\n";
my $nr;
@@ -1357,36 +1425,42 @@ sub git_blob_plain {
sub git_tree {
if (!defined $hash) {
- $hash = git_read_hash("$project/HEAD");
+ $hash = git_read_head($project);
if (defined $file_name) {
- my $base = $hash_base || git_read_hash("$project/HEAD");
+ my $base = $hash_base || $hash;
$hash = git_get_hash_by_path($base, $file_name, "tree");
}
if (!defined $hash_base) {
- $hash_base = git_read_hash("$project/HEAD");
+ $hash_base = $hash;
}
}
- open my $fd, "-|", "$gitbin/git-ls-tree $hash" or die_error(undef, "Open git-ls-tree failed.");
- my (@entries) = map { chomp; $_ } <$fd>;
+ $/ = "\0";
+ open my $fd, "-|", "$gitbin/git-ls-tree -z $hash" or die_error(undef, "Open git-ls-tree failed.");
+ chomp (my (@entries) = <$fd>);
close $fd or die_error(undef, "Reading tree failed.");
+ $/ = "\n";
+ my $refs = read_info_ref();
+ my $ref = "";
+ if (defined $refs->{$hash_base}) {
+ $ref = "
";
+ }
git_header_html();
my $base_key = "";
- my $file_key = "";
my $base = "";
if (defined $hash_base && (my %co = git_read_commit($hash_base))) {
$base_key = ";hb=$hash_base";
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash_base")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash_base")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash_base")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash_base")}, "commitdiff") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash_base")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash_base")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash_base")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash_base")}, "commitdiff") .
" | tree" .
"
\n" .
"
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash_base"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash_base"), -class => "title"}, esc_html($co{'title'}) . $ref) . "\n" .
"
\n";
@@ -1394,8 +1468,8 @@ sub git_tree {
print "
$hash
\n";
}
if (defined $file_name) {
- $base = "$file_name/";
- print "
/$file_name
\n";
+ $base = esc_html("$file_name/");
+ print "
/" . esc_html($file_name) . "
\n";
} else {
print "
/
\n";
}
@@ -1408,8 +1482,7 @@ sub git_tree {
my $t_mode = $1;
my $t_type = $2;
my $t_hash = $3;
- my $t_name = $4;
- $file_key = ";f=$base$t_name";
+ my $t_name = validate_input($4);
if ($alternate) {
print "
\n";
} else {
@@ -1419,18 +1492,18 @@ sub git_tree {
print "" . mode_str($t_mode) . " | \n";
if ($t_type eq "blob") {
print "" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$t_hash" . $base_key . $file_key), -class => "list"}, $t_name) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$t_hash$base_key;f=$base$t_name"), -class => "list"}, esc_html($t_name)) .
" | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$t_hash" . $base_key . $file_key)}, "blob") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=history;h=$hash_base" . $file_key)}, "history") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$t_hash$base_key;f=$base$t_name")}, "blob") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=history;h=$hash_base;f=$base$t_name")}, "history") .
" | \n";
} elsif ($t_type eq "tree") {
print "" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$t_hash" . $base_key . $file_key)}, $t_name) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$t_hash$base_key;f=$base$t_name")}, esc_html($t_name)) .
" | \n" .
"" .
- $cgi->a({-href => esc("$my_uri?p=$project;a=tree;h=$t_hash" . $base_key . $file_key)}, "tree") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$t_hash$base_key;f=$base$t_name")}, "tree") .
" | \n";
}
print "
\n";
@@ -1442,7 +1515,7 @@ sub git_tree {
sub git_rss {
# http://www.notestips.com/80256B3A007F2692/1/NAMO5P9UPQ
- open my $fd, "-|", "$gitbin/git-rev-list --max-count=150 " . git_read_hash("$project/HEAD") or die_error(undef, "Open failed.");
+ open my $fd, "-|", "$gitbin/git-rev-list --max-count=150 " . git_read_head($project) or die_error(undef, "Open failed.");
my (@revlist) = map { chomp; $_ } <$fd>;
close $fd or die_error(undef, "Reading rev-list failed.");
print $cgi->header(-type => 'text/xml', -charset => 'utf-8');
@@ -1486,7 +1559,8 @@ sub git_rss {
if (!($line =~ m/^:([0-7]{6}) ([0-7]{6}) ([0-9a-fA-F]{40}) ([0-9a-fA-F]{40}) (.)([0-9]{0,3})\t(.*)$/)) {
next;
}
- my $file = $7;
+ my $file = validate_input(unquote($7));
+ $file = decode("utf8", $file, Encode::FB_DEFAULT);
print "$file
\n";
}
print "]]>\n" .
