From: mitty Date: Sat, 6 Feb 2010 01:07:01 +0000 (+0000) Subject: * CR+LF -> LF only X-Git-Tag: r89-trunk~50 X-Git-Url: http://lab.mitty.jp/git/?a=commitdiff_plain;h=fdebc6dabb5b3f761282609f5be864ba4b039e74;p=lab.git * CR+LF -> LF only git-svn-id: https://lab.mitty.jp/svn/lab/trunk@31 7d2118f6-f56c-43e7-95a2-4bb3031d96e7 --- diff --git a/snuploader/uploader.cgi b/snuploader/uploader.cgi index aa2993e..9e8554d 100644 --- a/snuploader/uploader.cgi +++ b/snuploader/uploader.cgi @@ -1,1078 +1,1078 @@ -#!/usr/bin/perl -use vars qw(%set %in); -use strict; -$set{'log_file'} = './log.cgi'; #ƒƒOƒtƒ@ƒCƒ‹–¼ -$set{'max_log'} = 30; #•ÛŽŒ” -$set{'max_size'} = 1*1024; #Å‘å“Še—e—Ê(KB) -$set{'min_flag'} = 0; #Å¬—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 -$set{'min_size'} = 100; #Å¬“Še—e—Ê(KB) -$set{'max_all_flag'} = 0; #‘—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 -$set{'max_all_size'} = 20*1024; #‘§ŒÀ—e—Ê(KB) -$set{'file_pre'} = 'up'; #ƒtƒ@ƒCƒ‹Ú“ªŽ« -$set{'pagelog'} = 10; #1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹” -$set{'base_html'} = 'upload.html'; #1ƒy[ƒW–ڂ̃tƒ@ƒCƒ‹–¼ -$set{'interval'} = 0; #“¯ˆêIP“ŠeŠÔŠu•b” -$set{'deny_host'} = ''; #“Še‹ÖŽ~IP/HOST ,‚Å‹æØ‚é ex.(bbtec.net,219.119.66,ac.jp) -$set{'admin_name'} = 'admin'; #ŠÇ—ŽÒƒƒOƒCƒ“ID -$set{'admin_pass'} = '1234'; #ŠÇ—ŽÒƒpƒXƒ[ƒh - -# ˆÈ‰º5€–Ú‚ðÄÝ’è‚·‚éÛ‚É‚ÍPATHCƒfƒBƒŒƒNƒgƒŠ‚Í / ‚ŏI‚í‚邱‚Æ -# $set{'html_dir'},$set{'base_cgi'}‚ð ./ ˆÈŠO‚ɐݒ肷‚éê‡, -# ‚Ü‚½‚ÍDLkey‚ðŽg—p‚µ ‚È‚¨‚©‚ÂHTMLƒLƒƒƒbƒVƒ…($set{'dummy_html'} = 2 or 3)‚ðŽg—p‚·‚éê‡‚Í -# $set{'base_cgi'} , $set{'http_html_path'} , $set{'http_src_path'} ‚ðƒtƒ‹ƒpƒX(http://`` or /``)‚Å‹Lq‚·‚é -$set{'html_dir'} = './'; # “à•”HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ -$set{'src_dir'} = './src/'; # “à•”ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ -$set{'base_cgi'} = './upload.cgi'; # ‚±‚̃XƒNƒŠƒvƒg–¼ http://`‚ÌŽw’è‰Â”\ -$set{'http_html_path'} = './'; # htmlŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ -$set{'http_src_path'} = './src/'; # fileŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ - -$set{'dlkey'} = 0; # DLKey‚ðŽg—p‚·‚é=1,DLkey•K{=2 -$set{'up_ext'} = 'txt,lzh,zip,rar,gca,mpg,mp3,avi,swf,bmp,jpg,gif,png'; #ƒAƒbƒvƒ[ƒh‚Å‚«‚éŠî–{Šg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é -$set{'up_all'} = 0; #“o˜^ˆÈŠO‚Ì‚à‚Ì‚àUP‚³‚¹‚ç‚ê‚é‚悤‚É‚·‚é=1 -$set{'ext_org'} = 0; #$set{'up_all'}‚ª1‚ÌŽžƒIƒŠƒWƒiƒ‹‚ÌŠg’£Žq‚É‚·‚é=1 -$set{'deny_ext'} = 'php,php3,phtml,rb,sh,bat,dll'; #“Še‹ÖŽ~‚ÌŠg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é -$set{'change_ext'} = 'cgi->txt,pl->txt,log->txt,jpeg->jpg,mpeg->mpg'; #Šg’£Žq•ÏŠ· ‘O->Œã ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é - -$set{'home_url'} = ''; #[HOME]‚̃Šƒ“ƒNæ ‘Š‘΃pƒX–”‚Í http://‚©‚çŽn‚Ü‚éâ‘΃pƒX -$set{'html_all'} = 1; #[ALL]‚ðo‚·=1 -$set{'dummy_html'} = 0; #ƒtƒ@ƒCƒ‹ŒÂ•ÊHTML‚ðì¬‚·‚é ’Êíƒtƒ@ƒCƒ‹‚Ì‚Ý=1,DLKeyÝ’èƒtƒ@ƒCƒ‹‚Ì‚Ý=2,‚·‚ׂÄ=3 -$set{'find_crypt'} = 1; #ˆÃ†‰»ZIP‚ðŒŸo‚·‚é=1 -$set{'binary_compare'} = 0; #Šù‘¶ƒtƒ@ƒCƒ‹‚ƃoƒCƒiƒŠ”äŠr‚·‚é=1 -$set{'post_flag'} = 0; #PostKey‚ðŽg—p‚·‚é=1 -$set{'post_key'} = 'postkey'; #PostKey ,‚Å‹æØ‚é‚Æ•¡”Žw’è ex.(postkey1,postkey2) -$set{'disp_error'} = 1; #ƒ†[ƒU[‚ɃGƒ‰[‚ð•\Ž¦‚·‚é=1 -$set{'error_level'} = 1; #ƒGƒ‰[ƒƒO‚ð‹L˜^‚·‚é=1 -$set{'error_log'} = './error.cgi'; #ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹–¼ -$set{'error_size'} = 1024; # ƒGƒ‰[ƒƒOÅ‘å—e—Ê(KB) §ŒÀ‚È‚µ=0 -$set{'zero_clear'} = 1; #ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚ç‚È‚¢ê‡ƒƒO‚©‚çíœ‚·‚é=1 - -$set{'disp_comment'} = 1; #ƒRƒƒ“ƒg‚ð•\Ž¦‚·‚é=1 -$set{'disp_date'} = 1; #“ú•t‚ð•\Ž¦‚·‚é=1 -$set{'disp_size'} = 1; #ƒTƒCƒY‚ð•\Ž¦‚·‚é=1 -$set{'disp_mime'} = 1; #MIMETYPE‚ð•\Ž¦‚·‚é=1 -$set{'disp_orgname'} = 1; #ƒIƒŠƒWƒiƒ‹ƒtƒ@ƒCƒ‹–¼‚ð•\Ž¦‚·‚é=1 - -$set{'per_upfile'} = 0666; #ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0604,other=0666 -$set{'per_dir'} = 0777; #ƒ\[ƒXƒAƒbƒvƒfƒBƒŒƒNƒgƒŠ‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0701,other=0777 -$set{'per_logfile'} = 0666; #ƒƒOƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“@suexec=0600,other=0666 -$set{'link_target'} = ''; #target‘®« - -#------ -$set{'ver'} = '2005/10/10e'; -$set{'char_delname'} = 'D'; - -$in{'time'} = time(); $in{'date'} = conv_date($in{'time'}); -$in{'addr'} = $ENV{'REMOTE_ADDR'}; -$in{'host'} = gethostbyaddr(pack('C4',split(/\./, $in{'addr'})), 2) || $ENV{'REMOTE_HOST'} || '(none)'; - -if($in{'addr'} eq $in{'host'}){ $in{'host'} = '(none)'; } - -$set{'html_head'} =<<"EOM"; - - - - - - - - - -Uploader -EOM - -$set{'html_css'} =<<"EOM"; - - -EOM - -unless(-e $set{'log_file'}){ &init; } -unless(-e $set{'base_html'}){ &makehtml; } -{ #ƒfƒR[ƒh - my $readbuffsize = 1024*8; - if ($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ - if ($ENV{'CONTENT_LENGTH'} > ($set{'max_size'} * 1024 + 1024)){ if($ENV{'SERVER_SOFTWARE'} =~ /IIS/){ while(read(STDIN,my $buff,$readbuffsize)){} } &error(106,$ENV{'CONTENT_LENGTH'});} - }else{ - if ($ENV{'CONTENT_LENGTH'} > 1024*100){ error(98); } - } - my %ck; foreach(split(/;/,$ENV{'HTTP_COOKIE'})){ my($key,$val) = split(/=/); $key =~ s/\s//g; $ck{$key} = $val;} - my @ck = split(/<>/,$ck{'SN_USER'}); - if(length($ck[0]) < 5){ - my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; - my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; - $in{'user'} = crypt($in{'addr'}.$in{'time'}, $salt); - }else{ $in{'user'} = $ck[0]; } - - if($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ - my %FORM; my $subbuff; my $filename; my $valuename; - my $upflag; my $valueflag; my $bound; my $mime; - my $readlength = 0; - my $random = int(rand(900000)) + 100000; - my $endflag = 0; - binmode(STDIN); - while(){ $readlength += length($_); if(/(--.*)\r\n$/){ $bound = $1; last; }} - if(-e "$set{'src_dir'}$random.temporary"){ $random++; } - if(-e "$set{'src_dir'}$random.temporary"){ $random++; } - if(-e "$set{'src_dir'}$random.temporary"){ &error(204); } - - open(OUT,">$set{'src_dir'}$random.temporary"); - binmode(OUT); - my $formbuff; - while(my $buff = ){ - $readlength += length($buff); - if($upflag == 1){ if($buff =~ /Content-Type:\s(.*)\r\n$/i){ $mime = $1; } $upflag++; next;} - if($upflag == 2){ - while(1){ - my $readblen; my $filebuff; - if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; } - else{ $readblen = $readbuffsize; } - if(!read(STDIN,$filebuff,$readblen)){ last }; - $readlength += length($filebuff); - if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ - my $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; - read(STDIN,my $subbuff,$readblen); - $readlength += length($subbuff); - $filebuff .= $subbuff; - $endflag = 1; - } - my $offset = index($filebuff,$bound); - if($offset >= 0){ - $buff = substr($filebuff,0,$offset-2); my $subbuff = substr($filebuff,$offset); - print OUT $buff; $upflag = 0; $formbuff .= $subbuff; last; - }else{ print OUT $filebuff; } - } - if($endflag){ last; } - next; - } - if($buff =~ /^Content-Disposition:\sform-data;\sname=\"upfile\";\sfilename=\"(.*)\"\r\n$/i){ - $filename = $1; $upflag = 1; next; - } - $formbuff .= $buff; - } - close(OUT); - chmod($set{'per_upfile'},"$set{'src_dir'}$random.temporary"); - { my $value; - foreach my $buff(split(/\r\n/,$formbuff)){ - $buff .= "\r\n"; - if($buff =~ /^$bound\-\-/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; last;} - if($buff =~ /^$bound/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; next;} - if($valueflag == 1){ $valueflag++; next; } - if($valueflag == 2){ $FORM{$value} .= $buff; } - if($buff =~ /^Content-Disposition: form-data; name=\"(.+)\"\r\n$/){ $value = $1; $valueflag++; } - } - } - if($upflag || $valueflag){ unlink("$set{'src_dir'}$random.temporary"); &error(108);} - - $in{'org_pass'} = $in{'pass'} = $FORM{'pass'}; - $in{'dlkey'} = $FORM{'dlkey'}; - $in{'comment'} = $FORM{'comment'}; - $in{'jcode'} = $FORM{'jcode'}; - $in{'postkey'} = $FORM{'postkey'}; - $in{'upfile'} = $filename; - $in{'type'} = $mime; - $in{'tmpfile'} = "$set{'src_dir'}$random.temporary"; - $in{'orgname'} = $in{'upfile'}; - if(-s "$in{'tmpfile'}" == 0){ unlink("$in{'tmpfile'}"); &error(99) } - if($set{'min_flag'} && ((-s "$in{'tmpfile'}") < $set{'min_size'} * 1024)){ &error(107,(-s "$in{'tmpfile'}"));} - if((-s "$in{'tmpfile'}") > $set{'max_size'} * 1024){ &error(106,(-s "$in{'tmpfile'}"));} - if($set{'post_flag'} && !check_postkey($in{'postkey'})){ &error(109); } - if($set{'dlkey'} == 2 && !