'ARRAY') {
651 foreach $i (0 .. $#$o) {
652 $s .= uneval_it($o->[$i]) . ",";
655 } elsif ($r eq 'HASH') {
657 while (($key, $value) = each %$o) {
658 $s .= "'$key' => " . uneval_it($value) . ",";
662 $s = "'something else'";
668 use subs 'uneval_fast';
673 or die "Can't create $fn: $!\n";
674 print UNEV uneval_fast($ref);
681 open(UNEV, "< $fn") or return undef;
682 my $ref = evalr(<UNEV>);
687 # See if we have Storable and the user has OKed its use
688 # If so, session storage/write will be about 5x faster
690 die unless $ENV{MINIVEND_STORABLE};
692 import Storable 'freeze';
694 if ($ENV{MINIVEND_STORABLE_CODE}) {
695 # allow code references to be stored to the session
696 $Storable::Deparse = 1;
700 $Fast_uneval = \&Storable::freeze;
701 $Fast_uneval_file = \&Storable::store;
702 $Eval_routine = \&Storable::thaw;
703 $Eval_routine_file = \&Storable::retrieve;
706 # See if Data::Dumper is installed with XSUB
707 # If it is, session writes will be about 25-30% faster
709 die if $ENV{MINIVEND_NO_DUMPER};
710 require Data::Dumper;
711 import Data::Dumper 'DumperX';
712 $Data::Dumper::Indent = 1;
713 $Data::Dumper::Terse = 1;
714 $Data::Dumper::Deepcopy = 1;
715 if(defined $Fast_uneval) {
716 $Pretty_uneval = \&Data::Dumper::Dumper;
719 $Pretty_uneval = \&Data::Dumper::DumperX;
720 $Fast_uneval = \&Data::Dumper::DumperX
724 *uneval_fast = defined $Fast_uneval ? $Fast_uneval : \&uneval_it;
725 *evalr = defined $Eval_routine ? $Eval_routine : sub { eval shift };
726 *eval_file = defined $Eval_routine_file ? $Eval_routine_file : \&eval_it_file;
727 *uneval_file = defined $Fast_uneval_file ? $Fast_uneval_file : \&uneval_it_file;
728 *uneval = defined $Pretty_uneval ? $Pretty_uneval : \&uneval_it;
732 # Log data fields to a data file.
738 $file = ">>$file" unless $file =~ /^[|>]/;
740 my $msg = tabbed @msg;
743 unless($file =~ s/^[|]\s*//) {
744 # We have checked for beginning > or | previously
745 open(MVLOGDATA, $file) or die "open\n";
746 lockfile(\*MVLOGDATA, 1, 1) or die "lock\n";
747 seek(MVLOGDATA, 0, 2) or die "seek\n";
748 print(MVLOGDATA "$msg\n") or die "write to\n";
749 unlockfile(\*MVLOGDATA) or die "unlock\n";
752 my (@args) = grep /\S/, Text::ParseWords::shellwords($file);
753 open(MVLOGDATA, "|-") || exec @args;
754 print(MVLOGDATA "$msg\n") or die "pipe to\n";
756 close(MVLOGDATA) or die "close\n";
760 if($::Limit->{logdata_error_length} > 0) {
761 $msg = substr($msg, 0, $::Limit->{logdata_error_length});
764 logError ("Could not %s log file '%s': %s\nto log this data:\n%s",
777 sub quoted_comma_string {
780 push(@fields, $+) while $text =~ m{
781 "([^\"\\]*(?:\\.[^\"\\]*)*)"[\s,]? ## std quoted string, w/possible space-comma
782 | ([^\s,]+)[\s,]? ## anything else, w/possible space-comma
783 | [,\s]+ ## any comma or whitespace
788 # Modified from old, old module called Ref.pm
796 if ($rt =~ /SCALAR/) {
800 } elsif ($rt =~ /HASH/) {
801 $r = {} unless defined $r;
802 for $y (sort keys %$x) {
803 $r->{$y} = ©ref($x->{$y}, $r->{$y});
806 } elsif ($rt =~ /ARRAY/) {
807 $r = [] unless defined $r;
808 for ($y = 0; $y <= $#{$x}; $y++) {
809 $r->[$y] = ©ref($x->[$y]);
812 } elsif ($rt =~ /REF/) {
818 die "do not know how to copy $x";
823 my($f, $gatedir) = @_;
826 if ($gate = readfile("$gatedir/.access_gate") ) {
828 $gate = Vend::Interpolate::interpolate_html($gate);
829 if($gate =~ m!^$f(?:\.html?)?[ \t]*:!m ) {
830 $gate =~ s!.*(\n|^)$f(?:\.html?)?[ \t]*:!!s;
831 $gate =~ s/\n[\S].*//s;
834 elsif($gate =~ m{^\*(?:\.html?)?[: \t]+(.*)}m) {
849 my $safe = $Vend::Interpolate::safe_safe || new Vend::Safe;
850 return $safe->reval($string);
854 return ref($_[0]) eq 'HASH';
857 # Verify that passed string is a valid IPv4 address.
859 my $addr = shift or return;
860 my @segs = split '.', $addr;
861 return unless @segs == 4;
863 return unless /^\d{1,3}$/ && !/^0\d/;
864 return unless $_ <= 255;
869 # Verify that passed string is a valid IPv6 address.
871 my $addr = shift or return;
872 my @segs = split ':', $addr;
875 # Check for IPv4 style ending
876 if ($segs[-1] =~ /\./) {
877 return unless is_ipv4(pop @segs);
881 # Check the special case of the :: abbreviation.
883 # Three :'s together is wrong, though.
884 return if $addr =~ /:::/;
885 # Also only one set of :: is allowed.
886 return if $addr =~ /::.*::/;
887 # Check that we don't have too many quads.
888 return if @segs >= $quads;
891 # No :: abbreviation, so the number of quads must be exact.
