head 1.13;
access;
symbols;
locks
ids:1.13; strict;
comment @# @;
1.13
date 2000.07.08.18.25.25; author ids; state Exp;
branches;
next 1.12;
1.12
date 99.06.12.20.48.32; author ids; state Exp;
branches;
next 1.11;
1.11
date 99.06.12.20.25.44; author ids; state Exp;
branches;
next 1.10;
1.10
date 98.10.01.14.01.32; author ids; state Exp;
branches;
next 1.9;
1.9
date 98.08.28.18.59.10; author ids; state Exp;
branches;
next 1.8;
1.8
date 98.06.21.18.19.47; author ids; state Exp;
branches;
next 1.7;
1.7
date 96.01.19.16.02.54; author ids; state Exp;
branches;
next 1.6;
1.6
date 94.08.01.12.08.50; author ids; state Exp;
branches;
next 1.5;
1.5
date 94.07.31.19.07.17; author ids; state Exp;
branches;
next 1.4;
1.4
date 94.07.29.21.15.25; author ids; state Exp;
branches;
next 1.3;
1.3
date 94.07.29.17.23.02; author ids; state Exp;
branches;
next 1.2;
1.2
date 94.07.29.13.37.54; author ids; state Exp;
branches;
next 1.1;
1.1
date 94.07.28.14.24.53; author ids; state Exp;
branches;
next ;
desc
@@
1.13
log
@better choices of logical vs. physical HTML styles.
@
text
@#!/bin/sh -
#
# wais_queries.cgi: given a query string of the form "whatever.src"
# specifying a WAIS server, generates
# an HTML page describing (and offering search facilities on) that server.
#
# NOTICE!!! This does not work any more. The local listing of WAIS servers
# is gone. But maybe the local listing of WAIS servers will be back
# someday...or maybe this script will be useful to cannibalize for
# other similar applications!
#
PATH=/usr/local/bin:/bin:/usr/bin export PATH
progname=`basename $0`
waisdir="/usr/local/lib/wais/wais-sources"
default_port_no=210 #WAIS default port
echo "Content-type: text/html"
echo ""
exec 2>&1 #we want to see any errors in the output!
cd $waisdir
#
# Amazingly, on our Linux and FreeBSD machines, the Bourne shell
# "cd" command doesn't cause exit on failure - it just barges on!
# Naturally, all hell can break loose in a shell script which is
# in a different directory from where it thinks it is.
# So, to avoid such chaos, we check explicitly for failure here.
#
if [ $? -ne 0 ]; then
echo "$progname: cannot find local listing of WAIS servers, aborting" >&2
exit 1
fi
#
# check query string has a meaningful syntax
#
if [ -z "`echo $QUERY_STRING | grep '\.src$'`" ]; then
echo "$progname: query string must end in \".src\", aborting" >&2
exit 1
fi
server_file="$QUERY_STRING"
#
# Next, a security alert! (Exciting innit?)
#
# CGI-scripts in DoC home directory areas now run as that user.
# (So this one runs as me!) This rather dubious practice means
# we have to be much more careful about exactly what's being requested.
# So, we now check the purported server file pathname we've just
# collected from the query string doesn't try to "wander" out of the
# little bubble-world of the WAIS directory.
#
grepcount=`echo "$server_file" | egrep -c '/|\.\.'`
status=$?
if [ $status -ne 1 -o "x$grepcount" != "x0" ]; then
echo "$progname: dodgy WAIS server file pathname detected, aborting" >&2
exit 1
fi
#
# now check the requested server is actually locally registered!
#
if [ ! -f "$server_file" ]; then
echo "$progname: WAIS server $server_file not locally registered, aborting" >&2
exit 1
fi
#
# now attempt to collect access data from the server file.
#
wais_host=`grep '^[ ]*:ip-name[ ][ ]*"..*"[ ]*$' "$server_file" | sed -e 's/^[ ]*:ip-name[ ][ ]*"//' -e 's/"[ ]*$//'`
if [ -z "$wais_host" ]; then
#try making do with ip-address field instead of ip-name field
wais_host=`grep '^[ ]*:ip-address[ ][ ]*"..*"[ ]*$' "$server_file" | sed -e 's/^[ ]*:ip-address[ ][ ]*"//' -e 's/"[ ]*$//'`
fi
if [ -z "$wais_host" ]; then
#still no luck---give up!