@@ -1510,7 +1584,7 @@ sub git_opml {
foreach my $pr (@list) {
my %proj = %$pr;
- my $head = git_read_hash("$proj{'path'}/HEAD");
+ my $head = git_read_head($proj{'path'});
if (!defined $head) {
next;
}
@@ -1531,21 +1605,22 @@ sub git_opml {
}
sub git_log {
- my $head = git_read_hash("$project/HEAD");
+ my $head = git_read_head($project);
if (!defined $hash) {
$hash = $head;
}
if (!defined $page) {
$page = 0;
}
+ my $refs = read_info_ref();
git_header_html();
print "
\n";
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash")}, "shortlog") .
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash")}, "shortlog") .
" | log" .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$hash;hb=$hash")}, "tree") . "
\n";
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$hash;hb=$hash")}, "tree") . "
\n";
my $limit = sprintf("--max-count=%i", (100 * ($page+1)));
open my $fd, "-|", "$gitbin/git-rev-list $limit $hash" or die_error(undef, "Open failed.");
@@ -1553,19 +1628,19 @@ sub git_log {
close $fd;
if ($hash ne $head || $page) {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=log")}, "HEAD");
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log")}, "HEAD");
} else {
print "HEAD";
}
if ($page > 0) {
print " ⋅ " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash;pg=" . ($page-1)), -accesskey => "p", -title => "Alt-p"}, "prev");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash;pg=" . ($page-1)), -accesskey => "p", -title => "Alt-p"}, "prev");
} else {
print " ⋅ prev";
}
if ($#revlist >= (100 * ($page+1)-1)) {
print " ⋅ " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash;pg=" . ($page+1)), -accesskey => "n", -title => "Alt-n"}, "next");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash;pg=" . ($page+1)), -accesskey => "n", -title => "Alt-n"}, "next");
} else {
print " ⋅ next";
}
@@ -1573,24 +1648,28 @@ sub git_log {
"
\n";
if (!@revlist) {
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary"), -class => "title"}, " ") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary"), -class => "title"}, " ") .
"
\n";
my %co = git_read_commit($hash);
print "
Last change $co{'age_string'}.
\n";
}
for (my $i = ($page * 100); $i <= $#revlist; $i++) {
my $commit = $revlist[$i];
+ my $ref = "";
+ if (defined $refs->{$commit}) {
+ $ref = "
" . esc_html($refs->{$commit}) . "";
+ }
my %co = git_read_commit($commit);
next if !%co;
my %ad = date_str($co{'author_epoch'});
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit"), -class => "title"},
- "$co{'age_string'}" . esc_html($co{'title'})) . "\n" .
- "
\n";
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit"), -class => "title"},
+ "
$co{'age_string'}" . esc_html($co{'title'}) . $ref) . "\n";
+ print "
\n" .
"
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
"
\n" .
"
\n" .
"
" . esc_html($co{'author_name'}) . " [$ad{'rfc2822'}]\n" .
@@ -1644,24 +1723,29 @@ sub git_commit {
if ($hash =~ m/^[0-9a-fA-F]{40}$/) {
$expires = "+1d";
}
+ my $refs = read_info_ref();
+ my $ref = "";
+ if (defined $refs->{$co{'id'}}) {
+ $ref = "
" . esc_html($refs->{$co{'id'}}) . "";
+ }
git_header_html(undef, $expires);
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash")}, "log") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash")}, "log") .
" | commit";
if (defined $co{'parent'}) {
- print " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash")}, "commitdiff");
+ print " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash")}, "commitdiff");
}
- print " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") . "\n" .
