/*
* Format the given command into a buffer, returning the resulting string.
*
* It is too dangerous to leave any URL that may come along unquoted. They
* often contain '&', ';', and '?' chars, and who knows what else may occur.
* Prevent spoofing of the shell. Dunno how this needs to be modified for VMS
* or DOS. - kw
*/
PRIVATE char *format_command ARGS2(
char *, command,
char *, param)
{
char *cmdbuf = NULL;
#if defined(WIN_EX)
if (*param != '\"' && strchr(param, ' ') != NULL) {
char *cp = quote_pathname(param);
format(&cmdbuf, command, cp);
FREE(cp);
} else {
char pram_string[LY_MAXPATH];
LYstrncpy(pram_string, param, sizeof(pram_string)-1);
decode_string(pram_string);
param = pram_string;
if (isMAILTO_URL(param)) {
format(&cmdbuf, command, param + 7);
} else if (strnicmp("telnet://", param, 9) == 0) {
char host[sizeof(pram_string)];
int last_pos;
strcpy(host, param + 9);
last_pos = strlen(host) - 1;
if (last_pos > 1 && host[last_pos] == '/')
host[last_pos] = '\0';
format(&cmdbuf, command, host);
} else if (strnicmp("file://localhost/", param, 17) == 0) {
char e_buff[LY_MAXPATH], *p;
p = param + 17;
*e_buff = 0;
if (strchr(p, ':') == NULL) {
sprintf(e_buff, "%.3s/", windows_drive);
}
strncat(e_buff, p, sizeof(e_buff) - strlen(e_buff) - 1);
p = strrchr(e_buff, '.');
if (p) {
trimPoundSelector(p);
}
/* Less ==> short filename with backslashes,
* less ==> long filename with forward slashes, may be quoted
*/
if (ISUPPER(command[0])) {
format(&cmdbuf,
command, HTDOS_short_name(e_buff));
} else {
if (*e_buff != '\"' && strchr(e_buff, ' ') != NULL) {
p = quote_pathname(e_buff);
LYstrncpy(e_buff, p, sizeof(e_buff)-1);
FREE(p);
}
format(&cmdbuf, command, e_buff);
}
} else {
format(&cmdbuf, command, param);
}
}
#else
format(&cmdbuf, command, param);
#endif
return cmdbuf;
}
/*
* Format the given command into a buffer, returning the resulting string.
*
* It is too dangerous to leave any URL that may come along unquoted. They
* often contain '&', ';', and '?' chars, and who knows what else may occur.
* Prevent spoofing of the shell. Dunno how this needs to be modified for VMS
* or DOS. - kw
*/
static char *format_command(char *command,
char *param)
{
char *cmdbuf = NULL;
#if defined(WIN_EX)
char pram_string[LY_MAXPATH];
char *escaped = NULL;
if (strncasecomp("file://localhost/", param, 17) == 0) {
/* decode local path parameter for programs to be
able to interpret - TH */
LYStrNCpy(pram_string, param, sizeof(pram_string) - 1);
decode_string(pram_string);
param = pram_string;
} else {
/* encode or escape URL parameter - TH */
escaped = escapeParameter(param);
param = escaped;
}
if (isMAILTO_URL(param)) {
format(&cmdbuf, command, param + 7);
} else if (strncasecomp("telnet://", param, 9) == 0) {
char host[sizeof(pram_string)];
int last_pos;
LYStrNCpy(host, param + 9, sizeof(host));
last_pos = (int) strlen(host) - 1;
if (last_pos > 1 && host[last_pos] == '/')
host[last_pos] = '\0';
format(&cmdbuf, command, host);
} else if (strncasecomp("file://localhost/", param, 17) == 0) {
char e_buff[LY_MAXPATH], *p;
p = param + 17;
delete_danger_characters(p);
*e_buff = 0;
if (StrChr(p, ':') == NULL) {
sprintf(e_buff, "%.3s/", windows_drive);
}
strncat(e_buff, p, sizeof(e_buff) - strlen(e_buff) - 1);
p = strrchr(e_buff, '.');
if (p) {
trimPoundSelector(p);
}
/* Less ==> short filename with backslashes,
* less ==> long filename with forward slashes, may be quoted
*/
if (ISUPPER(command[0])) {
char *short_name = HTDOS_short_name(e_buff);
p = quote_pathname(short_name);
format(&cmdbuf, command, p);
FREE(p);
} else {
p = quote_pathname(e_buff);
format(&cmdbuf, command, p);
FREE(p);
}
} else {
format(&cmdbuf, command, param);
}
FREE(escaped);
#else
format(&cmdbuf, command, param);
#endif
return cmdbuf;
}