$in{'dlkey'}){ unlink("$in{'tmpfile'}"); &error(61); } - }else{ - my ($buffer,%FORM,@admin_delno); - if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});} - else { $buffer = $ENV{'QUERY_STRING'}; } - my @pairs = split(/&/,$buffer); - foreach my $pair (@pairs) { - my ($name, $value) = split(/=/, $pair); - $value =~ tr/+/ /; - $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; - if($name eq 'admin_delno'){ - push(@admin_delno,$value); - }else{ - $FORM{$name} = $value; - } - } - $in{'delpass'} = $FORM{'delpass'}; - $in{'delno'} = $FORM{'delno'}; - $in{'file'} = $FORM{'file'}; - $in{'dlkey'} = $FORM{'dlkey'}; - $in{'mode'} = $FORM{'mode'}; - $in{'checkmode'} = $FORM{'checkmode'}; - $in{'admin_delno'} = join(',',@admin_delno); - if($in{'delno'} eq $set{'admin_name'} && $in{'delpass'} eq $set{'admin_pass'}){ &admin_mode(); } - if(!$in{'delno'} && $in{'delpass'} eq $set{'admin_pass'}){ &makehtml; &quit; } - } - - my @denyhost = split(/,/,$set{'deny_host'}); - foreach my $value (@denyhost){ - if ($in{'addr'} =~ /$value/ || $in{'host'} =~ /$value/){ &error(101);} - } - - my @form = ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}); - foreach my $value (@form) { - if (length($value) > 128) { $value = substr($value,0,128).'...'; } -# $value =~ s/&/&/g; - $value =~ s/"/"/g; - $value =~ s//>/g; - $value =~ s/\r//g; - $value =~ s/\n//g; - $value =~ s/\t//g; - $value =~ s/\0//g; - } - ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}) = @form; -} - - -if($in{'mode'} eq 'delete'){ &delete(); &quit(); } -if($in{'mode'} eq 'dl'){ &dlfile;} #DL -if(!$in{'upfile'}){ &error(99); } - -{#ƒƒCƒ“ˆ— - - open(IN,$set{'log_file'})||&error(303); - my @log = ; - close(IN); - my ($no,$lastip,$lasttime) = split(/<>/,$log[0]); - - if($set{'interval'} && $in{'time'} <= ($lasttime + $set{'interval'}) && $in{'addr'} eq $lastip){ &error(203);} - $in{'ext'} = extfind($in{'orgname'}); if(!$in{'ext'}){ &error(202); } - - my $orgname; - if(split(/\//,$in{'orgname'}) > split(/\\/,$in{'orgname'})){ my @name = split(/\//,$in{'orgname'}); $orgname = $name[$#name]; } - else{ my @name = split(/\\/,$in{'orgname'}); $orgname = $name[$#name];} - - my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); - srand; - my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; - $in{'pass'} = crypt($in{'pass'}, $salt); - - if($set{'binary_compare'}){ - my @files = globfile("$set{'src_dir'}",".*"); - my @dir = globdir("$set{'src_dir'}",".*"); - foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } - foreach my $value (@files){ - next if($value =~ /\.temporary$/); - if(binarycmp($in{'tmpfile'},$value)){ unlink($in{'tmpfile'}); &error(205,$value);} - } - } - - if($set{'find_crypt'}){ - open(FILE,$in{'tmpfile'}); binmode(FILE); seek(FILE,0,0); read(FILE,my $buff,4); my $crypt_flag = 0; - if($buff =~ /^\x50\x4b\x03\x04$/){ seek(FILE,6,0); read(FILE,my $buff,1); $crypt_flag = 1 if(($buff & "\x01") eq "\x01"); } - close(FILE); - $in{'comment'} = '*'.$in{'comment'} if($crypt_flag); - } - - open(IN,$set{'log_file'})||&error(303); - @log = ; - close(IN); - ($no,$lastip,$lasttime) = split(/<>/,$log[0]); - shift(@log); - $no++; - my $tmpno = sprintf("%04d",$no); - - my $dlsalt; - my $filedir; - my $allsize = (-s $in{'tmpfile'}); - - if($set{'dlkey'} && $in{'dlkey'}){ - my @salt = ('a'..'z', 'A'..'Z', '0'..'9'); srand; - for (my $c = 1; $c <= 20; ++$c) { $dlsalt .= $salt[int(rand(@salt))]; } - $filedir = "$set{'src_dir'}$set{'file_pre'}${tmpno}.$in{'ext'}_$dlsalt/"; - mkdir($filedir,$set{'per_dir'}); - rename("$in{'tmpfile'}","$filedir$set{'file_pre'}$tmpno.$in{'ext'}"); - open(OUT,">${filedir}index.html"); - close(OUT); - chmod($set{'per_upfile'},"${filedir}index.html"); - $in{'comment'} = '[DLKey] '.$in{'comment'}; - }else{ - undef $in{'dlkey'}; - rename("$in{'tmpfile'}","$set{'src_dir'}$set{'file_pre'}$tmpno.$in{'ext'}"); - } - - if (length($orgname) > 128) { $orgname = substr($orgname,0,128).'...'; } - - my @note; - if($set{'post_flag'} && $set{'post_key'}){ - push(@note,'PostKey:'.$in{'postkey'}); - } - if($ENV{'SERVER_SOFTWARE'} =~ /Apache|IIS/){ - my $disptime; - my $time = time() - $in{'time'}; - my @str = ('Upload:','•b'); - my $disptime = $time.$str[1]; - push(@note,$str[0].$disptime); - } - if($in{'dlkey'}){ - my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; - my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; - my $crypt_dlkey = crypt($in{'dlkey'}, $salt); - push(@note,"DLKey"); - } - my $note = join(',',@note); - my $usersalt = substr($in{'user'},0,2); - my $userid = crypt($in{'user'},$usersalt); - $in{'time'} = time(); -# $in{'date'} = conv_date(time()); - my @new; - $new[0] = "$no<>$in{'addr'}<>$in{'time'}<>1\n"; - my $addlog = "$no<>$in{'ext'}<>$in{'date'}<>$in{'comment'}<>$in{'type'}<>$orgname<>$in{'addr'}<>$in{'host'}<>$in{'pass'},$userid<>$set{'file_pre'}<>$note<>1\n"; - $new[1] = $addlog; - -# open(OUT,">>./alllog.cgi"); print OUT $addlog; close(OUT); - - my $i = 2; - - foreach my $value (@log){ - my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); - if(!$dummy){ $filepre = $set{'file_pre'};} - $no = sprintf("%04d",$no); - - my $filename; - my $filedir; - if($note =~ /DLpath:(.+)\s/){ - my $dlpath = $1; - $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; - $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; - }else{ - $filename = "$set{'src_dir'}$filepre$no.$ext"; - } - $allsize += (-s $filename); - - if($i <= $set{'max_log'} && !($set{'max_all_flag'} && $set{'max_all_size'}*1024 < $allsize)){ - if((-e $filename)||!$set{'zero_clear'}){ push(@new,$value); $i++; } - }else{ - if(unlink($filename)){ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); - }elsif(unlink($filename)){ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); - }elsif(-e $filename){ - push(@new,$value); - }else{ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); - } - } - } - logwrite(@new); - if($in{'dlkey'} && ( $set{'dummy_html'} == 2 || $set{'dummy_html'} == 3)){ - &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}",$in{'comment'},"$set{'file_pre'}$tmpno.$in{'ext'}",$dlsalt,$in{'date'},$in{'type'},$orgname,$no); - }elsif(!$in{'dlkey'} && ($set{'dummy_html'} == 1 || $set{'dummy_html'} == 3)){ - &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}"); - } - &makehtml(); &quit(); -} - -sub makehtml{ - - my ($buff,$init,$postval,$dlkey); - my $page = 0; my $i = 1; - - open(IN,$set{'log_file'})||&error(303); - my $log = my @log = ; - close(IN); - - if($log == 1){ $log++; $init++;} - my $lastpage = int(($log - 2)/$set{'pagelog'}) + 1; - $postval = ' obj.postkey.value = unescape(p[1]);' if($set{'post_flag'}); - my $header =<<"EOM"; -$set{'html_head'} - -$set{'html_css'} - -
Uploader
-

-Now.. Testing.. -

-EOM - my $maxsize = 'Max '.dispsize($set{'max_size'}*1024); - my ($minsize,$total); - if($set{'min_flag'}){ $minsize = 'Min '.dispsize($set{'min_size'}*1024).' - '; } - if($set{'max_all_flag'}){ $total .= ' Total '.dispsize($set{'max_all_size'}*1024);} - $header .= qq|
FILE $minsize$maxsize (*$set{'max_log'}Files$total)
|; - $header .=''; - $header .= ' DLKey: ' if($set{'dlkey'}); - $header .= ' -DELKey:
-COMMENT
- - -
-'; - if($set{'post_flag'}){ $header .= 'PostKey
'; } - $header .= '
'; - - my $allsize = 0; - my @files = globfile("$set{'src_dir'}",".*"); - my @dir = globdir("$set{'src_dir'}",".*"); - foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } - foreach my $value (@files){ $allsize += (-s "$value"); } - - $allsize = dispsize($allsize); - - my $footer = "
Used ${allsize}\n
"; - if($set{'up_all'} && !$set{'ext_org'}){ $footer .= $set{'up_ext'}.' +'; } - elsif(!$set{'up_all'}){ $footer .= $set{'up_ext'}; } - $footer .= "\n
No. key
\n"; - $footer .= "