892 return unless @segs == $quads;
895 # Check the validity of each quad
897 return unless /^[0-9a-f]{1,4}$/i;
904 my($hash, $key, $value, $delete_empty) = @_;
905 $hash = get_option_hash($hash) unless is_hash($hash);
906 unless (is_hash($hash)) {
907 return undef unless defined $value;
910 my @keys = split /[\.:]+/, $key;
914 if(! defined $value) {
916 $ref = $hash->{shift @keys};
918 return undef unless is_hash($ref);
929 $ref->{$_} = {} unless is_hash($ref->{$_});
933 if($delete_empty and ! length($value)) {
934 delete $ref->{$final};
937 $ref->{$final} = $value;
940 $hash = uneval_it($hash);
944 sub get_option_hash {
947 if (ref $string eq 'HASH') {
948 my $ref = { %$string };
949 return $ref unless ref $merge;
950 for(keys %{$merge}) {
951 $ref->{$_} = $merge->{$_}
952 unless defined $ref->{$_};
956 return {} unless $string and $string =~ /\S/;
959 if($string =~ /^{/ and $string =~ /}/) {
960 return string_to_ref($string);
964 unless ($string =~ /,/) {
965 @opts = grep $_ ne "=", Text::ParseWords::shellwords($string);
967 s/^(\w[-\w]*\w)=(["'])(.*)\2$/$1$3/;
971 @opts = split /\s*,\s*/, $string;
976 my ($k, $v) = split /[\s=]+/, $_, 2;
981 return \%hash unless ref $merge;
983 $hash{$_} = $merge->{$_}
984 unless defined $hash{$_};
992 return $val if ref($val) eq 'ARRAY';
993 my @ary = grep /\w/, split /[\s,\0]+/, $val;
999 return $val if ref($val) ne 'ARRAY';
1000 @$val = grep /\w/, @$val;
1001 return join " ", @$val;
1004 ## Takes an IC scalar form value (parm=val\nparm2=val) and translates it
1007 sub scalar_to_hash {
1014 @args = split /\n+/, $val;
1020 and $ref->{$1} = $2;
1025 ## Takes a form reference (i.e. from \%CGI::values) and makes into a
1026 ## scalar value value (i.e. parm=val\nparm2=val). Also translates it
1027 ## via HTML entities -- it is designed to make it into a hidden
1030 sub hash_to_scalar {
1034 unless (ref($ref) eq 'HASH') {
1035 die __PACKAGE__ . " hash_to_scalar routine got bad reference.\n";
1039 while( my($k, $v) = each %$ref ) {
1041 push @parms, HTML::Entities::encode("$k=$v");
1043 return join "\n", @parms;
1046 ## This simply returns a hash of words, which may be quoted shellwords
1047 ## Replaces most of parse_hash in Vend::Config
1049 my($settings, $ref) = @_;
1051 return $ref if ! $settings or $settings !~ /\S/;
1055 $settings =~ s/^\s+//;
1056 $settings =~ s/\s+$//;
1057 my(@setting) = Text::ParseWords::shellwords($settings);
1060 for ($i = 0; $i < @setting; $i += 2) {
1061 $ref->{$setting[$i]} = $setting[$i + 1];
1070 sub find_locale_bit {
1072 unless (defined $Lang) {
1073 $Lang = $::Scratch->{mv_locale} || $Vend::Cfg->{DefaultLocale};
1075 $text =~ m{\[$Lang\](.*)\[/$Lang\]}s
1077 $text =~ s{\[(\w+)\].*\[/\1\].*}{}s;
1084 return if $::Pragma->{no_locale_parse};
1086 # avoid copying big strings
1087 my $r = ref($input) ? $input : \$input;
1089 if($Vend::Cfg->{Locale}) {
1091 $$r =~ s~\[L(\s+([^\]]+))?\]((?s:.)*?)\[/L\]~
1093 defined $Vend::Cfg->{Locale}{$key}
1094 ? ($Vend::Cfg->{Locale}{$key}) : $3 ~eg;
1095 $$r =~ s~\[LC\]((?s:.)*?)\[/LC\]~
1096 find_locale_bit($1) ~eg;
1100 $$r =~ s~\[L(?:\s+[^\]]+)?\]((?s:.)*?)\[/L\]~$1~g;
1103 # return scalar string if one get passed initially
1104 return ref($input) ? $input : $$r;
1108 my ($file, $teleport, $table) = @_;
1112 and $db = Vend::Data::database_exists_ref($table);
1114 my @f = qw/code base_code expiration_date show_date page_text/;
1115 my ($c, $bc, $ed, $sd, $pt) = @{$Vend::Cfg->{PageTableMap}}{@f};
1117 SELECT $c from $table
1120 AND $sd >= $teleport
1123 my $ary = $db->query($q);
1124 if($ary and $ary->[0]) {
1125 $file = $ary->[0][0];
1130 # Reads in a page from the page directory with the name FILE and ".html"
1131 # appended. If the HTMLsuffix configuration has changed (because of setting in
1132 # catalog.cfg or Locale definitions) it will substitute that. Returns the
1133 # entire contents of the page, or undef if the file could not be read.
1134 # Substitutes Locale bits as necessary.