+ print " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") . "\n" .
"
\n";
if (defined $co{'parent'}) {
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash"), -class => "title"}, esc_html($co{'title'}) . $ref) . "\n" .
"
\n";
} else {
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
"
\n";
}
print "
\n" .
@@ -1682,19 +1766,19 @@ sub git_commit {
print "
" .
"tree | " .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash"), class => "list"}, $co{'tree'}) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash"), class => "list"}, $co{'tree'}) .
" | " .
- "" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
" | " .
"
\n";
my $parents = $co{'parents'};
foreach my $par (@$parents) {
print "
" .
"parent | " .
- "" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$par"), class => "list"}, $par) . " | " .
+ "" . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$par"), class => "list"}, $par) . " | " .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$par")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash;hp=$par")}, "commitdiff") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$par")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash;hp=$par")}, "commitdiff") .
" | " .
"
\n";
}
@@ -1742,7 +1826,7 @@ sub git_commit {
my $to_id = $4;
my $status = $5;
my $similarity = $6;
- my $file = $7;
+ my $file = validate_input(unquote($7));
if ($alternate) {
print "
\n";
} else {
@@ -1755,16 +1839,16 @@ sub git_commit {
$mode_chng = sprintf(" with mode: %04o", (oct $to_mode) & 0777);
}
print "" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file)) . " | \n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file)) . "\n" .
"[new " . file_type($to_mode) . "$mode_chng] | \n" .
- "" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, "blob") . " | \n";
+ "" . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, "blob") . " | \n";
} elsif ($status eq "D") {
print "" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$from_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file)) . " | \n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$from_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file)) . "\n" .
"[deleted " . file_type($from_mode). "] | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, "blob") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=history;h=$hash;f=$file")}, "history") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, "blob") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=history;h=$hash;f=$file")}, "history") .
" | \n"
} elsif ($status eq "M" || $status eq "T") {
my $mode_chnge = "";
@@ -1784,18 +1868,18 @@ sub git_commit {
}
print "";
if ($to_id ne $from_id) {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file));
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file));
} else {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file));
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file"), -class => "list"}, esc_html($file));
}
print " | \n" .
"$mode_chnge | \n" .
"";
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, "blob");
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, "blob");
if ($to_id ne $from_id) {
- print " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$file")}, "diff");
+ print " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$file")}, "diff");
}
- print " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=history;h=$hash;f=$file")}, "history") . "\n";
+ print " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=history;h=$hash;f=$file")}, "history") . "\n";
print " | \n";
} elsif ($status eq "R") {
my ($from_file, $to_file) = split "\t", $file;
@@ -1804,14 +1888,14 @@ sub git_commit {
$mode_chng = sprintf(", mode: %04o", (oct $to_mode) & 0777);
}
print "" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$to_file"), -class => "list"}, esc_html($to_file)) . " | \n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$to_file"), -class => "list"}, esc_html($to_file)) . "\n" .
"[moved from " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$from_id;hb=$hash;f=$from_file"), -class => "list"}, esc_html($from_file)) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$from_id;hb=$hash;f=$from_file"), -class => "list"}, esc_html($from_file)) .
" with " . (int $similarity) . "% similarity$mode_chng] | \n" .
"" .
- $cgi->a({-href => esc_uresc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$to_file")}, "blob");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$to_file")}, "blob");
if ($to_id ne $from_id) {
- print " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$to_file")}, "diff");
+ print " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blobdiff;h=$to_id;hp=$from_id;hb=$hash;f=$to_file")}, "diff");
}
print " | \n";
}
@@ -1826,17 +1910,17 @@ sub git_blobdiff {
git_header_html();
if (defined $hash_base && (my %co = git_read_commit($hash_base))) {
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash_base")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash_base")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash_base")}, "tree") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash_base")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash_base")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash_base")}, "tree") .
"
\n";
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=blobdiff_plain;h=$hash;hp=$hash_parent")}, "plain") .
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blobdiff_plain;h=$hash;hp=$hash_parent")}, "plain") .
"
\n";
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash_base"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash_base"), -class => "title"}, esc_html($co{'title'})) . "\n" .