\n\n"; - - my $info_title = "\n"; - if($set{'disp_comment'}){ $info_title .= ""; } if($set{'disp_size'}){ $info_title .= ""; } if($set{'disp_date'}){ $info_title .= ""; } - if($set{'disp_mime'}){ $info_title .= ""; } if($set{'disp_orgname'}){ $info_title .= ""; } - $info_title .= "\n"; - - my $home_url_link; - if($set{'home_url'}){ $home_url_link = qq|[HOME] |;} - if($set{'html_all'}){ - my $buff; my $no = 1; my $time = time; my $subheader; - foreach my $value (@log){ - my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$dummy) = split(/<>/,$value); - if(!$dummy){ next; } - $buff .= makeitem($value); - } - $subheader .= "[ALL] "; - while($no <= $lastpage){ - if($no == $page) { $subheader .= "\[$no\] ";} - else{ if($no == 1){ $subheader .= "\[$no\] "} - else{$subheader .= "\[$no\] ";} } - $no++; - } - $subheader .= $info_title; - open(OUT,">$set{'html_dir'}all.html")||&error(306,"$set{'html_dir'}all.html"); - print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; - close(OUT); - chmod($set{'per_upfile'},"$set{'html_dir'}all.html"); - }else{ unlink("$set{'html_dir'}all.html"); } - - while($log > $i){ - $buff .= makeitem($log[$i]) unless($init); - if(($i % $set{'pagelog'}) == 0||$i == $log -1){ - $page++; my $subheader; my $no = 1; my $time = time; - if($set{'html_all'}){ $subheader .= "[ALL] "; } - while($no <= $lastpage){ - if($no == $page) { $subheader .= "\[$no\] ";} - else{ if($no == 1){ $subheader .= "\[$no\] "} - else{$subheader .= "\[$no\] ";} - } - $no++; - } - $subheader .= $info_title; - my $loghtml; - if($page == 1){ $loghtml = "$set{'html_dir'}$set{'base_html'}"; } - else{ $loghtml = "$set{'html_dir'}$page.html"; } - - open(OUT,">$loghtml") || &error(306,"$loghtml"); - print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; - close(OUT); - chmod($set{'per_upfile'},$loghtml); - undef $buff; - } - $i++; - } - - while($page < 1000){ - $page ++; - if(-e "$set{'html_dir'}$page.html"){ unlink("$set{'html_dir'}$page.html"); }else{ last; } - } -} - -sub delete{ - my $mode = $_[0]; - my @delno = split(/,/,$_[1]); - my $delno; my $flag = 0; my $tmpaddr; - my $delnote; - - if($in{'delno'} =~ /(\d+)/){ $delno = $1; } - if($mode ne 'admin' && !$in{'delno'}){ return; } - elsif($mode ne 'admin' && !$delno){ &error(401,$in{'delno'}); } - - open(IN,$set{'log_file'})|| &error(303); - my @log = ; - close(IN); - - if($in{'addr'} =~ /(\d+).(\d+).(\d+).(\d+)/){ $tmpaddr = "$1.$2.$3."; } - my $findflag = 0; - foreach my $value (@log){ - my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); - $delnote = $note; - my $delflag = 0; - if(!$addr){ next; } - if($mode eq 'admin'){ - foreach my $delno (@delno){ if($no == $delno){ $delflag = 1; last; } } - }elsif($no == $delno){ - $findflag = 1; - unless ($addr =~ /^$tmpaddr/){ - my ($pass,$id) = split(/,/,$pass); - my $delpass = $in{'delpass'} || $in{'addr'}.time(); - my $salt = substr($pass, 0, 2); $delpass = crypt($delpass,$salt); - my $usersalt = substr($in{'user'},0,2); my $userid = crypt($in{'user'},$usersalt); - if ($in{'delpass'} ne $set{'admin_pass'} && $delpass ne $pass && $userid ne $id){ - if($mode ne 'admin'){ if(!$dummy){ $filepre = $set{'file_pre'};} $no = sprintf("%04d",$no); &error(404,"$filepre$no.$ext");} - } - } - $delflag = 1; - } - if($delflag){ -# open(OUT,">>./del.cgi"); print OUT $value; close(OUT); - $flag = 1; - if(!$dummy){ $filepre = $set{'file_pre'};} - $no = sprintf("%04d",$no); - my $filename; - my ($dlpath,$filedir); - if($delnote =~ /DLpath:(.+)\s/){ - $dlpath = $1; - $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; - $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; - }else{ - $filename = "$set{'src_dir'}$filepre$no.$ext"; - } - - if(unlink($filename)){ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; - }elsif(unlink($filename)){ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; - }elsif(!(-e $filename)){ - unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; - }else{ - if($mode ne 'admin'){ &error(403,"$filepre$no.$ext");} - } - } - } - if($mode ne 'admin' && !$findflag){ &error(402,$delno); } - if($flag){ - logwrite(@log); - &makehtml(); - } -} - - -sub quit{ - my ($cookiename,$buff); - my $flag = 0; - my @tmpfiles = globfile("$set{'src_dir'}","\.temporary"); - foreach my $value (@tmpfiles){ if((stat($value))[10] < time - 60*60){ unlink("$value"); $flag++; } } - &makehtml() if($flag); - $buff =<<"EOM"; -$set{'html_head'} -EOM - if($in{'jcode'} || $in{'mode'} eq 'delete'){ - $buff .=<<"EOM"; - - -\n|; - } - $buff .=<<"EOM"; - -

- -EOM - print "Content-type: text/html\n\n"; - print $buff; - exit; -} - -sub admin_mode{ - &errorclear() if($in{'mode'} eq 'errorclear'); - &delete('admin',$in{'admin_delno'}) if($in{'mode'} eq 'delete'); - - open(IN,$set{'log_file'})||error(303); - my @log = ; - close(IN); - - my ($header,$buff,$footer,$value); - $buff =<<"EOM"; -$set{'html_head'}$set{'html_css'} - -EOM - - $buff .= leaddisp(0,1,1).'
NAMECOMMENTSIZEDATEMIMEORIG
Upload Info
'; - $buff .= qq|
\n

\n|."\n\n"; - shift(@log); - foreach (@log){ $buff .= makeitem($_,'admin'); } - $buff .= '
DELNAMECOMMENTSIZEADDRHOSTDATENOTEMIMEORIG


'; - - if($set{'error_level'}){ - $buff .= leaddisp(-1,0,1).'
Error Info
'; - $buff .= qq|
|; - $buff .= "\n\n"; - if(open(IN,$set{'error_log'})){ @log = reverse(); close(IN); foreach (@log){ my ($date,$no,$note,$addr,$host) = split(/<>/); $buff .= "\n"; }} - $buff .= "
DATEADDRHOSTNOTE
$date$addr$host$note


\n"; - } - - $buff .= leaddisp(-1,-1,0); - $buff .= '
Setting Info
'."\n\n"; - $buff .= tablestr('ƒXƒNƒŠƒvƒgVer',$set{'ver'}); - $buff .= tablestr('ƒƒCƒ“ƒƒOƒtƒ@ƒCƒ‹',$set{'log_file'}); - if($set{'error_level'}){ - $buff .= tablestr('ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹',$set{'error_log'}); - if($set{'error_size'}){ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—Ê',dispsize($set{'error_size'}*1024).' '.($set{'error_size'}*1024).'Bytes'); } - else{ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—ʐ§ŒÀ','–³'); } - }else{ $buff .= tablestr('ƒGƒ‰[ƒƒO‹L˜^','–³'); } - $buff .= tablestr('•ÛŽŒ”',$set{'max_log'}); - $buff .= tablestr('Å‘å“Še—e—Ê',dispsize($set{'max_size'}*1024).' '.($set{'max_size'}*1024).'Bytes'); - - if($set{'min_flag'}){ $buff .= tablestr('Å¬§ŒÀ—e—Ê',dispsize($set{'min_size'}*1024).' '.($set{'min_size'}*1024).'Bytes'); } - else{ $buff .= tablestr('Å¬§ŒÀ—e—Ê',"–³"); } - if($set{'max_all_flag'}){ $buff .= tablestr('‘—e—ʐ§ŒÀ',dispsize($set{'max_all_size'}*1024).' '.($set{'max_all_size'}*1024).'Bytes'); } - else{ $buff .= tablestr('‘—e—ʐ§ŒÀ',"–³"); } - - $buff .= tablestr("ƒtƒ@ƒCƒ‹Ú“ªŽ«",$set{'file_pre'}); - $buff .= tablestr("HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'html_dir'}); - $buff .= tablestr("ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'src_dir'}); - if($set{'http_html_path'} && $set{'html_dir'} ne $set{'http_html_path'}){ $buff .= "\n";} - if($set{'http_src_path'} && $set{'src_dir'} ne $set{'http_src_path'}){ $buff .= "\n";} - $buff .= tablestr('1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹”',$set{'pagelog'}); - if($set{'interval'} > 0){ $value = $set{'interval'}.'•b'; }else{ $value = '–³'; } - $buff .= tablestr('“¯ˆêIP“ŠeŠÔŠu•b”§ŒÀ',$value); - if($set{'up_ext'}){ $set{'up_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‰Â”\Šî–{Šg’£Žq',$set{'up_ext'}); } - if($set{'deny_ext'}){ $set{'deny_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‹ÖŽ~Šg’£Žq',$set{'deny_ext'}); } - if($set{'change_ext'}){ $set{'change_ext'} =~ s/,/ /g; $set{'change_ext'} =~ s/>/>/g; $buff .= tablestr('Šg’£Žq•ÏŠ·',$set{'change_ext'}); } - - if($set{'up_all'}){ $buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','—L'); if($set{'ext_org'}){ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','ƒIƒŠƒWƒiƒ‹'); }else{ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','bin'); }} - else{$buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','–³');} - - if($set{'find_crypt'}){ $value = '—L'; }else{ $value = '–³';} - $buff .= tablestr('ˆÃ†‰»ƒA[ƒJƒCƒuŒŸo(ZIP)',$value); - if($set{'binary_compare'}){ $value = '—L'; }else{ $value = '–³';} - $buff .= tablestr('ƒoƒCƒiƒŠ”äŠr',$value); - if($set{'post_flag'}){ $value = '—L'; }else{ $value = '–³';} - $buff .= tablestr('PostKey“Še§ŒÀ',$value); - if($set{'dlkey'}){ if($set{'dlkey'} == 2){$value = '•K{'}else{$value = '”CˆÓ';}}else{ $value = '–³';} - $buff .= tablestr('DLkey',$value); - if($set{'dummy_html'}){ if($set{'dummy_html'} == 3){$value = 'ALL'}elsif($set{'dummy_html'} == 2){$value = 'DLKey‚Ì‚Ý';}else{$value = '’ʏíƒtƒ@ƒCƒ‹‚Ì‚Ý';}}else{ $value = '–³';} - $buff .= tablestr('ŒÂ•ÊHTMLƒLƒƒƒbƒVƒ…',$value); - if($set{'disp_error'}){ $value = '—L'; }else{ $value = '–³';} - $buff .= tablestr('ƒ†[ƒUƒGƒ‰[•\Ž¦',$value); - if($set{'zero_clear'}){ $value = '—L'; }else{ $value = '–³';} - $buff .= tablestr('íœÏƒtƒ@ƒCƒ‹ƒŠƒXƒgŽ©“®Á‹Ž',$value); - if($set{'home_url'}){ $buff .= "\n";} - - $buff .= '
HTTP_HTML_PATH$set{'http_html_path'}
HTTP_SRC_PATH$set{'http_src_path'}
HOMEURL$set{'home_url'}