1137 my($file, $only, $locale) = @_;
1139 ## We don't want to try if we are forcing a flypage
1140 return undef if $Vend::ForceFlypage;
1142 my($fn, $contents, $gate, $pathdir, $dir, $level);
1145 if($file =~ m{[\[<]}) {
1146 ::logGlobal("Possible code/SQL injection attempt with file name '%s'", $file);
1147 $file = escape_chars($file);
1148 ::logGlobal("Suspect file changed to '%s'", $file);
1151 $Global::Variable->{MV_PREV_PAGE} = $Global::Variable->{MV_PAGE}
1152 if defined $Global::Variable->{MV_PAGE};
1153 $Global::Variable->{MV_PAGE} = $file;
1157 $file =~ s#\.html?$##;
1158 if($file =~ m{\.\.} and $file =~ /\.\..*\.\./) {
1159 logError( "Too many .. in file path '%s' for security.", $file );
1160 $file = find_special_page('violation');
1163 if(index($file, '/') < 0) {
1169 ($pathdir = $file) =~ s#/[^/]*$##;
1170 $pathdir =~ s:^/+::;
1174 my $suffix = $Vend::Cfg->{HTMLsuffix};
1176 $locale = 1 unless defined $locale;
1179 ## If PageTables is set, we try to find the page in the table first
1180 ## but only once, without the suffix
1181 if(! $db_tried++ and $Vend::Cfg->{PageTables}) {
1182 my $teleport = $Vend::Session->{teleport};
1183 my $field = $Vend::Cfg->{PageTableMap}{page_text};
1184 foreach my $t (@{$Vend::Cfg->{PageTables}}) {
1185 my $db = Vend::Data::database_exists_ref($t);
1189 $file = teleport_name($file, $teleport, $t);
1191 $record = $db->row_hash($file)
1193 $contents = $record->{$field};
1194 last FINDPAGE if length $contents;
1199 my @dirs = ($Vend::Cfg->{PreviewDir},
1200 $Vend::Cfg->{PageDir},
1201 @{$Vend::Cfg->{TemplateDir} || []},
1202 @{$Global::TemplateDir || []});
1204 foreach $try (@dirs) {
1206 $dir = $try . "/" . $pathdir;
1207 if (-f "$dir/.access") {
1214 if(-f "$dir/.autoload") {
1215 my $status = ::interpolate_html( readfile("$dir/.autoload") );
1216 $status =~ s/\s+//g;
1217 undef $level if $status;
1219 $gate = check_gate($file,$dir)
1223 if( defined $level and ! check_security($file, $level, $gate) ){
1224 my $realm = $::Variable->{COMPANY} || $Vend::Cat;
1225 if(-f "$try/violation$suffix") {
1226 $fn = "$try/violation$suffix";
1229 $file = find_special_page('violation');
1230 $fn = $try . "/" . escape_chars($file) . $suffix;
1234 $fn = $try . "/" . escape_chars($file) . $suffix;
1237 if (open(MVIN, "< $fn")) {
1238 binmode(MVIN) if $Global::Windows;
1239 binmode(MVIN, ":utf8") if $::Variable->{MV_UTF8} || $Global::Variable->{MV_UTF8};
1245 last if defined $only;
1247 if(! defined $contents) {
1248 last FINDPAGE if $suffix eq '.html';
1254 if(! defined $contents) {
1255 $contents = readfile_db("pages/$file");
1258 return unless defined $contents;
1260 parse_locale(\$contents);
1262 return $contents unless wantarray;
1263 return ($contents, $record);
1267 return( defined($_[0]) && ($_[0] =~ /^[yYtT1]/));
1271 return( !defined($_[0]) || ($_[0] =~ /^[nNfF0]/));
1274 # Returns a URL which will run the ordering system again. Each URL
1275 # contains the session ID as well as a unique integer to avoid caching
1276 # of pages by the browser.
1288 my($path, $arguments, $r, $opt) = @_;
1292 if($opt->{auto_format}) {
1293 return $path if $path =~ m{^/};
1294 $path =~ s:#([^/.]+)$::
1295 and $opt->{anchor} = $1;
1296 $path =~ s/\.html?$//i
1297 and $opt->{add_dot_html} = 1;
1300 $r = $Vend::Cfg->{VendURL}
1306 my %skip = qw/form 1 href 1 reparse 1/;
1309 next if defined $opt->{$_};
1310 next unless defined $::Scratch->{"mv_$_"};
1312 $opt->{$_} = $::Scratch->{"mv_$_"};
1317 $path = $Vend::Cfg->{ProcessPage} unless $path;
1318 if($opt->{form} eq 'auto') {
1320 while( my ($k, $v) = each %$opt) {
1325 $opt->{form} = $form;
1327 push @parms, Vend::Interpolate::escape_form($opt->{form});
1331 $id = $Vend::SessionID
1332 unless $opt->{no_session_id}
1333 or ($Vend::Cookie and $::Scratch->{mv_no_session_id});
1334 $ct = ++$Vend::Session->{pageCount}
1335 unless $opt->{no_count};
1337 if($opt->{no_session} or $::Pragma->{url_no_session_id}) {
1342 if($opt->{link_relative}) {
1343 my $cur = $Global::Variable->{MV_PAGE};
1344 $cur =~ s{/[^/]+$}{}
1345 and $path = "$cur/$path";
1348 if($opt->{match_security}) {
1349 $opt->{secure} = $CGI::secure;
1352 if($opt->{secure} or exists $Vend::Cfg->{AlwaysSecure}{$path}) {
1353 $r = $Vend::Cfg->{SecureURL};
1356 $path = escape_chars_url($path)
1357 if $path =~ $need_escape;
1359 $r .= '.html' if $opt->{add_dot_html} and $r !~ m{(?:/|\.html?)$};
1361 if($opt->{add_source} and $Vend::Session->{source}) {
1362 my $sn = hexify($Vend::Session->{source});
1363 push @parms, "$::VN->{mv_source}=$sn";
1366 push @parms, "$::VN->{mv_session_id}=$id" if $id;
1367 push @parms, "$::VN->{mv_arg}=" . hexify($arguments) if defined $arguments;
1368 push @parms, "$::VN->{mv_pc}=$ct" if $ct;
1369 push @parms, "$::VN->{mv_cat}=$Vend::Cat" if $Vend::VirtualCat;
1371 $r .= '?' . join($Global::UrlJoiner, @parms) if @parms;
1372 if($opt->{anchor}) {
1373 $opt->{anchor} =~ s/^#//;
1374 $r .= '#' . $opt->{anchor};
1377 # return full-path portion of the URL
1378 if ($opt->{path_only}) {
1379 $r =~ s!^https?://[^/]*!!i;
1384 sub secure_vendUrl {
1385 return vendUrl($_[0], $_[1], $Vend::Cfg->{SecureURL}, $_[3]);
1393 return $url if $url =~ m{^\w+:};
1394 return $url if $url =~ m{^/};
1396 for(qw/mv_session_id mv_pc/) {
1397 $strip_vars{$_} = 1;
1398 $strip_vars{$::IV->{$_}} = 1;
1403 ($url, $arg) = split /[?&]/, $url, 2;
1404 @args = grep ! $strip_vars{$_}, split $Global::UrlSplittor, $arg;
1405 return Vend::Interpolate::tag_area( $url, '', {
1406 form => join "\n", @args,
1412 $html =~ s/(<a\s+[^>]*href\s*=\s*)(["'])([^'"]+)\2/$1 . $2 . change_url($3) . $2/gei;
1419 my $flock_LOCK_SH = 1; # Shared lock
1420 my $flock_LOCK_EX = 2; # Exclusive lock
1421 my $flock_LOCK_NB = 4; # Don't block when locking
1422 my $flock_LOCK_UN = 8; # Unlock
1424 # Returns the total number of items ordered.
