[webmin-devel] Improvement to apache module's "edit config files"

[Fry, J. <jf...@ev...>]

I have developers who need access to view the apache log files, and edit =
php.ini on our server.  Unfortunately, I cannot give those developers =
access to the logs module or the file manager module.  So, to meet their =
need I modified apache/allmanual_save.cgi and apache/allmanual_form.cgi =
as follows.  I am not an experienced developer, so I am unfamiliar with =
submitting patches, but I felt that this would be a valuable feature to =
include in future releases, if anyone is willing to review and improve =
my code for submittion, I would appreciate it!

Essentially, these modifications cause a file in the module's directory =
(should be in /etc/ but I didn't take the time to do this) called =
"editfiles.ini" to be parsed, and appends any line that is not started =
with a # or whitespace to be added to the dropdown list of files to =
edit.  If any line begins with "ro ", that file is read-only.

If a file is read-only, the submit button is removed, and the file name =
is italicised in the dropdown box.  Users will not be able to save a =
read-only file.

The files I started with were from webmin Version 1.300.  I am sorry I =
do not have a diff file.

Thank you all for a great product!

Joe Fry

-----------------------------------------------------------
#!/usr/bin/perl
# allmanual_save.cgi
# Save an entire config file

require './apache-lib.pl';
&ReadParseMime();
$access{'types'} eq '*' && $access{'virts'} eq '*' ||
        &error($text{'manual_ecannot'});

$conf =3D &get_config();
@files =3D &unique(map { $_->{'file'} } @$conf);

$editfiles =3D &read_file_lines("editfiles.ini");
foreach $editfile (@$editfiles) {
        if ($editfile !~ /^#/ and $editfile !~ /^$|^\s+/)
        {
                if ($editfile !~ /^ro\s/)
                {
                        push(@files, $editfile);
                }
        }
}

&indexof($in{'file'}, @files) >=3D 0 || &error($text{'manual_efile'});

$temp =3D &transname();
&execute_command("cp ".quotemeta($in{'file'})." $temp");
$in{'data'} =3D~ s/\r//g;
&lock_file($in{'file'});
&open_tempfile(FILE, ">$in{'file'}");
&print_tempfile(FILE, $in{'data'});
&close_tempfile(FILE);
&unlock_file($in{'file'});
if ($config{'test_manual'}) {
        $err =3D &test_config();
        if ($err) {
                &execute_command("mv $temp '$in{'file'}'");
                &error(&text('manual_etest', "<pre>$err</pre>"));
                }
        }
unlink($temp);
&webmin_log("manual", undef, undef, { 'file' =3D> $in{'file'} });
&redirect("");
-------------------------------------------------------------------
#!/usr/bin/perl
# allmanual_form.cgi
# Display a text box for manually editing directives from one of the =
files

require './apache-lib.pl';
&ReadParse();
$access{'types'} eq '*' && $access{'virts'} eq '*' ||
        &error($text{'manual_ecannot'});
&ui_print_header(undef, $text{'manual_configs'}, "");

$conf =3D &get_config();
@files =3D grep { -f $_ } &unique(map { $_->{'file'} } @$conf);

# ADD FILES TO EDIT OR DISPLAY IN editfiles.ini

$editfiles =3D &read_file_lines("editfiles.ini");
foreach $editfile (@$editfiles) {
        if ($editfile !~ /^#/ and $editfile !~ /^$|^\s+/)
        {
                push(@files, $editfile);
        }
}
$in{'file'} =3D $files[0] if (!$in{'file'});
print "<form action=3Dallmanual_form.cgi>\n";
print "<input type=3Dsubmit value=3D'$text{'manual_file'}'>\n";
print "<select name=3Dfile>\n";
foreach $f (@files) {
        if ($f =3D~ /^ro\s/) {
                $format =3D "style=3D'font-style: italic'";
        } else {
                $format =3D "";
        }
        printf "<option %s %s>%s\n",
                $format, $f eq $in{'file'} ? 'selected' : '', $f;
        $found++ if ($f eq $in{'file'});
        }
print "</select>Files in italics are Read Only</form>\n";
$found || &error($text{'manual_efile'});

if ($in{'file'} =3D~ /^ro\s/)
{
        print "<form action=3Dallmanual_form.cgi method=3Dpost ",
                "enctype=3Dmultipart/form-data>\n";
        $buttontype =3D "hidden";
        $filename =3D $in{'file'};
        $filename =3D~ s/^ro\s//;
} else {
        print "<form action=3Dallmanual_save.cgi method=3Dpost ",
                "enctype=3Dmultipart/form-data>\n";
        $buttontype =3D "submit";
        $filename =3D $in{'file'};
}
print "<input type=3Dhidden name=3Dfile value=3D'$in{'file'}'>\n";
print "<textarea name=3Ddata rows=3D20 cols=3D80 style=3D'width:100%'>";
open(FILE, $filename);
while(<FILE>) { print &html_escape($_); }
close(FILE);
print "</textarea><br>\n";
print "<input type=3D$buttontype value=3D'$text{'save'}'>\n";
print "</form>\n";

&ui_print_footer("", $text{'index_return'});

--=20
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.13.25/515 - Release Date: =
11/3/2006 5:15 AM
=20