'; - - print "Content-type: text/html\n\n"; - print $buff; - exit; -} - -sub extfind{ - my $orgname = @_[0]; - my @filename = split(/\./,$orgname); - my $ext = $filename[$#filename]; - $ext =~ tr/[A-Z]/[a-z]/; - foreach my $value (split(/,/,$set{'change_ext'})){ my ($src,$dst) = split(/->/,$value); if($ext eq $src){ $ext = $dst; last; }} - foreach my $value (split(/,/,$set{'deny_ext'})){ if($ext eq $value){ &error(206,$ext); }} - foreach my $value (split(/,/,$set{'up_ext'})){ if ($ext eq $value) { return $value; } } - if(length($ext) >= 5 || length($ext) == 0){ $ext = 'bin'; } - unless ($ext =~ /^[A-Za-z0-9]+$/){ $ext = 'bin'; } - if($set{'up_all'} && $set{'ext_org'}){ return $ext;} - elsif($set{'up_all'}){ return 'bin'; } - return 0; -} - - -sub conv_date{ - my @date = gmtime($_[0] + 9*60*60); - $date[5] -= 100; $date[4]++; - if ($date[5] < 10) { $date[5] = "0$date[5]" ; } if ($date[4] < 10) { $date[4] = "0$date[4]" ; } - if ($date[3] < 10) { $date[3] = "0$date[3]" ; } if ($date[2] < 10) { $date[2] = "0$date[2]" ; } - if ($date[1] < 10) { $date[1] = "0$date[1]" ; } if ($date[0] < 10) { $date[0] = "0$date[0]" ; } - my @w = ('Sun','Mon','Tue','Wed','Thu','Fri','Sat'); - return ("$date[5]/$date[4]/$date[3]($w[$date[6]]),$date[2]:$date[1]:$date[0]"); -} - -sub dispsize{ - my $size = $_[0]; - if($size >= 1024*1024*1024*100){ $size = int($size/1024/1024/1024).'GB';} - elsif($size >= 1024*1024*1024*10){ $size = sprintf("%.1fGB",$size/1024/1024/1024);} - elsif($size > 1024*1024*1024){ $size = sprintf("%.2fGB",$size/1024/1024/1024);} - elsif($size >= 1024*1024*100){ $size = int($size/1024/1024).'MB'; } - elsif($size > 1024*1024){ $size = sprintf("%.1fMB",$size/1024/1024); } - elsif($size > 1024){ $size = int($size/1024).'KB'; } - else{ $size = int($size).'B';} - return $size; -} - -sub makeitem{ - my ($src,$mode) = @_; my ($buff,$check,$target); - my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$src); - if(!$dummy){ $filepre = $set{'file_pre'}; } - my $orgno = $no; - $no = sprintf("%04d",$no); - my $size = 0; - my $dlpath = 0; - - if($note =~ /DLpath:(.+)\s/){ - $dlpath = $1; - $size = dispsize(-s "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"); - }else{ - $size = dispsize(-s "$set{'src_dir'}$filepre$no.$ext"); - } - - my $path = $set{'http_src_path'} || $set{'src_dir'}; - if($set{'link_target'}){ $target = qq| target="$set{'link_target'}"|; } - if($mode eq 'admin'){ - if($dlpath){ $path .= "$filepre$no.${ext}_$dlpath/"; } - if($addr eq $host){ undef $host; } - if($in{'checkmode'} eq 'allcheck'){$check = ' checked';} - $buff = "$filepre$no.$ext$comment$size$addr$host$date$note$mime$orgname\n"; - }else{ - my($d_com,$d_date,$d_size,$d_mime,$d_org); - if($set{'disp_comment'}){ $d_com = "$comment"; } if($set{'disp_size'}){ $d_size = "$size"; } if($set{'disp_date'}){ $d_date= "$date"; } - if($set{'disp_mime'}){ $d_mime = "$mime"; } if($set{'disp_orgname'}){ $d_org = "$orgname"; } - if(-e "$set{'src_dir'}$filepre$no.$ext.html"){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} - elsif($dlpath){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} - else{ $buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} - } - return $buff; -} - -sub makedummyhtml{ - my ($filename,$com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; - my $buff; - - if(!$no){ - $buff = "$filename"; - $buff .= qq|Download $filename|; - $buff .= ''; - }else{ - $buff = cryptfiledl($com,$file,$orgdlpath,$date,$mime,$orgname,$no); - } - - open(OUT,">$set{'src_dir'}$filename.html")||&error(307,"$set{'src_dir'}$filename.html"); - print OUT $buff; - close(OUT); - chmod($set{'per_upfile'},"$set{'src_dir'}$filename.html"); - return 1; -} - - -sub logwrite{ - my @log = @_; - open(OUT,"+>$set{'log_file'}")||&error(304); - eval{ flock(OUT, 2);}; - eval{ truncate(OUT, 0);}; - seek(OUT, 0, 0); - print OUT @log; - eval{ flock(OUT, 8);}; - close(OUT); - chmod($set{'per_upfile'},$set{'log_file'}); - return 1; -} - -sub binarycmp{ - my ($src,$dst) = @_; - return 0 if (-s $src != -s $dst); - open(SRC,$src)||return 0; open(DST,$dst)||return 0; - my ($buff,$buff2); - binmode(SRC); binmode(DST); seek(SRC,0,0); seek(DST,0,0); - while(read(SRC,$buff,8192)){ read(DST,$buff2,8192); if($buff ne $buff2){ close(SRC); close(DST); return 0; } } - close(SRC); close(DST); - return 1; -} - -sub init{ - my $buff; - if(open(OUT,">$set{'log_file'}")){ - print OUT "0<>0<>0<>1\n"; - close(OUT); - chmod($set{'per_logfile'},$set{'log_file'}); - }else{ - $buff = "ƒƒCƒ“ƒƒO‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; - } - - unless (-d "$set{'src_dir'}"){ - if(mkdir("$set{'src_dir'}",$set{'per_dir'})){ - chmod($set{'per_dir'},"$set{'src_dir'}"); - open(OUT,">$set{'src_dir'}index.html"); - close(OUT); - chmod($set{'per_upfile'},"$set{'src_dir'}index.html"); - }else{ - $buff .= "Source•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; - } - } - - unless (-d "$set{'html_dir'}"){ - if(mkdir("$set{'html_dir'}",$set{'per_dir'})){ - chmod($set{'per_dir'},"$set{'html_dir'}"); - }else{ - $buff .= "HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; - } - } - - if($buff){ - $buff .= "ƒfƒBƒŒƒNƒgƒŠ‚ɏ‘‚«ž‚ÝŒ ŒÀ‚ª‚ ‚é‚©Šm”F‚µ‚Ä‚­‚¾‚³‚¢"; - &error_disp($buff,'init'); - } -} - -sub check_postkey{ - my $inputkey = @_[0]; - my @key = split(/,/,$set{'post_key'}); - foreach my $key (@key){ if($inputkey eq $key){ return 1; } } - return 0; -} - -sub leaddisp{ - my @src = @_; - my ($str,$count); - foreach my $value (@src){ - my ($mark,$name,$link); $count++; - if($count == 1){ $name = 'Upload Info'; $link = 'up'; } - elsif($count == 2){ $name = 'Error Info'; $link = 'error'; next if(!$set{'error_level'}); } - elsif($count == 3){ $name = 'Setting Info'; $link = 'set'; } - if($value){ if($value > 0){ $mark = '¥'; }else{ $mark = '£'; } $str .= qq|${mark}${name} |; } - else{ $str .= qq|[$name] |; } - } - return $str; -} - -sub errorclear{ - open(OUT,">$set{'error_log'}")||return 0; - eval{ flock(OUT, 2);}; eval{ truncate(OUT, 0);}; seek(OUT, 0, 0); eval{ flock(OUT, 8);}; close(OUT); - chmod($set{'per_upfile'},$set{'log_file'}); - return 1; -} - -sub tablestr{ - my ($value1,$value2) = @_; - return ("$value1$value2\n"); -} - -sub globfile{ - my ($src_dir,$filename) = @_; - opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); - my @new = (); foreach my $value (@dir){ push(@new,"$src_dir$value") if($value =~ /$filename/ && !(-d "$src_dir$value")); } - return @new; -} - -sub globdir{ - my ($src_dir,$dir) = @_; - opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); - my @new = (); foreach my $value (@dir){ if($value eq '.' ||$value eq '..' ){ next; } push(@new,"$src_dir$value") if($value =~ /$dir/ && (-d "$src_dir$value")); } - return @new; -} - -sub error_disp{ - my ($message,$mode) = @_; - my $url; - if($mode eq 'init'){ $url = qq|[ƒŠƒ[ƒh]|; }else{ $url = qq|[–ß‚é]|; } - my $buff =<<"EOM"; -$set{'html_head'}$set{'html_css'} - -
- -$message - - -
$url
-

- - - - - -
DATE$in{'date'}
ADDR$in{'addr'}
HOST$in{'host'}
-
- -EOM - print "Content-type: text/html\n\n"; - print $buff; - exit; -} - -sub error{ - my ($no,$note) = @_; - if (length($note) > 64) { $note = substr($note,0,64).'...'; } - $note =~ s/&/&/g; $note =~ s/\"/"/g; $note =~ s//>/g; $note =~ s/\r//g; $note =~ s/\n//g; $note =~ s/\t//g; $note =~ s/\0//g; - my ($message,$dispmsg,$flag); - - if($no == 98){ $message = ""; } - elsif($no == 99){ $message = "UpFile‚È‚µ"; } - elsif($no == 101){ $message = "“Še‹ÖŽ~HOST"; } - elsif($no == 106){ $flag = 1; $message = "POSTƒTƒCƒY’´‰ß"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å‘å—e—ʐݒè('.dispsize($set{'max_size'}*1024).')‚ð‰z‚¦‚Ä‚¢‚Ü‚·';} - elsif($no == 107){ $flag = 1; $message = "POSTƒTƒCƒY‰ß¬"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å¬—e—ʐݒè('.dispsize($set{'min_size'}*1024).')–¢–ž‚Å‚·';} - elsif($no == 108){ $flag = 1; $message = "POSTƒf[ƒ^•sŠ®‘S"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTƒf[ƒ^‚ª•sŠ®‘S‚Å‚·';} - elsif($no == 109){ $flag = 1; $message = "POSTKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTKey‚ªˆê’v‚µ‚Ü‚¹‚ñ';} - elsif($no == 202){ $flag = 1; $message = "Šg’£Žq‡‚킸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“Še‚Å‚«‚éŠg’£Žq‚Í'.$set{'up_ext'}.'‚Å‚·';} - elsif($no == 203){ $flag = 1; $message = "“Še‘‚·‚¬"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêIPƒAƒhƒŒƒX‚©‚ç'.$set{'interval'}.'•bˆÈ“à‚ɍēŠe‚Å‚«‚Ü‚¹‚ñ';} - elsif($no == 204){ $flag = 1; $message = "ˆêŽžƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ˆêŽžƒtƒ@ƒCƒ‹‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} - elsif($no == 205){ $flag = 1; $message = "“¯ˆêƒtƒ@ƒCƒ‹‘¶Ý"; $note =~ /([^\/]+)$/; my $filename = $1; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêƒtƒ@ƒCƒ‹‚ª '.$filename.' ‚É‘¶Ý‚µ‚Ü‚·';} - elsif($no == 206){ $flag = 1; $message = "‹ÖŽ~Šg’£Žq"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½Šg’£Žq '.