1425 # Uses the current cart if none specified.
1428 my($ref, $opt) = @_;
1429 my($cart, $total, $item);
1432 $cart = $::Carts->{$ref}
1436 $cart = $Vend::Items;
1440 if($opt->{qualifier}) {
1441 $attr = $opt->{qualifier};
1444 $qr = qr{$opt->{compare}} if $opt->{compare};
1452 $sub = sub { return $_[0] };
1457 return scalar(grep {! $attr or $sub->($_->{$attr})} @$cart);
1461 foreach $item (@$cart) {
1462 next if $attr and ! $sub->($item->{$attr});
1463 $total += $item->{'quantity'};
1468 sub dump_structure {
1469 my ($ref, $name) = @_;
1471 $name =~ s/\.cfg$//;
1472 $name .= '.structure';
1473 open(UNEV, ">$name") or die "Couldn't write structure $name: $!\n";
1474 local($Data::Dumper::Indent);
1475 $Data::Dumper::Indent = 2;
1476 print UNEV uneval($ref);
1480 # Do an internal HTTP authorization check
1481 sub check_authorization {
1482 my($auth, $pwinfo) = @_;
1484 $auth =~ s/^\s*basic\s+//i or return undef;
1485 my ($user, $pw) = split(
1487 MIME::Base64::decode_base64($auth),
1492 if( $user eq $Vend::Cfg->{RemoteUser} and
1493 $Vend::Cfg->{Password} )
1495 $cmp_pw = $Vend::Cfg->{Password};
1496 undef $use_crypt if $::Variable->{MV_NO_CRYPT};
1499 $pwinfo = $Vend::Cfg->{UserDatabase} unless $pwinfo;
1500 undef $use_crypt if $::Variable->{MV_NO_CRYPT};
1501 $cmp_pw = Vend::Interpolate::tag_data($pwinfo, 'password', $user)
1502 if defined $Vend::Cfg->{Database}{$pwinfo};
1505 return undef unless $cmp_pw;
1508 return $user if $pw eq $cmp_pw;
1511 my $test = crypt($pw, $cmp_pw);
1513 if $test eq $cmp_pw;
1518 # Check that the user is authorized by one or all of the
1519 # configured security checks
1520 sub check_security {
1521 my($item, $reconfig, $gate) = @_;
1525 # If using the new USERDB access control you may want to remove this next line
1526 # for anyone with an HTTP basic auth will have access to everything
1527 #return 1 if $CGI::user and ! $Global::Variable->{MV_USERDB};
1530 return 1 if is_yes($gate);
1532 elsif($Vend::Session->{logged_in}) {
1533 return 1 if $::Variable->{MV_USERDB_REMOTE_USER};
1536 if ($db = $::Variable->{MV_USERDB_ACL_TABLE}) {
1537 $field = $::Variable->{MV_USERDB_ACL_COLUMN};
1538 my $access = Vend::Data::database_field(
1540 $Vend::Session->{username},
1543 return 1 if $access =~ m{(^|\s)$item(\s|$)};
1546 if($Vend::Cfg->{UserDB} and $Vend::Cfg->{UserDB}{log_failed}) {
1547 my $besthost = $CGI::remote_host || $CGI::remote_addr;
1548 logError("auth error host=%s ip=%s script=%s page=%s",
1557 elsif($reconfig eq '1') {
1558 $msg = 'reconfigure catalog';
1560 elsif ($reconfig eq '2') {
1561 $msg = "access protected database $item";
1562 return 1 if is_yes($gate);
1564 elsif ($reconfig eq '3') {
1565 $msg = "access administrative function $item";
1568 # Check if host IP is correct when MasterHost is set to something
1569 if ( $Vend::Cfg->{MasterHost}
1571 ( $CGI::remote_host !~ /^($Vend::Cfg->{MasterHost})$/
1573 $CGI::remote_addr !~ /^($Vend::Cfg->{MasterHost})$/ ) )
1576 ALERT: Attempt to %s at %s from:
1584 logGlobal({ level => 'warning' },
1597 # Check to see if password enabled, then check
1599 $reconfig eq '1' and
1601 $Vend::Cfg->{Password} and
1602 crypt($CGI::reconfigure_catalog, $Vend::Cfg->{Password})
1603 ne $Vend::Cfg->{Password})
1606 { level => 'warning' },
1607 "ALERT: Password mismatch, attempt to %s at %s from %s",
1615 # Finally check to see if remote_user match enabled, then check
1616 if ($Vend::Cfg->{RemoteUser} and
1617 $CGI::user ne $Vend::Cfg->{RemoteUser})
1620 ALERT: Attempt to %s %s per user name:
1631 { level => 'warning' },
1645 # Don't allow random reconfigures without one of the three checks
1646 unless ($Vend::Cfg->{MasterHost} or
1647 $Vend::Cfg->{Password} or
1648 $Vend::Cfg->{RemoteUser})
1651 Attempt to %s on %s, secure operations disabled.
1660 { level => 'warning' },
1674 # Authorized if got here
1679 # Checks the Locale for a special page definintion mv_special_$key and
1680 # returns it if found, otherwise goes to the default Vend::Cfg->{Special} array
1681 sub find_special_page {
1684 $dir = "../$Vend::Cfg->{SpecialPageDir}/"
1685 if $Vend::Cfg->{SpecialPageDir};
1686 return $Vend::Cfg->{Special}{$key} || "$dir$key";
1691 # Log the error MSG to the error file.