"
\n";
} else {
print "\n" .
@@ -1844,13 +1928,13 @@ sub git_blobdiff {
"
$hash vs $hash_parent
\n";
}
if (defined $file_name) {
- print "
/$file_name
\n";
+ print "
/" . esc_html($file_name) . "
\n";
}
print "
\n" .
"
blob:" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$hash_parent;hb=$hash_base;f=$file_name")}, $hash_parent) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$hash_parent;hb=$hash_base;f=$file_name")}, $hash_parent) .
" -> blob:" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$hash;hb=$hash_base;f=$file_name")}, $hash) .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$hash;hb=$hash_base;f=$file_name")}, $hash) .
"
\n";
git_diff_print($hash_parent, $file_name || $hash_parent, $hash, $file_name || $hash);
print "
";
@@ -1881,18 +1965,23 @@ sub git_commitdiff {
if ($hash =~ m/^[0-9a-fA-F]{40}$/) {
$expires = "+1d";
}
+ my $refs = read_info_ref();
+ my $ref = "";
+ if (defined $refs->{$co{'id'}}) {
+ $ref = "
" . esc_html($refs->{$co{'id'}}) . "";
+ }
git_header_html(undef, $expires);
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash")}, "commit") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash")}, "commit") .
" | commitdiff" .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") . "
\n";
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff_plain;h=$hash;hp=$hash_parent")}, "plain") . "\n" .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") . "
\n";
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff_plain;h=$hash;hp=$hash_parent")}, "plain") . "\n" .
"
\n";
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'}) . $ref) . "\n" .
"
\n";
print "
\n";
my $comment = $co{'comment'};
@@ -1928,23 +2017,23 @@ sub git_commitdiff {
my $from_id = $3;
my $to_id = $4;
my $status = $5;
- my $file = $6;
+ my $file = validate_input(unquote($6));
if ($status eq "A") {
print "
" . file_type($to_mode) . ":" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, $to_id) . "(new)" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, $to_id) . "(new)" .
"
\n";
git_diff_print(undef, "/dev/null", $to_id, "b/$file");
} elsif ($status eq "D") {
print "
" . file_type($from_mode) . ":" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, $from_id) . "(deleted)" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, $from_id) . "(deleted)" .
"
\n";
git_diff_print($from_id, "a/$file", undef, "/dev/null");
} elsif ($status eq "M") {
if ($from_id ne $to_id) {
print "
" .
- file_type($from_mode) . ":" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, $from_id) .
+ file_type($from_mode) . ":" . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$from_id;hb=$hash;f=$file")}, $from_id) .
" -> " .
- file_type($to_mode) . ":" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, $to_id);
+ file_type($to_mode) . ":" . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$to_id;hb=$hash;f=$file")}, $to_id);
print "
\n";
git_diff_print($from_id, "a/$file", $to_id, "b/$file");
}
@@ -1963,23 +2052,18 @@ sub git_commitdiff_plain {
# try to figure out the next tag after this commit
my $tagname;
- my %taghash;
- my $tags = git_read_refs("refs/tags");
- foreach my $entry (@$tags) {
- my %tag = %$entry;
- $taghash{$tag{'refid'}} = $tag{'name'};
- }
+ my $refs = read_info_ref("tags");
open $fd, "-|", "$gitbin/git-rev-list HEAD";
- while (my $commit = <$fd>) {
- chomp $commit;
- if ($taghash{$commit}) {
- $tagname = $taghash{$commit};
+ chomp (my (@commits) = <$fd>);
+ close $fd;
+ foreach my $commit (@commits) {
+ if (defined $refs->{$commit}) {
+ $tagname = $refs->{$commit}
}
if ($commit eq $hash) {
last;
}
}
- close $fd;
print $cgi->header(-type => "text/plain", -charset => 'utf-8', '-content-disposition' => "inline; filename=\"git-$hash.patch\"");
my %co = git_read_commit($hash);
@@ -1995,7 +2079,7 @@ sub git_commitdiff_plain {
"\n";
foreach my $line (@$comment) {;
- print " $line\n";
+ print "$line\n";
}
print "---\n\n";
@@ -2017,26 +2101,27 @@ sub git_commitdiff_plain {
sub git_history {
if (!defined $hash) {
- $hash = git_read_hash("$project/HEAD");
+ $hash = git_read_head($project);
}
my %co = git_read_commit($hash);
if (!%co) {
die_error(undef, "Unknown commit object.");
}
+ my $refs = read_info_ref();
git_header_html();
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
"
\n" .