$note.' ‚̓Aƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ';} - elsif($no == 303){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɓǂݍž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} - elsif($no == 304){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɏ‘‚«ž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̏‘‚«ž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} - elsif($no == 306){ $message = "ƒtƒ@ƒCƒ‹ƒŠƒXƒgHTML‘‚«ž‚ß‚¸";} - elsif($no == 307){ $message = "ƒtƒ@ƒCƒ‹HTMLƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸";} - elsif($no == 401){ $flag = 1; $message = "íœNo.ŒŸo‚Å‚«‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çíœNo.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.'0774.zip‚̏ꍇ No.‚É‚Í 774 ‚ð“ü—Í‚µ‚Ü‚·';} - elsif($no == 402){ $flag = 1; $note = sprintf("%04d",int($note)); $message = "íœNo.‘¶Ý‚¹‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ';} - elsif($no == 403){ $flag = 1; $message = "íœƒAƒNƒZƒX‹‘”Û"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒtƒ@ƒCƒ‹íœðŒ‚Í–ž‚½‚µ‚Ä‚¢‚Ü‚·‚ª '.$note.' ‚̃tƒ@ƒCƒ‹‚̍폜‚ª‹‘”Û‚³‚ê‚Ü‚µ‚½ƒAƒNƒZƒX‚ª‰ßè‚ȏꍇ“™‚ÍŽžŠÔ‚ð’u‚¢‚čđ€ì‚·‚é‚ƍ폜‚Å‚«‚邱‚Æ‚ª‚ ‚è‚Ü‚·';} - elsif($no == 404){ $flag = 1; $message = "íœKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' íœKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½';} - - elsif($no == 51){ $flag = 1; $message = "[DLMode] No.Œ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çƒtƒ@ƒCƒ‹No.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'; } - elsif($no == 52){ $flag = 1; $message = "[DLMode] FileŒ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ'; } - elsif($no == 53){ $flag = 1; $message = "[DLMode] DLkey–¢Ý’è"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ª–¢Ý’è‚Å‚·'; } - elsif($no == 54){ $flag = 1; $message = "[DLMode] DLkey•sˆê’v"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½'; } - elsif($no == 55){ $flag = 1; $message = "[DLMode] File Oepn Error"; $dispmsg = '[DLMode] Open Error'.$note.' ƒtƒ@ƒCƒ‹‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½'; } - elsif($no == 56){ $flag = 1; $message = "[DLMode] File Not Found"; $dispmsg = '[DLMode] Not Found'.$note.' ƒtƒ@ƒCƒ‹‚ª‘¶Ý‚µ‚Ü‚¹‚ñ'; } - - elsif($no == 61){ $flag = 1; $message = "DLkey–¢Ý’è"; $dispmsg = 'DLKey‚ª–¢Ý’è‚Å‚·'; } - - unlink($in{'tmpfile'}); - if($note){$message .= ' ';} - if($set{'error_level'} && $no > 100){ - unless(-e $set{'error_log'}){ - open(OUT,">$set{'error_log'}"); - close(OUT); - chmod($set{'per_logfile'},$set{'error_log'}); - } - if($set{'error_size'} && ((-s $set{'error_log'}) > $set{'error_size'} * 1024)){ - my $err_bkup = "$set{'error_log'}.bak.cgi"; - unlink($err_bkup); - rename($set{'error_log'},$err_bkup); - open(OUT,">$set{'error_log'}"); - close(OUT); - chmod($set{'per_logfile'},$set{'error_log'}); - } - open(OUT,">>$set{'error_log'}"); - print OUT "$in{'date'}<>$no<>$message$note<>$in{'addr'}<>$in{'host'}<>1\n"; - close(OUT); - } - &error_disp($dispmsg) if($flag && $set{'disp_error'}); - &quit(); -} - -sub dlfile{ - my $msg; - my ($orgdlkey,$orgdlpath); - my ($dlext,$dlfilepre); - my ($dl_date,$dl_comment,$dl_size,$dl_mime,,$dl_orgname); - my $dlno = 0; - my $findflag; - - open(IN,$set{'log_file'})||&error(303); - my @log = ; - close(IN); - shift(@log); - - if($in{'file'} =~ /(\d+)/){ $dlno = $1; } - if($dlno == 0) { &error(51,$in{'file'}); } - - foreach my $value (@log){ - my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); - my @note = split(/,/,$note); - if(int($dlno) == $no){ - $dl_comment = $comment; - $dl_mime = $mime; - $dl_date = $date; - $dl_orgname = $orgname; - $dlext = $ext; - $dlfilepre = $filepre; - foreach my $tmpnote (@note){ - if($tmpnote =~ /\!--\sDLKey:(.+)\s--.*\!--\sDLpath:(.+)\s--/){ - $orgdlkey = $1; - $orgdlpath = $2; - last; - } - } - $findflag = 1; - last; - } - } - - my $dlfile = $dlfilepre.sprintf("%04d",int($dlno)).'.'.$dlext; - if(!(-e "$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile")){ &error(56,"$dlfile----$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile"); } - - if($in{'dlkey'}){ - my $dlsalt = substr($orgdlkey,0,2); - my $dlkey = crypt($in{'dlkey'},$dlsalt); - - if($findflag == 0){ &error(52,$dlfile); } - elsif(!$orgdlkey){ &error(53,$dlfile); } - elsif($orgdlkey ne $dlkey && $set{'admin_pass'} ne $in{'dlkey'}){ &error(54,$dlfile); } - #print "Location: $set{'http_src_path'}${dlfile}_$orgdlpath/$dlfile\n\n"; - my $buff =<<"EOM"; -$set{'html_head'}$set{'html_css'} - - - -
-
- - -
”ò‚΂Ȃ¢ê‡‚Í ‚±‚¿‚ç ‚©‚ç
-
- -EOM - print "Content-type: text/html\n\n"; - print $buff; - }else{ - my $buff = cryptfiledl($dl_comment,$dlfile,$orgdlpath,$dl_date,$dl_mime,$dl_orgname,$dlno); - print "Content-type: text/html\n\n"; - print $buff; - } - exit; -} - -sub cryptfiledl{ - my($com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; - my($d_com,$d_date,$d_size,$d_mime,$d_org); - - if($set{'disp_comment'}){ $d_com = "COMMENT$com"; } if($set{'disp_size'}){ $d_size = "SIZE".dispsize(-s "$set{'src_dir'}${file}_$orgdlpath/$file")." (".(-s "$set{'src_dir'}${file}_$orgdlpath/$file")."bytes)".""; } if($set{'disp_date'}){ $d_date= "DATE$date"; } - if($set{'disp_mime'}){ $d_mime = "ORGMIME$mime"; } if($set{'disp_orgname'}){ $d_org = "ORGNAME$orgname"; } - - my $buff =<<"EOM"; -$set{'html_head'}$set{'html_css'} - -
-
-$file ‚É‚ÍDLKey‚ªÝ’肳‚ê‚Ä‚¢‚Ü‚· - - - - -$d_com$d_date$d_size$d_mime$d_org - - - -
- - -
DLKey:
-
- -EOM - - return $buff; +#!/usr/bin/perl +use vars qw(%set %in); +use strict; +$set{'log_file'} = './log.cgi'; #ƒƒOƒtƒ@ƒCƒ‹–¼ +$set{'max_log'} = 30; #•ÛŽŒ” +$set{'max_size'} = 1*1024; #Å‘å“Še—e—Ê(KB) +$set{'min_flag'} = 0; #Å¬—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 +$set{'min_size'} = 100; #Å¬“Še—e—Ê(KB) +$set{'max_all_flag'} = 0; #‘—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 +$set{'max_all_size'} = 20*1024; #‘§ŒÀ—e—Ê(KB) +$set{'file_pre'} = 'up'; #ƒtƒ@ƒCƒ‹Ú“ªŽ« +$set{'pagelog'} = 10; #1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹” +$set{'base_html'} = 'upload.html'; #1ƒy[ƒW–ڂ̃tƒ@ƒCƒ‹–¼ +$set{'interval'} = 0; #“¯ˆêIP“ŠeŠÔŠu•b” +$set{'deny_host'} = ''; #“Še‹ÖŽ~IP/HOST ,‚Å‹æØ‚é ex.(bbtec.net,219.119.66,ac.jp) +$set{'admin_name'} = 'admin'; #ŠÇ—ŽÒƒƒOƒCƒ“ID +$set{'admin_pass'} = '1234'; #ŠÇ—ŽÒƒpƒXƒ[ƒh + +# ˆÈ‰º5€–Ú‚ðÄÝ’è‚·‚éÛ‚É‚ÍPATHCƒfƒBƒŒƒNƒgƒŠ‚Í / ‚ŏI‚í‚邱‚Æ +# $set{'html_dir'},$set{'base_cgi'}‚ð ./ ˆÈŠO‚ɐݒ肷‚éê‡, +# ‚Ü‚½‚ÍDLkey‚ðŽg—p‚µ ‚È‚¨‚©‚ÂHTMLƒLƒƒƒbƒVƒ…($set{'dummy_html'} = 2 or 3)‚ðŽg—p‚·‚éê‡‚Í +# $set{'base_cgi'} , $set{'http_html_path'} , $set{'http_src_path'} ‚ðƒtƒ‹ƒpƒX(http://`` or /``)‚Å‹Lq‚·‚é +$set{'html_dir'} = './'; # “à•”HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ +$set{'src_dir'} = './src/'; # “à•”ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ +$set{'base_cgi'} = './upload.cgi'; # ‚±‚̃XƒNƒŠƒvƒg–¼ http://`‚ÌŽw’è‰Â”\ +$set{'http_html_path'} = './'; # htmlŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ +$set{'http_src_path'} = './src/'; # fileŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ + +$set{'dlkey'} = 0; # DLKey‚ðŽg—p‚·‚é=1,DLkey•K{=2 +$set{'up_ext'} = 'txt,lzh,zip,rar,gca,mpg,mp3,avi,swf,bmp,jpg,gif,png'; #ƒAƒbƒvƒ[ƒh‚Å‚«‚éŠî–{Šg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é +$set{'up_all'} = 0; #“o˜^ˆÈŠO‚Ì‚à‚Ì‚àUP‚³‚¹‚ç‚ê‚é‚悤‚É‚·‚é=1 +$set{'ext_org'} = 0; #$set{'up_all'}‚ª1‚ÌŽžƒIƒŠƒWƒiƒ‹‚ÌŠg’£Žq‚É‚·‚é=1 +$set{'deny_ext'} = 'php,php3,phtml,rb,sh,bat,dll'; #“Še‹ÖŽ~‚ÌŠg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é +$set{'change_ext'} = 'cgi->txt,pl->txt,log->txt,jpeg->jpg,mpeg->mpg'; #Šg’£Žq•ÏŠ· ‘O->Œã ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é + +$set{'home_url'} = ''; #[HOME]‚̃Šƒ“ƒNæ ‘Š‘΃pƒX–”‚Í http://‚©‚çŽn‚Ü‚éâ‘΃pƒX +$set{'html_all'} = 1; #[ALL]‚ðo‚·=1 +$set{'dummy_html'} = 0; #ƒtƒ@ƒCƒ‹ŒÂ•ÊHTML‚ðì¬‚·‚é ’Êíƒtƒ@ƒCƒ‹‚Ì‚Ý=1,DLKeyÝ’èƒtƒ@ƒCƒ‹‚Ì‚Ý=2,‚·‚ׂÄ=3 +$set{'find_crypt'} = 1; #ˆÃ†‰»ZIP‚ðŒŸo‚·‚é=1 +$set{'binary_compare'} = 0; #Šù‘¶ƒtƒ@ƒCƒ‹‚ƃoƒCƒiƒŠ”äŠr‚·‚é=1 +$set{'post_flag'} = 0; #PostKey‚ðŽg—p‚·‚é=1 +$set{'post_key'} = 'postkey'; #PostKey ,‚Å‹æØ‚é‚Æ•¡”Žw’è ex.