1694 return unless $Global::DebugFile;
1696 if(my $re = $Vend::Cfg->{DebugHost}) {
1698 Net::IP::Match::Regexp::match_ip($CGI::remote_addr, $re);
1701 if(my $sub = $Vend::Cfg->{SpecialSub}{debug_qualify}) {
1702 return unless $sub->();
1707 if (my $tpl = $Global::DebugTemplate) {
1709 $tpl = POSIX::strftime($tpl, localtime());
1711 $debug{page} = $Global::Variable->{MV_PAGE};
1712 $debug{tag} = $Vend::CurrentTag;
1713 $debug{host} = $CGI::host || $CGI::remote_addr;
1714 $debug{remote_addr} = $CGI::remote_addr;
1715 $debug{catalog} = $Vend::Cat;
1716 if($tpl =~ /\{caller\d+\}/i) {
1717 my @caller = caller();
1718 for(my $i = 0; $i < @caller; $i++) {
1719 $debug{"caller$i"} = $caller[$i];
1722 $debug{message} = errmsg(@_);
1724 $msg = Vend::Interpolate::tag_attr_list($tpl, \%debug, 1);
1727 $msg = caller() . ":debug: " . errmsg(@_);
1730 if ($Global::SysLog) {
1731 logGlobal({ level => 'debug' }, $msg);
1741 my($fmt, @strings) = @_;
1743 if($Vend::Cfg->{Locale} and defined $Vend::Cfg->{Locale}{$fmt}) {
1744 $location = $Vend::Cfg->{Locale};
1746 elsif($Global::Locale and defined $Global::Locale->{$fmt}) {
1747 $location = $Global::Locale;
1750 if(ref $location->{$fmt}) {
1751 $fmt = $location->{$fmt}[0];
1752 @strings = @strings[ @{ $location->{$fmt}[1] } ];
1755 $fmt = $location->{$fmt};
1758 return scalar(@strings) ? sprintf $fmt, @strings : $fmt;
1764 my $message = shift || 'time mark';
1765 my @times = times();
1766 for( my $i = 0; $i < @times; $i++) {
1767 $times[$i] -= $Vend::Times[$i];
1769 logDebug("$message: " . join " ", @times);
1772 # This %syslog_constant_map is an attempt to work around a strange problem
1773 # where the eval inside &Sys::Syslog::xlate fails, which then croaks.
1774 # The cause of this freakish problem is still to be determined.
1776 my %syslog_constant_map;
1778 sub setup_syslog_constant_map {
1780 (map { "local$_" } (0..7)),
1805 $syslog_constant_map{$_} = Sys::Syslog::xlate($_);
1811 return 1 if $Vend::ExternalProgram;
1823 $msg = errmsg($msg, @_) if @_;
1825 $Vend::Errors .= $msg . "\n" if $Global::DisplayErrors;
1827 my $nl = $opt->{strip} ? '' : "\n";
1829 if $Global::Foreground
1830 and ! $Vend::Log_suppress
1832 and ! $Global::SysLog;
1834 my ($fn, $facility, $level);
1835 if ($Global::SysLog) {
1836 $facility = $Global::SysLog->{facility} || 'local3';
1837 $level = $opt->{level} || 'info';
1839 # remap deprecated synonyms supported by logger(1)
1846 # remap levels according to any user-defined global configuration
1848 if ($level_cfg = $Global::SysLog->{$level_map{$level} || $level}) {
1849 if ($level_cfg =~ /(.+)\.(.+)/) {
1850 ($facility, $level) = ($1, $2);
1853 $level = $level_cfg;
1856 $level = $level_map{$level} if $level_map{$level};
1858 my $tag = $Global::SysLog->{tag} || 'interchange';
1860 my $socket = $opt->{socket} || $Global::SysLog->{socket};
1862 if ($Global::SysLog->{internal}) {
1863 unless ($Vend::SysLogReady) {
1867 my ($socket_path, $types) = ($socket =~ /^(\S+)(?:\s+(.*))?/);
1868 $types ||= 'native,tcp,udp,unix,pipe,stream,console';
1869 my $type_array = [ grep /\S/, split /[,\s]+/, $types ];
1870 Sys::Syslog::setlogsock($type_array, $socket_path) or die "Error calling setlogsock\n";
1872 Sys::Syslog::openlog $tag, 'ndelay,pid', $facility;
1875 print "\nError opening syslog: $@\n";
1876 print "to report this error:\n", $msg;
1879 setup_syslog_constant_map() unless %syslog_constant_map;
1880 $Vend::SysLogReady = 1;
1884 $fn = '|' . ($Global::SysLog->{command} || 'logger');
1885 $fn .= " -p $facility.$level";
1886 $fn .= " -t $tag" unless lc($tag) eq 'none';
1887 $fn .= " -u $socket" if $socket;
1891 $fn = $Global::ErrorFile;
1896 if ($fn =~ s/^([^|>])/>>$1/) {
1898 $msg = format_log_msg($msg);
1902 # We have checked for beginning > or | previously
1903 open(MVERROR, $fn) or die "open\n";
1905 lockfile(\*MVERROR, 1, 1) or die "lock\n";
1906 seek(MVERROR, 0, 2) or die "seek\n";
1908 print(MVERROR $msg, "\n") or die "write to\n";
1910 unlockfile(\*MVERROR) or die "unlock\n";
1912 close(MVERROR) or die "close\n";
1916 print "\nCould not $@ error file '$Global::ErrorFile':\n$!\n";
1917 print "to report this error:\n", $msg, "\n";
1922 elsif ($Vend::SysLogReady) {
1924 # avoid eval in Sys::Syslog::xlate() by using cached constants where possible
1925 my $level_mapped = $syslog_constant_map{$level};
1926 $level_mapped = $level unless defined $level_mapped;
1927 my $facility_mapped = $syslog_constant_map{$facility};
1928 $facility_mapped = $facility unless defined $facility_mapped;
1929 my $priority = "$level_mapped|$facility_mapped";
1930 Sys::Syslog::syslog $priority, $msg;
1938 return unless $Vend::Cfg;
1949 unless ($Global::SysLog) {
1950 if (! $opt->{file}) {
1951 my $tag = $opt->{tag} || $msg;
1952 if (my $dest = $Vend::Cfg->{ErrorDestination}{$tag}) {
1953 $opt->{file} = $dest;
1956 $opt->{file} ||= $Vend::Cfg->{ErrorFile};
1959 $msg = errmsg($msg, @_) if @_;
1962 if $Global::Foreground
1963 and ! $Vend::Log_suppress
1965 and ! $Global::SysLog;
1967 $Vend::Session->{last_error} = $msg;
1969 $msg = format_log_msg($msg) unless $msg =~ s/^\\//;
1971 if ($Global::SysLog) {
1972 logGlobal({ level => 'err' }, $msg);
1976 $Vend::Errors .= $msg . "\n"
1977 if $Vend::Cfg->{DisplayErrors} || $Global::DisplayErrors;
1980 if (! allowed_file($opt->{file}, 1)) {
1982 $reason = 'prohibited by global configuration';
1986 open(MVERROR, '>>', $opt->{file})
1988 lockfile(\*MVERROR, 1, 1) or die "lock\n";
1989 seek(MVERROR, 0, 2) or die "seek\n";
1990 print(MVERROR $msg, "\n") or die "write to\n";
1991 unlockfile(\*MVERROR) or die "unlock\n";
1992 close(MVERROR) or die "close\n";
1997 logGlobal ({ level => 'info' },
1998 "Could not %s error file %s: %s\nto report this error: %s",
2009 # Front-end to log routines that ignores repeated identical
2010 # log messages after the first occurrence
2014 debug => \&logDebug,
2015 error => \&logError,
2016 global => \&logGlobal,
2019 # First argument should be log type (see above map).