"
\n";
print "
\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
"
\n";
- print "
/$file_name
\n";
+ print "
/" . esc_html($file_name) . "
\n";
open my $fd, "-|", "$gitbin/git-rev-list $hash | $gitbin/git-diff-tree -r --stdin \'$file_name\'";
my $commit;
@@ -2052,6 +2137,10 @@ sub git_history {
if (!%co) {
next;
}
+ my $ref = "";
+ if (defined $refs->{$commit}) {
+ $ref = "
" . esc_html($refs->{$commit}) . "";
+ }
if ($alternate) {
print "
\n";
} else {
@@ -2060,17 +2149,17 @@ sub git_history {
$alternate ^= 1;
print "$co{'age_string_date'} | \n" .
"" . esc_html(chop_str($co{'author_name'}, 15, 3)) . " | \n" .
- "" . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit"), -class => "list"}, "" .
- esc_html(chop_str($co{'title'}, 50)) . "") . " | \n" .
+ "" . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit"), -class => "list"}, "" .
+ esc_html(chop_str($co{'title'}, 50)) . "$ref") . " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;hb=$commit;f=$file_name")}, "blob");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;hb=$commit;f=$file_name")}, "blob");
my $blob = git_get_hash_by_path($hash, $file_name);
my $blob_parent = git_get_hash_by_path($commit, $file_name);
if (defined $blob && defined $blob_parent && $blob ne $blob_parent) {
print " | " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=blobdiff;h=$blob;hp=$blob_parent;hb=$commit;f=$file_name")},
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blobdiff;h=$blob;hp=$blob_parent;hb=$commit;f=$file_name")},
"diff to current");
}
print " | \n" .
@@ -2088,7 +2177,7 @@ sub git_search {
die_error("", "Text field empty.");
}
if (!defined $hash) {
- $hash = git_read_hash("$project/HEAD");
+ $hash = git_read_head($project);
}
my %co = git_read_commit($hash);
if (!%co) {
@@ -2110,17 +2199,17 @@ sub git_search {
}
git_header_html();
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary;h=$hash")}, "summary") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog")}, "shortlog") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary;h=$hash")}, "summary") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog")}, "shortlog") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$hash")}, "tree") .
"
\n" .
"
\n";
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash"), -class => "title"}, esc_html($co{'title'})) . "\n" .
"
\n";
print "\n";
my $alternate = 0;
@@ -2151,7 +2240,7 @@ sub git_search {
print "$co{'age_string_date'} | \n" .
"" . esc_html(chop_str($co{'author_name'}, 15, 5)) . " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$co{'id'}"), -class => "list"}, "" . esc_html(chop_str($co{'title'}, 50)) . " ");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$co{'id'}"), -class => "list"}, "" . esc_html(chop_str($co{'title'}, 50)) . " ");
my $comment = $co{'comment'};
foreach my $line (@$comment) {
if ($line =~ m/^(.*)($searchtext)(.*)$/i) {
@@ -2166,8 +2255,8 @@ sub git_search {
}
print " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$co{'id'}")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$co{'id'}")}, "tree");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$co{'id'}")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$co{'id'}")}, "tree");
print " | \n" .
"\n";
}
@@ -2204,18 +2293,18 @@ sub git_search {
print "$co{'age_string_date'} | \n" .
"" . esc_html(chop_str($co{'author_name'}, 15, 5)) . " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$co{'id'}"), -class => "list"}, "" .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$co{'id'}"), -class => "list"}, "" .
esc_html(chop_str($co{'title'}, 50)) . " ");
while (my $setref = shift @files) {
my %set = %$setref;
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=blob;h=$set{'id'};hb=$co{'id'};f=$set{'file'}"), class => "list"},
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=blob;h=$set{'id'};hb=$co{'id'};f=$set{'file'}"), class => "list"},
"" . esc_html($set{'file'}) . "") .