echo "$progname: cannot find IP host address for WAIS server $server_file, aborting" >&2
exit 1
fi
wais_port=`grep '^[ ]*:tcp-port[ ][ ]*..*[ ]*$' "$server_file" | sed -e 's/^[ ]*:tcp-port[ ][ ]*//' -e 's/[ ]*$//'`
if [ -z "$wais_port" ]; then
#try making do with the default WAIS port number
wais_port=$default_port_no
fi
database_name=`grep '^[ ]*:database-name[ ][ ]*"..*"[ ]*$' "$server_file" | sed -e 's/^[ ]*:database-name[ ][ ]*"//' -e 's/"[ ]*$//' -e 's|/|%2F|g'`
if [ -z "$database_name" ]; then
echo "$progname: cannot find database name for WAIS server $server_file, aborting" >&2
exit 1
fi
#
# HTML output (at last!)
# Note: the "isindex" in the form below has to be in small letters.
#
sed 's/^ //' << here
WAIS server $server_file
WAIS server $server_file
General warning: WAIS servers can be very slow.
Even interrupting a WAIS server can be very slow!
here
#
# the host and description, from the server file
#
echo "
"
echo "Host is $wais_host"
sed -n -e 's/^[ ]*:description/:description/' -e '/^:description/,$p' "$server_file"
echo "
"
#
# final courtesy link to WAIS welcome page
#
sed 's/^ //' << here
Back to the WAIS welcome page
here
@
1.12
log
@whoops! missed one case of never having strings that could have dodgy meanings
used as they stand as the first argument of "test" (alias "[").
(This is in fact a case of what I thought I'd dealt with in all outstanding
contexts earlier, but I forgot CGI-scripts. The revision message from my
earlier sweep is reproduced below.)
bloody hell! we need to change things like
if [ "$" = "" ]; then
to:
if [ "x$" = "x" ]; then
(or analogous changes which achieve the same protective goal)
now that our current Linux version of "test", alias "[", has become
too clever by half and allows (quote from manual page)
"the special expression `-l STRING', which evaluates to the length of STRING".
(If $ in the unprotected example above happens to be "-l",
the next argument ("=" above) is taken to be a string whose length is to
be measured, and the parsing gets totally screwed up.)
[Note: in some files being dealt with in this checking-in, this revision message
is essentially the same as in one or more previous revision(s).
That's simply because I missed a few cases first time(s) round!]
@
text
@d113 1
a113 1
General warning: WAIS servers can be very slow.
d141 1
a141 1
Back to the WAIS welcome page
@
1.11
log
@careful scrutiny of purported server file pathname:
> #
> # Next, a security alert! (Exciting innit?)
> #
> # CGI-scripts in DoC home directory areas now run as that user.
> # (So this one runs as me!) This rather dubious practice means
> # we have to be much more careful about exactly what's being requested.
> # So, we now check the purported server file pathname we've just
> # collected from the query string doesn't try to "wander" out of the
> # little bubble-world of the WAIS directory.
> #
Plus similarly careful handling of strings that could have dodgy meanings
in various contexts: we take care to protect against this by things like
having them in quotes, never having them as they stand as the first
argument of "test" (alias "["), and so on.
@
text
@d76 1
a76 1
if [ "$wais_host" = "" ]; then
@
1.10
log
@simpler, more minimalist replacement for the now-defunct
"lab basic environment": we now just set the path.
