Devide to css file. Clean up the sources. Security fix (map.pl).

[chise/kage.git] / linkmap / map.cgi

diff --git a/linkmap/map.cgi b/linkmap/map.cgi
index 0b72acc..646fdd4 100755 (executable)
--- a/linkmap/map.cgi
+++ b/linkmap/map.cgi
@@ -1,19 +1,24 @@
 #!/usr/bin/perl
 
+$PERL = "/usr/bin/perl";
+$LINKMAP_DIR = "/var/www/chiseperl";
+
 $random = "linkmap_".(sprintf "%05X", int(rand()*0x100000));
 
 use CGI;
 $cgi = new CGI;
 $target = $cgi->param('code');
-$target =~ tr/\;\<\>\|//d;
-$dummy = `/usr/bin/perl /var/www/chiseperl/map.pl $target $random 2>/dev/null`;
+$target =~ s/[^a-zA-Z0-9]//g;
+
+$dummy = `$PERL $LINKMAP_DIR/map.pl $target $random 2>/dev/null`;
 
 $buffer = "";
-open FH, "<$random.html";
-foreach(<FH>){
-  $buffer .= $_;
+open FH, "<${random}.html";
+while(!eof(FH)){
+  $buffer .= <FH>;
 }
 close FH;
 
 print "Content-type: text/html\n\n";
 print $buffer;
+