(postkey1,postkey2) +$set{'disp_error'} = 1; #ƒ†[ƒU[‚ɃGƒ‰[‚ð•\Ž¦‚·‚é=1 +$set{'error_level'} = 1; #ƒGƒ‰[ƒƒO‚ð‹L˜^‚·‚é=1 +$set{'error_log'} = './error.cgi'; #ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹–¼ +$set{'error_size'} = 1024; # ƒGƒ‰[ƒƒOÅ‘å—e—Ê(KB) §ŒÀ‚È‚µ=0 +$set{'zero_clear'} = 1; #ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚ç‚È‚¢ê‡ƒƒO‚©‚çíœ‚·‚é=1 + +$set{'disp_comment'} = 1; #ƒRƒƒ“ƒg‚ð•\Ž¦‚·‚é=1 +$set{'disp_date'} = 1; #“ú•t‚ð•\Ž¦‚·‚é=1 +$set{'disp_size'} = 1; #ƒTƒCƒY‚ð•\Ž¦‚·‚é=1 +$set{'disp_mime'} = 1; #MIMETYPE‚ð•\Ž¦‚·‚é=1 +$set{'disp_orgname'} = 1; #ƒIƒŠƒWƒiƒ‹ƒtƒ@ƒCƒ‹–¼‚ð•\Ž¦‚·‚é=1 + +$set{'per_upfile'} = 0666; #ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0604,other=0666 +$set{'per_dir'} = 0777; #ƒ\[ƒXƒAƒbƒvƒfƒBƒŒƒNƒgƒŠ‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0701,other=0777 +$set{'per_logfile'} = 0666; #ƒƒOƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“@suexec=0600,other=0666 +$set{'link_target'} = ''; #target‘®« + +#------ +$set{'ver'} = '2005/10/10e'; +$set{'char_delname'} = 'D'; + +$in{'time'} = time(); $in{'date'} = conv_date($in{'time'}); +$in{'addr'} = $ENV{'REMOTE_ADDR'}; +$in{'host'} = gethostbyaddr(pack('C4',split(/\./, $in{'addr'})), 2) || $ENV{'REMOTE_HOST'} || '(none)'; + +if($in{'addr'} eq $in{'host'}){ $in{'host'} = '(none)'; } + +$set{'html_head'} =<<"EOM"; + + + + + + + + + +Uploader +EOM + +$set{'html_css'} =<<"EOM"; + + +EOM + +unless(-e $set{'log_file'}){ &init; } +unless(-e $set{'base_html'}){ &makehtml; } +{ #ƒfƒR[ƒh + my $readbuffsize = 1024*8; + if ($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ + if ($ENV{'CONTENT_LENGTH'} > ($set{'max_size'} * 1024 + 1024)){ if($ENV{'SERVER_SOFTWARE'} =~ /IIS/){ while(read(STDIN,my $buff,$readbuffsize)){} } &error(106,$ENV{'CONTENT_LENGTH'});} + }else{ + if ($ENV{'CONTENT_LENGTH'} > 1024*100){ error(98); } + } + my %ck; foreach(split(/;/,$ENV{'HTTP_COOKIE'})){ my($key,$val) = split(/=/); $key =~ s/\s//g; $ck{$key} = $val;} + my @ck = split(/<>/,$ck{'SN_USER'}); + if(length($ck[0]) < 5){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + $in{'user'} = crypt($in{'addr'}.$in{'time'}, $salt); + }else{ $in{'user'} = $ck[0]; } + + if($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ + my %FORM; my $subbuff; my $filename; my $valuename; + my $upflag; my $valueflag; my $bound; my $mime; + my $readlength = 0; + my $random = int(rand(900000)) + 100000; + my $endflag = 0; + binmode(STDIN); + while(){ $readlength += length($_); if(/(--.*)\r\n$/){ $bound = $1; last; }} + if(-e "$set{'src_dir'}$random.temporary"){ $random++; } + if(-e "$set{'src_dir'}$random.temporary"){ $random++; } + if(-e "$set{'src_dir'}$random.temporary"){ &error(204); } + + open(OUT,">$set{'src_dir'}$random.temporary"); + binmode(OUT); + my $formbuff; + while(my $buff = ){ + $readlength += length($buff); + if($upflag == 1){ if($buff =~ /Content-Type:\s(.*)\r\n$/i){ $mime = $1; } $upflag++; next;} + if($upflag == 2){ + while(1){ + my $readblen; my $filebuff; + if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; } + else{ $readblen = $readbuffsize; } + if(!read(STDIN,$filebuff,$readblen)){ last }; + $readlength += length($filebuff); + if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ + my $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; + read(STDIN,my $subbuff,$readblen); + $readlength += length($subbuff); + $filebuff .= $subbuff; + $endflag = 1; + } + my $offset = index($filebuff,$bound); + if($offset >= 0){ + $buff = substr($filebuff,0,$offset-2); my $subbuff = substr($filebuff,$offset); + print OUT $buff; $upflag = 0; $formbuff .= $subbuff; last; + }else{ print OUT $filebuff; } + } + if($endflag){ last; } + next; + } + if($buff =~ /^Content-Disposition:\sform-data;\sname=\"upfile\";\sfilename=\"(.*)\"\r\n$/i){ + $filename = $1; $upflag = 1; next; + } + $formbuff .= $buff; + } + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}$random.temporary"); + { my $value; + foreach my $buff(split(/\r\n/,$formbuff)){ + $buff .= "\r\n"; + if($buff =~ /^$bound\-\-/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; last;} + if($buff =~ /^$bound/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; next;} + if($valueflag == 1){ $valueflag++; next; } + if($valueflag == 2){ $FORM{$value} .= $buff; } + if($buff =~ /^Content-Disposition: form-data; name=\"(.+)\"\r\n$/){ $value = $1; $valueflag++; } + } + } + if($upflag || $valueflag){ unlink("$set{'src_dir'}$random.temporary"); &error(108);} + + $in{'org_pass'} = $in{'pass'} = $FORM{'pass'}; + $in{'dlkey'} = $FORM{'dlkey'}; + $in{'comment'} = $FORM{'comment'}; + $in{'jcode'} = $FORM{'jcode'}; + $in{'postkey'} = $FORM{'postkey'}; + $in{'upfile'} = $filename; + $in{'type'} = $mime; + $in{'tmpfile'} = "$set{'src_dir'}$random.temporary"; + $in{'orgname'} = $in{'upfile'}; + if(-s "$in{'tmpfile'}" == 0){ unlink("$in{'tmpfile'}"); &error(99) } + if($set{'min_flag'} && ((-s "$in{'tmpfile'}") < $set{'min_size'} * 1024)){ &error(107,(-s "$in{'tmpfile'}"));} + if((-s "$in{'tmpfile'}") > $set{'max_size'} * 1024){ &error(106,(-s "$in{'tmpfile'}"));} + if($set{'post_flag'} && !check_postkey($in{'postkey'})){ &error(109); } + if($set{'dlkey'} == 2 && !$in{'dlkey'}){ unlink("$in{'tmpfile'}"); &error(61); } + }else{ + my ($buffer,%FORM,@admin_delno); + if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});} + else { $buffer = $ENV{'QUERY_STRING'}; } + my @pairs = split(/&/,$buffer); + foreach my $pair (@pairs) { + my ($name, $value) = split(/=/, $pair); + $value =~ tr/+/ /; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + if($name eq 'admin_delno'){ + push(@admin_delno,$value); + }else{ + $FORM{$name} = $value; + } + } + $in{'delpass'} = $FORM{'delpass'}; + $in{'delno'} = $FORM{'delno'}; + $in{'file'} = $FORM{'file'}; + $in{'dlkey'} = $FORM{'dlkey'}; + $in{'mode'} = $FORM{'mode'}; + $in{'checkmode'} = $FORM{'checkmode'}; + $in{'admin_delno'} = join(',',@admin_delno); + if($in{'delno'} eq $set{'admin_name'} && $in{'delpass'} eq $set{'admin_pass'}){ &admin_mode(); } + if(!$in{'delno'} && $in{'delpass'} eq $set{'admin_pass'}){ &makehtml; &quit; } + } + + my @denyhost = split(/,/,$set{'deny_host'}); + foreach my $value (@denyhost){ + if ($in{'addr'} =~ /$value/ || $in{'host'} =~ /$value/){ &error(101);} + } + + my @form = ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}); + foreach my $value (@form) { + if (length($value) > 128) { $value = substr($value,0,128).'...'; } +# $value =~ s/&/&/g; + $value =~ s/"/"/g; + $value =~ s//>/g; + $value =~ s/\r//g; + $value =~ s/\n//g; + $value =~ s/\t//g; + $value =~ s/\0//g; + } + ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}) = @form; +} + + +if($in{'mode'} eq 'delete'){ &delete(); &quit(); } +if($in{'mode'} eq 'dl'){ &dlfile;} #DL +if(!$in{'upfile'}){ &error(99); } + +{#ƒƒCƒ“ˆ— + + open(IN,$set{'log_file'})||&error(303); + my @log = ; + close(IN); + my ($no,$lastip,$lasttime) = split(/<>/,$log[0]); + + if($set{'interval'} && $in{'time'} <= ($lasttime + $set{'interval'}) && $in{'addr'} eq $lastip){ &error(203);} + $in{'ext'} = extfind($in{'orgname'}); if(!$in{'ext'}){ &error(202); } + + my $orgname; + if(split(/\//,$in{'orgname'}) > split(/\\/,$in{'orgname'})){ my @name = split(/\//,$in{'orgname'}); $orgname = $name[$#name]; } + else{ my @name = split(/\\/,$in{'orgname'}); $orgname = $name[$#name];} + + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); + srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + $in{'pass'} = crypt($in{'pass'}, $salt); + + if($set{'binary_compare'}){ + my @files = globfile("$set{'src_dir'}",".*"); + my @dir = globdir("$set{'src_dir'}",".*"); + foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } + foreach my $value (@files){ + next if($value =~ /\.temporary$/); + if(binarycmp($in{'tmpfile'},$value)){ unlink($in{'tmpfile'}); &error(205,$value);} + } + } + + if($set{'find_crypt'}){ + open(FILE,$in{'tmpfile'}); binmode(FILE); seek(FILE,0,0); read(FILE,my $buff,4); my $crypt_flag = 0; + if($buff =~ /^\x50\x4b\x03\x04$/){ seek(FILE,6,0); read(FILE,my $buff,1); $crypt_flag = 1 if(($buff & "\x01") eq "\x01"); } + close(FILE); + $in{'comment'} = '*'.$in{'comment'} if($crypt_flag); + } + + open(IN,$set{'log_file'})||&error(303); + @log = ; + close(IN); + ($no,$lastip,$lasttime) = split(/<>/,$log[0]); + shift(@log); + $no++; + my $tmpno = sprintf("%04d",$no); + + my $dlsalt; + my $filedir; + my $allsize = (-s $in{'tmpfile'}); + + if($set{'dlkey'} && $in{'dlkey'}){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9'); srand; + for (my $c = 1; $c <= 20; ++$c) { $dlsalt .= $salt[int(rand(@salt))]; } + $filedir = "$set{'src_dir'}$set{'file_pre'}${tmpno}.$in{'ext'}_$dlsalt/"; + mkdir($filedir,$set{'per_dir'}); + rename("$in{'tmpfile'}","$filedir$set{'file_pre'}$tmpno.$in{'ext'}"); + open(OUT,">${filedir}index.html"); + close(OUT); + chmod($set{'per_upfile'},"${filedir}index.html"); + $in{'comment'} = '[DLKey] '.$in{'comment'}; + }else{ + undef $in{'dlkey'}; + rename("$in{'tmpfile'}","$set{'src_dir'}$set{'file_pre'}$tmpno.$in{'ext'}"); + } + + if (length($orgname) > 128) { $orgname = substr($orgname,0,128).'...'; } + + my @note; + if($set{'post_flag'} && $set{'post_key'}){ + push(@note,'PostKey:'.