@
text
@d39 1
a39 1
if [ "`echo $QUERY_STRING | grep '\.src$'`" = "" ]; then
d47 18
d67 1
a67 1
if [ ! -f $server_file ]; then
d75 1
a75 1
wais_host=`grep '^[ ]*:ip-name[ ][ ]*"..*"[ ]*$' $server_file | sed -e 's/^[ ]*:ip-name[ ][ ]*"//' -e 's/"[ ]*$//'`
d78 1
a78 1
wais_host=`grep '^[ ]*:ip-address[ ][ ]*"..*"[ ]*$' $server_file | sed -e 's/^[ ]*:ip-address[ ][ ]*"//' -e 's/"[ ]*$//'`
d80 1
a80 1
if [ "$wais_host" = "" ]; then
d86 2
a87 2
wais_port=`grep '^[ ]*:tcp-port[ ][ ]*..*[ ]*$' $server_file | sed -e 's/^[ ]*:tcp-port[ ][ ]*//' -e 's/[ ]*$//'`
if [ "$wais_port" = "" ]; then
d92 2
a93 2
database_name=`grep '^[ ]*:database-name[ ][ ]*"..*"[ ]*$' $server_file | sed -e 's/^[ ]*:database-name[ ][ ]*"//' -e 's/"[ ]*$//' -e 's|/|%2F|g'`
if [ "$database_name" = "" ]; then
d130 1
a130 1
sed -n -e 's/^[ ]*:description/:description/' -e '/^:description/,$p' $server_file
@
1.9
log
@added explicit exit status check on cd:
#
# Amazingly, on our Linux and FreeBSD machines, the Bourne shell
# "cd" command doesn't cause exit on failure - it just barges on!
# Naturally, all hell can break loose in a shell script which is
# in a different directory from where it thinks it is.
# So, to avoid such chaos, we check explicitly for failure here.
#
@
text
@d12 1
a20 1
. /vol/lab/basicenv.sh #use the standard lab environment.
@
1.8
log
@layout, comment, and HTML standardization improvements.
@
text
@d23 9
a31 1
if [ ! -d $waisdir ]; then
a34 2
cd $waisdir
@
1.7
log
@added comment saying it doesn't work any more!
@
text
@d80 2
d83 3
d101 1
d103 1
a103 1
d110 1
d112 1
a112 1
d118 3
@
1.6
log
@slightly more readable syntax in the form.
@
text
@d7 5
@
1.5
log
@much nicer arrangement, using a form with an action and an "isindex"
printed host as well as description, now that you can't see the host by
"sitting on the link" (which no longer exists, explicitly anyway!)
corrected a comment
less verbose, less cluttered layout.
@
text
@d86 1
a86 1
@
1.4
log
@proper handling of WAIS servers with slashes in their database names
nicer delimiting of description in layout.
@
text
@d5 1
a5 1
# an HTML page describing (and offering a link to) that server.
d70 1
d72 2
a73 1
d79 2
d82 1
a82 1
d84 4
a87 17
Remember: the server
will simply expect a search string from you; it will not
offer you a home page!
GENERAL WARNING: WAIS servers can be very slow.
Even interrupting a WAIS server can be very slow!
d91 1
a91 1
# the contents of the server file
d94 1
@
1.3
log
@further shortening and simplifying of whole layout.
@
text
@d63 1
a63 1
database_name=`grep '^[ ]*:database-name[ ][ ]*"..*"[ ]*$' $server_file | sed -e 's/^[ ]*:database-name[ ][ ]*"//' -e 's/"[ ]*$//'`
d94 3
@
1.2
log
@cleared away technical crap in description section
new cleaner, less cluttered layout.
@
text
@d82 1
a82 1
itself will simply expect a search string from you; it will not
d89 1
a89 6
The server itself:
d91 1
a91 2
WAIS server $server_file.
Here it is!
d93 1
a93 7
GENERAL WARNING: WAIS servers can be very slow.
Even interrupting a WAIS server can be very slow!
a100 1
A description of the server
d105 1
a105 3
The stuff from the label ":description" onwards is usually the most
useful part.
The earlier stuff is technical details, included for completeness.
d112 1
a112 1
cat $server_file
@