2020 # Rest of arguments are same as if calling log routine directly.
2022 my $tag = join "", @_;
2023 return if exists $logOnce_cache{$tag};
2024 my $log_sub = $log_sub_map{ lc(shift) } || $log_sub_map{error};
2025 my $status = $log_sub->(@_);
2026 $logOnce_cache{$tag} = 1;
2031 # Here for convenience in calls
2033 my ($name, $value, $expire, $domain, $path, $secure) = @_;
2035 # Set expire to now + some time if expire string is something like
2036 # "30 days" or "7 weeks" or even "60 minutes"
2037 if($expire =~ /^\s*\d+[\s\0]*[A-Za-z]\S*\s*$/) {
2038 $expire = adjust_time($expire);
2041 if (! $::Instance->{Cookies}) {
2042 $::Instance->{Cookies} = []
2045 @{$::Instance->{Cookies}} =
2046 grep $_->[0] ne $name, @{$::Instance->{Cookies}};
2048 push @{$::Instance->{Cookies}}, [$name, $value, $expire, $domain, $path, $secure];
2052 # Here for convenience in calls
2054 my ($lookfor, $string) = @_;
2055 $string = $CGI::cookie
2056 unless defined $string;
2057 return cookies_hash($string) unless defined $lookfor && length($lookfor);
2058 return undef unless $string =~ /(?:^|;)\s*\Q$lookfor\E=([^\s;]+)/i;
2059 return unescape_chars($1);
2063 my $string = shift || $CGI::cookie;
2065 my ($k,$v) = split '=', $_, 2;
2066 $k => unescape_chars($v)
2067 } split(/;\s*/, $string);
2072 my($to, $subject, $body, $reply, $use_mime, @extra_headers) = @_;
2077 for(my $i = $#$head; $i > 0; $i--) {
2078 if($head->[$i] =~ /^\s/) {
2079 my $new = splice @$head, $i, 1;
2080 $head->[$i - 1] .= "\n$new";
2088 if (/^To:\s*(.+)/si) {
2091 elsif (/^Reply-to:\s*(.+)/si) {
2094 elsif (/^subj(?:ect)?:\s*(.+)/si) {
2098 push @extra_headers, $_;
2103 # If configured, intercept all outgoing email and re-route
2105 my $intercept = $::Variable->{MV_EMAIL_INTERCEPT}
2106 || $Global::Variable->{MV_EMAIL_INTERCEPT}
2110 for ($to, @extra_headers) {
2111 next unless my ($header, $value) = /^(To|Cc|Bcc):\s*(.+)/si;
2113 "Intercepting outgoing email (%s: %s) and instead sending to '%s'",
2114 $header, $value, $intercept
2116 $_ = "$header: $intercept";
2117 push @info_headers, "X-Intercepted-$header: $value";
2120 push @extra_headers, @info_headers;
2124 #::logDebug("send_mail: to=$to subj=$subject r=$reply mime=$use_mime\n");
2126 unless (defined $use_mime) {
2127 $use_mime = $::Instance->{MIME} || undef;
2130 if(!defined $reply) {
2131 $reply = $::Values->{mv_email}
2132 ? "Reply-To: $::Values->{mv_email}\n"
2136 $reply = "Reply-To: $reply\n"
2137 unless $reply =~ /^reply-to:/i;
2138 $reply =~ s/\s+$/\n/;
2143 my $using = $Vend::Cfg->{SendMailProgram};
2145 if($using =~ /^(none|Net::SMTP)$/i) {
2151 #::logDebug("testing sendmail send none=$none");
2153 #::logDebug("in Sendmail send $using");
2154 open(MVMAIL,"|$Vend::Cfg->{SendMailProgram} -t") or last SEND;
2156 $mime = Vend::Interpolate::mime('header', {}, '') if $use_mime;
2157 print MVMAIL "To: $to\n", $reply, "Subject: $subject\n"
2159 for(@extra_headers) {
2164 $mime =~ s/\s*$/\n/;
2169 print MVMAIL Vend::Interpolate::do_tag('mime boundary') . '--'
2171 print MVMAIL "\r\n\cZ" if $Global::Windows;
2172 close MVMAIL or last SEND;
2177 my $mhost = $::Variable->{MV_SMTPHOST} || $Global::Variable->{MV_SMTPHOST};
2178 my $helo = $Global::Variable->{MV_HELO} || $::Variable->{SERVER_NAME};
2179 last SMTP unless $none and $mhost;
2185 $using = "Net::SMTP (mail server $mhost)";
2186 #::logDebug("using $using");
2189 my $smtp = Net::SMTP->new($mhost, Debug => $Global::Variable->{DEBUG}, Hello => $helo) or last SMTP;
2190 #::logDebug("smtp object $smtp");
2192 my $from = $::Variable->{MV_MAILFROM}
2193 || $Global::Variable->{MV_MAILFROM}
2194 || $Vend::Cfg->{MailOrderTo};
2196 for(@extra_headers) {
2198 next unless /^From:\s*(\S.+)$/mi;
2201 push @extra_headers, "From: $from" unless (grep /^From:\s/i, @extra_headers);
2202 push @extra_headers, 'Date: ' . POSIX::strftime('%a, %d %b %Y %H:%M:%S %Z', localtime(time())) unless (grep /^Date:\s/i, @extra_headers);