$in{'postkey'}); + } + if($ENV{'SERVER_SOFTWARE'} =~ /Apache|IIS/){ + my $disptime; + my $time = time() - $in{'time'}; + my @str = ('Upload:','•b'); + my $disptime = $time.$str[1]; + push(@note,$str[0].$disptime); + } + if($in{'dlkey'}){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + my $crypt_dlkey = crypt($in{'dlkey'}, $salt); + push(@note,"DLKey"); + } + my $note = join(',',@note); + my $usersalt = substr($in{'user'},0,2); + my $userid = crypt($in{'user'},$usersalt); + $in{'time'} = time(); +# $in{'date'} = conv_date(time()); + my @new; + $new[0] = "$no<>$in{'addr'}<>$in{'time'}<>1\n"; + my $addlog = "$no<>$in{'ext'}<>$in{'date'}<>$in{'comment'}<>$in{'type'}<>$orgname<>$in{'addr'}<>$in{'host'}<>$in{'pass'},$userid<>$set{'file_pre'}<>$note<>1\n"; + $new[1] = $addlog; + +# open(OUT,">>./alllog.cgi"); print OUT $addlog; close(OUT); + + my $i = 2; + + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + if(!$dummy){ $filepre = $set{'file_pre'};} + $no = sprintf("%04d",$no); + + my $filename; + my $filedir; + if($note =~ /DLpath:(.+)\s/){ + my $dlpath = $1; + $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; + $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; + }else{ + $filename = "$set{'src_dir'}$filepre$no.$ext"; + } + $allsize += (-s $filename); + + if($i <= $set{'max_log'} && !($set{'max_all_flag'} && $set{'max_all_size'}*1024 < $allsize)){ + if((-e $filename)||!$set{'zero_clear'}){ push(@new,$value); $i++; } + }else{ + if(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + }elsif(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + }elsif(-e $filename){ + push(@new,$value); + }else{ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + } + } + } + logwrite(@new); + if($in{'dlkey'} && ( $set{'dummy_html'} == 2 || $set{'dummy_html'} == 3)){ + &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}",$in{'comment'},"$set{'file_pre'}$tmpno.$in{'ext'}",$dlsalt,$in{'date'},$in{'type'},$orgname,$no); + }elsif(!$in{'dlkey'} && ($set{'dummy_html'} == 1 || $set{'dummy_html'} == 3)){ + &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}"); + } + &makehtml(); &quit(); +} + +sub makehtml{ + + my ($buff,$init,$postval,$dlkey); + my $page = 0; my $i = 1; + + open(IN,$set{'log_file'})||&error(303); + my $log = my @log = ; + close(IN); + + if($log == 1){ $log++; $init++;} + my $lastpage = int(($log - 2)/$set{'pagelog'}) + 1; + $postval = ' obj.postkey.value = unescape(p[1]);' if($set{'post_flag'}); + my $header =<<"EOM"; +$set{'html_head'} + +$set{'html_css'} + +
Uploader
+

+Now.. Testing.. +

+EOM + my $maxsize = 'Max '.dispsize($set{'max_size'}*1024); + my ($minsize,$total); + if($set{'min_flag'}){ $minsize = 'Min '.dispsize($set{'min_size'}*1024).' - '; } + if($set{'max_all_flag'}){ $total .= ' Total '.dispsize($set{'max_all_size'}*1024);} + $header .= qq|
FILE $minsize$maxsize (*$set{'max_log'}Files$total)
|; + $header .=''; + $header .= ' DLKey: ' if($set{'dlkey'}); + $header .= ' +DELKey:
+COMMENT
+ + +
+'; + if($set{'post_flag'}){ $header .= 'PostKey
'; } + $header .= '
'; + + my $allsize = 0; + my @files = globfile("$set{'src_dir'}",".*"); + my @dir = globdir("$set{'src_dir'}",".*"); + foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } + foreach my $value (@files){ $allsize += (-s "$value"); } + + $allsize = dispsize($allsize); + + my $footer = "
Used ${allsize}\n
"; + if($set{'up_all'} && !$set{'ext_org'}){ $footer .= $set{'up_ext'}.' +'; } + elsif(!$set{'up_all'}){ $footer .= $set{'up_ext'}; } + $footer .= "\n
No. key
\n"; + $footer .= "
\n\n"; + + my $info_title = "\n"; + if($set{'disp_comment'}){ $info_title .= ""; } if($set{'disp_size'}){ $info_title .= ""; } if($set{'disp_date'}){ $info_title .= ""; } + if($set{'disp_mime'}){ $info_title .= ""; } if($set{'disp_orgname'}){ $info_title .= ""; } + $info_title .= "\n"; + + my $home_url_link; + if($set{'home_url'}){ $home_url_link = qq|[HOME] |;} + if($set{'html_all'}){ + my $buff; my $no = 1; my $time = time; my $subheader; + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$dummy) = split(/<>/,$value); + if(!$dummy){ next; } + $buff .= makeitem($value); + } + $subheader .= "[ALL] "; + while($no <= $lastpage){ + if($no == $page) { $subheader .= "\[$no\] ";} + else{ if($no == 1){ $subheader .= "\[$no\] "} + else{$subheader .= "\[$no\] ";} } + $no++; + } + $subheader .= $info_title; + open(OUT,">$set{'html_dir'}all.html")||&error(306,"$set{'html_dir'}all.html"); + print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; + close(OUT); + chmod($set{'per_upfile'},"$set{'html_dir'}all.html"); + }else{ unlink("$set{'html_dir'}all.html"); } + + while($log > $i){ + $buff .= makeitem($log[$i]) unless($init); + if(($i % $set{'pagelog'}) == 0||$i == $log -1){ + $page++; my $subheader; my $no = 1; my $time = time; + if($set{'html_all'}){ $subheader .= "[ALL] "; } + while($no <= $lastpage){ + if($no == $page) { $subheader .= "\[$no\] ";} + else{ if($no == 1){ $subheader .= "\[$no\] "} + else{$subheader .= "\[$no\] ";} + } + $no++; + } + $subheader .= $info_title; + my $loghtml; + if($page == 1){ $loghtml = "$set{'html_dir'}$set{'base_html'}"; } + else{ $loghtml = "$set{'html_dir'}$page.html"; } + + open(OUT,">$loghtml") || &error(306,"$loghtml"); + print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; + close(OUT); + chmod($set{'per_upfile'},$loghtml); + undef $buff; + } + $i++; + } + + while($page < 1000){ + $page ++; + if(-e "$set{'html_dir'}$page.html"){ unlink("$set{'html_dir'}$page.html"); }else{ last; } + } +} + +sub delete{ + my $mode = $_[0]; + my @delno = split(/,/,$_[1]); + my $delno; my $flag = 0; my $tmpaddr; + my $delnote; + + if($in{'delno'} =~ /(\d+)/){ $delno = $1; } + if($mode ne 'admin' && !$in{'delno'}){ return; } + elsif($mode ne 'admin' && !$delno){ &error(401,$in{'delno'}); } + + open(IN,$set{'log_file'})|| &error(303); + my @log = ; + close(IN); + + if($in{'addr'} =~ /(\d+).(\d+).(\d+).(\d+)/){ $tmpaddr = "$1.$2.$3."; } + my $findflag = 0; + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + $delnote = $note; + my $delflag = 0; + if(!$addr){ next; } + if($mode eq 'admin'){ + foreach my $delno (@delno){ if($no == $delno){ $delflag = 1; last; } } + }elsif($no == $delno){ + $findflag = 1; + unless ($addr =~ /^$tmpaddr/){ + my ($pass,$id) = split(/,/,$pass); + my $delpass = $in{'delpass'} || $in{'addr'}.time(); + my $salt = substr($pass, 0, 2); $delpass = crypt($delpass,$salt); + my $usersalt = substr($in{'user'},0,2); my $userid = crypt($in{'user'},$usersalt); + if ($in{'delpass'} ne $set{'admin_pass'} && $delpass ne $pass && $userid ne $id){ + if($mode ne 'admin'){ if(!$dummy){ $filepre = $set{'file_pre'};} $no = sprintf("%04d",$no); &error(404,"$filepre$no.$ext");} + } + } + $delflag = 1; + } + if($delflag){ +# open(OUT,">>./del.cgi"); print OUT $value; close(OUT); + $flag = 1; + if(!$dummy){ $filepre = $set{'file_pre'};} + $no = sprintf("%04d",$no); + my $filename; + my ($dlpath,$filedir); + if($delnote =~ /DLpath:(.+)\s/){ + $dlpath = $1; + $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; + $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; + }else{ + $filename = "$set{'src_dir'}$filepre$no.$ext"; + } + + if(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }elsif(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }elsif(!(-e $filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }else{ + if($mode ne 'admin'){ &error(403,"$filepre$no.$ext");} + } + } + } + if($mode ne 'admin' && !$findflag){ &error(402,$delno); } + if($flag){ + logwrite(@log); + &makehtml(); + } +} + + +sub quit{ + my ($cookiename,$buff); + my $flag = 0; + my @tmpfiles = globfile("$set{'src_dir'}","\.temporary"); + foreach my $value (@tmpfiles){ if((stat($value))[10] < time - 60*60){ unlink("$value"); $flag++; } } + &makehtml() if($flag); + $buff =<<"EOM"; +$set{'html_head'} +EOM + if($in{'jcode'} || $in{'mode'} eq 'delete'){ + $buff .=<<"EOM"; + + +\n|; + } + $buff .=<<"EOM"; + +

+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub admin_mode{ + &errorclear() if($in{'mode'} eq 'errorclear'); + &delete('admin',$in{'admin_delno'}) if($in{'mode'} eq 'delete'); + + open(IN,$set{'log_file'})||error(303); + my @log = ; + close(IN); + + my ($header,$buff,$footer,$value); + $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +EOM + + $buff .= leaddisp(0,1,1).'
NAMECOMMENTSIZEDATEMIMEORIG
Upload Info
'; + $buff .= qq|
\n

\n|."\n\n"; + shift(@log); + foreach (@log){ $buff .= makeitem($_,'admin'); } + $buff .= '
DELNAMECOMMENTSIZEADDRHOSTDATENOTEMIMEORIG


'; + + if($set{'error_level'}){ + $buff .= leaddisp(-1,0,1).'
