mirror of
https://github.com/webmin/webmin.git
synced 2026-02-19 13:02:34 +00:00
b593501cff
All $err type error messages in HTML are safely escaped now.
URL-encoding in links:
I have implemented urlize() in all places where user input ($in{'device'}, $in{'slice'}, $in{'part'}) was included in the URL (footer/redirect/other link), e.g. edit_slice.cgi?device=...&slice=....
Affected files include: create_part.cgi, create_slice.cgi, delete_part.cgi, delete_slice.cgi, change_slice_label.cgi, part_form.cgi, slice_form.cgi, edit_slice.cgi, edit_part.cgi, fsck.cgi, newfs.cgi, newfs_form.cgi, save_part.cgi, save_slice.cgi, save_slice_label.cgi, zfs_create.cgi, zvol_create.cgi.
68 lines
2.1 KiB
Perl
Executable File
68 lines
2.1 KiB
Perl
Executable File
#!/usr/local/bin/perl
|
|
# Delete a slice, after asking for confirmation
|
|
|
|
use strict;
|
|
use warnings;
|
|
no warnings 'redefine';
|
|
no warnings 'uninitialized';
|
|
require './bsdfdisk-lib.pl';
|
|
our ( %in, %text, $module_name );
|
|
&ReadParse();
|
|
|
|
# Get the disk and slice
|
|
my @disks = &list_disks_partitions();
|
|
$in{'device'} =~ /^[a-zA-Z0-9_\/.-]+$/
|
|
or &error( $text{'disk_edevice'} || 'Invalid device' );
|
|
$in{'device'} !~ /\.\./ or &error( $text{'disk_edevice'} || 'Invalid device' );
|
|
$in{'slice'} =~ /^\d+$/ or &error( $text{'slice_egone'} );
|
|
my ($disk) = grep { $_->{'device'} eq $in{'device'} } @disks;
|
|
$disk || &error( $text{'disk_egone'} );
|
|
my ($slice) = grep { $_->{'number'} eq $in{'slice'} } @{ $disk->{'slices'} };
|
|
$slice || &error( $text{'slice_egone'} );
|
|
|
|
&ui_print_header( $slice->{'desc'}, $text{'dslice_title'}, "" );
|
|
|
|
if ( $in{'confirm'} ) {
|
|
|
|
# Delete it
|
|
print &text( 'dslice_deleting', &html_escape( $slice->{'desc'} ) ), "<p>\n";
|
|
my $err = &delete_slice( $disk, $slice );
|
|
if ($err) {
|
|
print &text( 'dslice_failed', &html_escape($err) ), "<p>\n";
|
|
}
|
|
else {
|
|
print $text{'dslice_done'}, "<p>\n";
|
|
&webmin_log( "delete", "slice", $slice->{'device'}, $slice );
|
|
}
|
|
}
|
|
else {
|
|
# Ask first
|
|
my @warn;
|
|
my @st = &fdisk::device_status( $slice->{'device'} );
|
|
if (@st) {
|
|
push( @warn, &fdisk::device_status_link(@st) );
|
|
}
|
|
foreach my $p ( @{ $slice->{'parts'} } ) {
|
|
my @st = &fdisk::device_status( $p->{'device'} );
|
|
if (@st) {
|
|
push( @warn, &fdisk::device_status_link(@st) );
|
|
}
|
|
}
|
|
print &ui_confirmation_form(
|
|
"delete_slice.cgi",
|
|
&text(
|
|
'dslice_rusure',
|
|
"<tt>" . &html_escape( $slice->{'device'} ) . "</tt>"
|
|
),
|
|
[ [ "device", $in{'device'} ], [ "slice", $in{'slice'} ] ],
|
|
[ [ "confirm", $text{'dslice_confirm'} ] ],
|
|
undef,
|
|
@warn
|
|
? &text( 'dslice_warn', &html_escape( join( " ", @warn ) ) )
|
|
: undef
|
|
);
|
|
}
|
|
|
|
my $url_device = &urlize( $in{'device'} );
|
|
&ui_print_footer( "edit_disk.cgi?device=$url_device", $text{'disk_return'} );
|