" \n";
}
print " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$co{'id'}")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$co{'tree'};hb=$co{'id'}")}, "tree");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$co{'id'}")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$co{'tree'};hb=$co{'id'}")}, "tree");
print " | \n" .
"\n";
}
@@ -2229,21 +2318,22 @@ sub git_search {
}
sub git_shortlog {
- my $head = git_read_hash("$project/HEAD");
+ my $head = git_read_head($project);
if (!defined $hash) {
$hash = $head;
}
if (!defined $page) {
$page = 0;
}
+ my $refs = read_info_ref();
git_header_html();
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary")}, "summary") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary")}, "summary") .
" | shortlog" .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=log;h=$hash")}, "log") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$hash")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=tree;h=$hash;hb=$hash")}, "tree") . "
\n";
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=log;h=$hash")}, "log") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$hash")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$hash")}, "commitdiff") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=tree;h=$hash;hb=$hash")}, "tree") . "
\n";
my $limit = sprintf("--max-count=%i", (100 * ($page+1)));
open my $fd, "-|", "$gitbin/git-rev-list $limit $hash" or die_error(undef, "Open failed.");
@@ -2251,31 +2341,35 @@ sub git_shortlog {
close $fd;
if ($hash ne $head || $page) {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog")}, "HEAD");
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog")}, "HEAD");
} else {
print "HEAD";
}
if ($page > 0) {
print " ⋅ " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash;pg=" . ($page-1)), -accesskey => "p", -title => "Alt-p"}, "prev");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash;pg=" . ($page-1)), -accesskey => "p", -title => "Alt-p"}, "prev");
} else {
print " ⋅ prev";
}
if ($#revlist >= (100 * ($page+1)-1)) {
print " ⋅ " .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash;pg=" . ($page+1)), -accesskey => "n", -title => "Alt-n"}, "next");
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash;pg=" . ($page+1)), -accesskey => "n", -title => "Alt-n"}, "next");
} else {
print " ⋅ next";
}
print "
\n" .
"
\n";
print "\n" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=summary"), -class => "title"}, " ") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=summary"), -class => "title"}, " ") .
"
\n";
print "\n";
my $alternate = 0;
for (my $i = ($page * 100); $i <= $#revlist; $i++) {
my $commit = $revlist[$i];
+ my $ref = "";
+ if (defined $refs->{$commit}) {
+ $ref = " " . esc_html($refs->{$commit}) . "";
+ }
my %co = git_read_commit($commit);
my %ad = date_str($co{'author_epoch'});
if ($alternate) {
@@ -2288,23 +2382,23 @@ sub git_shortlog {
"" . esc_html(chop_str($co{'author_name'}, 10)) . " | \n" .
"";
if (length($co{'title_short'}) < length($co{'title'})) {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit"), -class => "list", -title => "$co{'title'}"},
- "" . esc_html($co{'title_short'}) . "");
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit"), -class => "list", -title => "$co{'title'}"},
+ "" . esc_html($co{'title_short'}) . "$ref");
} else {
- print $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit"), -class => "list"},
- "" . esc_html($co{'title_short'}) . "");
+ print $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit"), -class => "list"},
+ "" . esc_html($co{'title_short'}) . "$ref");
}
print " | \n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=commit;h=$commit")}, "commit") .
- " | " . $cgi->a({-href => esc_url("$my_uri?p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commit;h=$commit")}, "commit") .
+ " | " . $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=commitdiff;h=$commit")}, "commitdiff") .
" | \n" .
"";
}
if ($#revlist >= (100 * ($page+1)-1)) {
print "\n" .
"" .
- $cgi->a({-href => esc_url("$my_uri?p=$project;a=shortlog;h=$hash;pg=" . ($page+1)), -title => "Alt-n"}, "next") .
+ $cgi->a({-href => "$my_uri?" . esc_param("p=$project;a=shortlog;h=$hash;pg=" . ($page+1)), -title => "Alt-n"}, "next") .
" | \n" .
"
\n";
}