2205 $mime = Vend::Interpolate::mime('header', {}, '') if $use_mime;
2208 #::logDebug("smtp accepted from=$from");
2211 my @addr = split /\s*,\s*/, $to;
2214 ## Uh-oh. Try to handle
2215 if ( m{( <.+?> | [^\s,]+\@[^\s,]+ ) }x ) {
2219 logError("Net::SMTP sender skipping unparsable address %s", $_);
2227 @addr = $smtp->recipient(@to, { SkipBad => 1 });
2228 if(scalar(@addr) != scalar(@to)) {
2230 "Net::SMTP not able to send to all addresses of %s",
2235 #::logDebug("smtp accepted to=" . join(",", @addr));
2239 push @extra_headers, $reply if $reply;
2240 for ("To: $to", "Subject: $subject", @extra_headers) {
2243 #::logDebug(do { my $it = $_; $it =~ s/\s+$//; "datasend=$it" });
2249 $mime =~ s/\s*$/\n/;
2250 $smtp->datasend($mime)
2253 $smtp->datasend("\n");
2254 $smtp->datasend($body)
2256 $smtp->datasend(Vend::Interpolate::do_tag('mime boundary') . '--')
2260 $ok = $smtp->quit();
2263 if ($none or !$ok) {
2264 logError("Unable to send mail using %s\nTo: %s\nSubject: %s\n%s\n\n%s",
2276 sub codedef_routine {
2277 my ($tag, $routine, $modifier) = @_;
2279 my $area = $Vend::Config::tagCanon{lc $tag}
2281 logError("Unknown CodeDef type %s", $tag);
2285 $routine =~ s/-/_/g;
2287 if ($tag eq 'UserTag') {
2288 @tries = ($Vend::Cfg->{UserTag}, $Global::UserTag);
2291 @tries = ($Vend::Cfg->{CodeDef}{$area}, $Global::CodeDef->{$area});
2298 for my $base (@tries) {
2300 $ref = $base->{Routine}{$routine}
2302 $ref = $base->{MapRoutine}{$routine}
2303 and return \&{"$ref"};
2306 return undef unless $Global::AccumulateCode;
2307 #::logDebug("trying code_from file for area=$area routine=$routine");
2308 $ref = Vend::Config::code_from_file($area, $routine)
2310 #::logDebug("returning ref=$ref for area=$area routine=$routine");
2314 sub codedef_options {
2315 my ($tag, $modifier) = @_;
2320 my @keys = keys %{$Vend::Cfg->{CodeDef}};
2321 push @keys, keys %{$Global::CodeDef};
2323 my %gate = ( public => 1 );
2325 my @mod = grep /\w/, split /[\s\0,]+/, $modifier;
2332 $empty = ['', errmsg('--select--')];
2341 if(lc($tag) eq lc($_)) {
2349 for my $repos ( $Vend::Cfg->{CodeDef}{$tag}, $Global::CodeDef->{$tag} ) {
2350 if(my $desc = $repos->{Description}) {
2351 my $vis = $repos->{Visibility} || {};
2352 my $help = $repos->{Help} || {};
2353 while( my($k, $v) = each %$desc) {
2354 next if $seen{$k}++;
2355 if(my $perm = $vis->{$k}) {
2356 if($perm =~ /^with\s+([\w:]+)/) {
2359 next unless ${$mod . "::VERSION"};
2362 next unless $gate{$perm};
2365 push @out, [$k, $v, $help->{$k}];
2371 @out = sort { $a->[1] cmp $b->[1] } @out;
2372 unshift @out, $empty if $empty;
2375 push @out, ['', errmsg('--none--') ];
2381 # Adds a timestamp to the end of a binary timecard file. You can specify the timestamp
2382 # as the second arg (unixtime) or just leave it out (or undefined) and it will be set
2383 # to the current time.
2384 sub timecard_stamp {
2385 my ($filename,$timestamp) = @_;
2386 $timestamp ||= time;
2388 open(FH, '>>', $filename) or die "Can't open $filename for append: $!";
2389 lockfile(\*FH, 1, 1);
2391 print FH pack('N',time);
2397 # Reads a timestamp from a binary timecard file. If $index is negative indexes back from
2398 # the end of the file, otherwise indexes from the front of the file so that 0 is the first
2399 # (oldest) timestamp and -1 the last (most recent). Returns the timestamp or undefined if
2400 # the file doesn't exist or the index falls outside of the bounds of the timecard file.
2402 my ($filename,$index) = @_;
2404 my $limit = $index >= 0 ? $index + 4 : $index * -1;
2406 if (-f $filename && (stat(_))[7] % 4) {
2407 # The file is corrupt, delete it and start over.
2408 ::logError("Counter file $filename found to be corrupt, deleting.");
2412 return unless (-f _ && (stat(_))[7] > $limit);
2414 # The file exists and is big enough to cover the $index. Seek to the $index
2415 # and return the timestamp from that position.
2417 open (FH, '<', $filename) or die "Can't open $filename for read: $!";
2418 lockfile(\*FH, 0, 1);
2420 seek(FH, $index, $index >= 0 ? 0 : 2) or die "Can't seek $filename to $index: $!";
2422 read(FH,$rtime,4) or die "Can't read from $filename: $!";
2426 return unpack('N',$rtime);
2430 # Adjusts a unix time stamp (2nd arg) by the amount specified in the first arg. First arg should be
2431 # a number (signed integer or float) followed by one of second(s), minute(s), hour(s), day(s)
2432 # week(s) month(s) or year(s). Second arg defaults to the current time. If the third arg is true
2433 # the time will be compensated for daylight savings time (so that an adjustment of 6 months will
2434 # still cause the same time to be displayed, even if it is transgressing the DST boundary).
2436 # This will accept multiple adjustments strung together, so you can do: "-5 days, 2 hours, 6 mins"
2437 # and the time will have thost amounts subtracted from it. You can also add and subtract in the
2438 # same line, "+2 years -3 days". If you specify a sign (+ or -) then that sign will remain in
2439 # effect until a new sign is specified on the line (so you can do,
2440 # "+5 years, 6 months, 3 days, -4 hours, 7 minutes"). The comma (,) between adjustments is
2444 my ($adjust, $time, $compensate_dst) = @_;
2447 unless ($adjust =~ /^(?:\s*[+-]?\s*[\d\.]+\s*[a-z]*\s*,?)+$/i) {
2448 ::logError("adjust_time(): bad format: $adjust");
2452 # @times: 0: sec, 1: min, 2: hour, 3: day, 4: month, 5: year, 8: isdst
2453 # 6,7: dow and doy, but mktime ignores these (and so do we).
2455 # A note about isdst: localtime returns 1 if returned time is adjusted for dst and 0 otherwise.
2456 # mktime expects the same, but if this is set to -1 mktime will determine if the date should be
2457 # dst adjusted according to dst rules for the current timezone. The way that we use this is we
2458 # leave it set to the return value from locatime and we end up with a time that is adjusted by
2459 # an absolute amount (so if you adjust by six months the actual time returned may be different
2460 # but only because of DST). If we want mktime to compensate for dst then we set this to -1 and
2461 # mktime will make the appropriate adjustment for us (either add one hour or subtract one hour
2462 # or leave the time the same).
2464 my @times = localtime($time);
2467 foreach my $amount ($adjust =~ /([+-]?\s*[\d\.]+\s*[a-z]*)/ig) {
2468 my $unit = 'seconds';
2469 $amount =~ s/\s+//g;
2471 if ($amount =~ s/^([+-])//) { $sign = $1 eq '+' ? 1 : -1 }
2472 if ($amount =~ s/([a-z]+)$//) { $unit = lc $1 }
2475 # A week is simply 7 days.
2476 if ($unit =~ /^w/) {
2481 if ($unit =~ /^s/) { $times[0] += $amount }
2482 elsif ($unit =~ /^mo/) { $times[4] += $amount } # has to come before min
2483 elsif ($unit =~ /^m/) { $times[1] += $amount }
2484 elsif ($unit =~ /^h/) { $times[2] += $amount }
2485 elsif ($unit =~ /^d/) { $times[3] += $amount }
2486 elsif ($unit =~ /^y/) { $times[5] += $amount }
2489 ::logError("adjust_time(): bad unit: $unit");
2494 if ($compensate_dst) { $times[8] = -1 }
2496 # mktime can only handle integers, so we need to convert real numbers:
2497 my @multip = (0, 60, 60, 24, 0, 12);
2499 foreach my $i (reverse 0..5) {
2500 if ($times[$i] =~ /\./) {
2502 $times[$i-1] += ($times[$i] - int $times[$i]) * $multip[$i];
2506 # Fractions of a month need some really extra special handling.
2507 $monfrac = $times[$i] - int $times[$i];
2510 $times[$i] = int $times[$i]
2514 $time = POSIX::mktime(@times);
2516 # This is how we handle a fraction of a month:
2518 $times[4] += $monfrac > 0 ? 1 : -1;
2519 my $timediff = POSIX::mktime(@times);
2520 $timediff = int(abs($timediff - $time) * $monfrac);
2528 my $msg = "Backtrace:\n\n";
2531 my $assertfile = '';
2534 while (my ($package, $filename, $line, $subroutine, $hasargs, $wantarray, $evaltext, $is_require) = caller($frame++) ) {
2535 $msg .= sprintf(" frame %d: $subroutine ($filename line $line)\n", $frame - 2);
2536 if ($subroutine =~ /assert$/) {
2537 $assertfile = $filename;
2538 $assertline = $line;
2542 open(SRC, $assertfile) and do {
2546 $msg .= "\nProblem in $assertfile line $assertline:\n\n";
2548 while ($line = <SRC>) {
2550 $msg .= "$line_n\t$line" if (abs($assertline - $line_n) <= 10);
2560 sub header_data_scrub {
2561 my ($head_data) = @_;
2563 ## "HTTP Response Splitting" Exploit Fix
2564 ## http://www.securiteam.com/securityreviews/5WP0E2KFGK.html
2565 $head_data =~ s/(?:%0[da]|[\r\n]+)+//ig;
2570 ### Provide stubs for former Vend::Util functions relocated to Vend::File
2571 *canonpath = \&Vend::File::canonpath;
2572 *catdir = \&Vend::File::catdir;
2573 *catfile = \&Vend::File::catfile;
2574 *exists_filename = \&Vend::File::exists_filename;
2575 *file_modification_time = \&Vend::File::file_modification_time;
2576 *file_name_is_absolute = \&Vend::File::file_name_is_absolute;
2577 *get_filename = \&Vend::File::get_filename;
2578 *lockfile = \&Vend::File::lockfile;
2579 *path = \&Vend::File::path;
2580 *readfile = \&Vend::File::readfile;
2581 *readfile_db = \&Vend::File::readfile_db;
2582 *set_lock_type = \&Vend::File::set_lock_type;
2583 *unlockfile = \&Vend::File::unlockfile;
2584 *writefile = \&Vend::File::writefile;
git.icdevgroup.org / interchange.git / blob