Error Info
'; + $buff .= qq|
|; + $buff .= "\n\n"; + if(open(IN,$set{'error_log'})){ @log = reverse(); close(IN); foreach (@log){ my ($date,$no,$note,$addr,$host) = split(/<>/); $buff .= "\n"; }} + $buff .= "
DATEADDRHOSTNOTE
$date$addr$host$note


\n"; + } + + $buff .= leaddisp(-1,-1,0); + $buff .= '
Setting Info
'."\n\n"; + $buff .= tablestr('ƒXƒNƒŠƒvƒgVer',$set{'ver'}); + $buff .= tablestr('ƒƒCƒ“ƒƒOƒtƒ@ƒCƒ‹',$set{'log_file'}); + if($set{'error_level'}){ + $buff .= tablestr('ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹',$set{'error_log'}); + if($set{'error_size'}){ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—Ê',dispsize($set{'error_size'}*1024).' '.($set{'error_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—ʐ§ŒÀ','–³'); } + }else{ $buff .= tablestr('ƒGƒ‰[ƒƒO‹L˜^','–³'); } + $buff .= tablestr('•ÛŽŒ”',$set{'max_log'}); + $buff .= tablestr('Å‘å“Še—e—Ê',dispsize($set{'max_size'}*1024).' '.($set{'max_size'}*1024).'Bytes'); + + if($set{'min_flag'}){ $buff .= tablestr('Å¬§ŒÀ—e—Ê',dispsize($set{'min_size'}*1024).' '.($set{'min_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('Å¬§ŒÀ—e—Ê',"–³"); } + if($set{'max_all_flag'}){ $buff .= tablestr('‘—e—ʐ§ŒÀ',dispsize($set{'max_all_size'}*1024).' '.($set{'max_all_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('‘—e—ʐ§ŒÀ',"–³"); } + + $buff .= tablestr("ƒtƒ@ƒCƒ‹Ú“ªŽ«",$set{'file_pre'}); + $buff .= tablestr("HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'html_dir'}); + $buff .= tablestr("ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'src_dir'}); + if($set{'http_html_path'} && $set{'html_dir'} ne $set{'http_html_path'}){ $buff .= "\n";} + if($set{'http_src_path'} && $set{'src_dir'} ne $set{'http_src_path'}){ $buff .= "\n";} + $buff .= tablestr('1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹”',$set{'pagelog'}); + if($set{'interval'} > 0){ $value = $set{'interval'}.'•b'; }else{ $value = '–³'; } + $buff .= tablestr('“¯ˆêIP“ŠeŠÔŠu•b”§ŒÀ',$value); + if($set{'up_ext'}){ $set{'up_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‰Â”\Šî–{Šg’£Žq',$set{'up_ext'}); } + if($set{'deny_ext'}){ $set{'deny_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‹ÖŽ~Šg’£Žq',$set{'deny_ext'}); } + if($set{'change_ext'}){ $set{'change_ext'} =~ s/,/ /g; $set{'change_ext'} =~ s/>/>/g; $buff .= tablestr('Šg’£Žq•ÏŠ·',$set{'change_ext'}); } + + if($set{'up_all'}){ $buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','—L'); if($set{'ext_org'}){ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','ƒIƒŠƒWƒiƒ‹'); }else{ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','bin'); }} + else{$buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','–³');} + + if($set{'find_crypt'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ˆÃ†‰»ƒA[ƒJƒCƒuŒŸo(ZIP)',$value); + if($set{'binary_compare'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ƒoƒCƒiƒŠ”äŠr',$value); + if($set{'post_flag'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('PostKey“Še§ŒÀ',$value); + if($set{'dlkey'}){ if($set{'dlkey'} == 2){$value = '•K{'}else{$value = '”CˆÓ';}}else{ $value = '–³';} + $buff .= tablestr('DLkey',$value); + if($set{'dummy_html'}){ if($set{'dummy_html'} == 3){$value = 'ALL'}elsif($set{'dummy_html'} == 2){$value = 'DLKey‚Ì‚Ý';}else{$value = '’ʏíƒtƒ@ƒCƒ‹‚Ì‚Ý';}}else{ $value = '–³';} + $buff .= tablestr('ŒÂ•ÊHTMLƒLƒƒƒbƒVƒ…',$value); + if($set{'disp_error'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ƒ†[ƒUƒGƒ‰[•\Ž¦',$value); + if($set{'zero_clear'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('íœÏƒtƒ@ƒCƒ‹ƒŠƒXƒgŽ©“®Á‹Ž',$value); + if($set{'home_url'}){ $buff .= "\n";} + + $buff .= '
HTTP_HTML_PATH$set{'http_html_path'}
HTTP_SRC_PATH$set{'http_src_path'}
HOMEURL$set{'home_url'}
'; + + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub extfind{ + my $orgname = @_[0]; + my @filename = split(/\./,$orgname); + my $ext = $filename[$#filename]; + $ext =~ tr/[A-Z]/[a-z]/; + foreach my $value (split(/,/,$set{'change_ext'})){ my ($src,$dst) = split(/->/,$value); if($ext eq $src){ $ext = $dst; last; }} + foreach my $value (split(/,/,$set{'deny_ext'})){ if($ext eq $value){ &error(206,$ext); }} + foreach my $value (split(/,/,$set{'up_ext'})){ if ($ext eq $value) { return $value; } } + if(length($ext) >= 5 || length($ext) == 0){ $ext = 'bin'; } + unless ($ext =~ /^[A-Za-z0-9]+$/){ $ext = 'bin'; } + if($set{'up_all'} && $set{'ext_org'}){ return $ext;} + elsif($set{'up_all'}){ return 'bin'; } + return 0; +} + + +sub conv_date{ + my @date = gmtime($_[0] + 9*60*60); + $date[5] -= 100; $date[4]++; + if ($date[5] < 10) { $date[5] = "0$date[5]" ; } if ($date[4] < 10) { $date[4] = "0$date[4]" ; } + if ($date[3] < 10) { $date[3] = "0$date[3]" ; } if ($date[2] < 10) { $date[2] = "0$date[2]" ; } + if ($date[1] < 10) { $date[1] = "0$date[1]" ; } if ($date[0] < 10) { $date[0] = "0$date[0]" ; } + my @w = ('Sun','Mon','Tue','Wed','Thu','Fri','Sat'); + return ("$date[5]/$date[4]/$date[3]($w[$date[6]]),$date[2]:$date[1]:$date[0]"); +} + +sub dispsize{ + my $size = $_[0]; + if($size >= 1024*1024*1024*100){ $size = int($size/1024/1024/1024).'GB';} + elsif($size >= 1024*1024*1024*10){ $size = sprintf("%.1fGB",$size/1024/1024/1024);} + elsif($size > 1024*1024*1024){ $size = sprintf("%.2fGB",$size/1024/1024/1024);} + elsif($size >= 1024*1024*100){ $size = int($size/1024/1024).'MB'; } + elsif($size > 1024*1024){ $size = sprintf("%.1fMB",$size/1024/1024); } + elsif($size > 1024){ $size = int($size/1024).'KB'; } + else{ $size = int($size).'B';} + return $size; +} + +sub makeitem{ + my ($src,$mode) = @_; my ($buff,$check,$target); + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$src); + if(!$dummy){ $filepre = $set{'file_pre'}; } + my $orgno = $no; + $no = sprintf("%04d",$no); + my $size = 0; + my $dlpath = 0; + + if($note =~ /DLpath:(.+)\s/){ + $dlpath = $1; + $size = dispsize(-s "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"); + }else{ + $size = dispsize(-s "$set{'src_dir'}$filepre$no.$ext"); + } + + my $path = $set{'http_src_path'} || $set{'src_dir'}; + if($set{'link_target'}){ $target = qq| target="$set{'link_target'}"|; } + if($mode eq 'admin'){ + if($dlpath){ $path .= "$filepre$no.${ext}_$dlpath/"; } + if($addr eq $host){ undef $host; } + if($in{'checkmode'} eq 'allcheck'){$check = ' checked';} + $buff = "$filepre$no.$ext$comment$size$addr$host$date$note$mime$orgname\n"; + }else{ + my($d_com,$d_date,$d_size,$d_mime,$d_org); + if($set{'disp_comment'}){ $d_com = "$comment"; } if($set{'disp_size'}){ $d_size = "$size"; } if($set{'disp_date'}){ $d_date= "$date"; } + if($set{'disp_mime'}){ $d_mime = "$mime"; } if($set{'disp_orgname'}){ $d_org = "$orgname"; } + if(-e "$set{'src_dir'}$filepre$no.$ext.html"){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + elsif($dlpath){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + else{ $buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + } + return $buff; +} + +sub makedummyhtml{ + my ($filename,$com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; + my $buff; + + if(!$no){ + $buff = "$filename"; + $buff .= qq|Download $filename|; + $buff .= ''; + }else{ + $buff = cryptfiledl($com,$file,$orgdlpath,$date,$mime,$orgname,$no); + } + + open(OUT,">$set{'src_dir'}$filename.html")||&error(307,"$set{'src_dir'}$filename.html"); + print OUT $buff; + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}$filename.html"); + return 1; +} + + +sub logwrite{ + my @log = @_; + open(OUT,"+>$set{'log_file'}")||&error(304); + eval{ flock(OUT, 2);}; + eval{ truncate(OUT, 0);}; + seek(OUT, 0, 0); + print OUT @log; + eval{ flock(OUT, 8);}; + close(OUT); + chmod($set{'per_upfile'},$set{'log_file'}); + return 1; +} + +sub binarycmp{ + my ($src,$dst) = @_; + return 0 if (-s $src != -s $dst); + open(SRC,$src)||return 0; open(DST,$dst)||return 0; + my ($buff,$buff2); + binmode(SRC); binmode(DST); seek(SRC,0,0); seek(DST,0,0); + while(read(SRC,$buff,8192)){ read(DST,$buff2,8192); if($buff ne $buff2){ close(SRC); close(DST); return 0; } } + close(SRC); close(DST); + return 1; +} + +sub init{ + my $buff; + if(open(OUT,">$set{'log_file'}")){ + print OUT "0<>0<>0<>1\n"; + close(OUT); + chmod($set{'per_logfile'},$set{'log_file'}); + }else{ + $buff = "ƒƒCƒ“ƒƒO‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + + unless (-d "$set{'src_dir'}"){ + if(mkdir("$set{'src_dir'}",$set{'per_dir'})){ + chmod($set{'per_dir'},"$set{'src_dir'}"); + open(OUT,">$set{'src_dir'}index.html"); + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}index.html"); + }else{ + $buff .= "Source•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + } + + unless (-d "$set{'html_dir'}"){ + if(mkdir("$set{'html_dir'}",$set{'per_dir'})){ + chmod($set{'per_dir'},"$set{'html_dir'}"); + }else{ + $buff .= "HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + } + + if($buff){ + $buff .= "ƒfƒBƒŒƒNƒgƒŠ‚ɏ‘‚«ž‚ÝŒ ŒÀ‚ª‚ ‚é‚©Šm”F‚µ‚Ä‚­‚¾‚³‚¢"; + &error_disp($buff,'init'); + } +} + +sub check_postkey{ + my $inputkey = @_[0]; + my @key = split(/,/,$set{'post_key'}); + foreach my $key (@key){ if($inputkey eq $key){ return 1; } } + return 0; +} + +sub leaddisp{ + my @src = @_; + my ($str,$count); + foreach my $value (@src){ + my ($mark,$name,$link); $count++; + if($count == 1){ $name = 'Upload Info'; $link = 'up'; } + elsif($count == 2){ $name = 'Error Info'; $link = 'error'; next if(!$set{'error_level'}); } + elsif($count == 3){ $name = 'Setting Info'; $link = 'set'; } + if($value){ if($value > 0){ $mark = '¥'; }else{ $mark = '£'; } $str .= qq|${mark}${name} |; } + else{ $str .= qq|[$name] |; } + } + return $str; +} + +sub errorclear{ + open(OUT,">$set{'error_log'}")||return 0; + eval{ flock(OUT, 2);}; eval{ truncate(OUT, 0);}; seek(OUT, 0, 0); eval{ flock(OUT, 8);}; close(OUT); + chmod($set{'per_upfile'},$set{'log_file'}); + return 1; +} + +sub tablestr{ + my ($value1,$value2) = @_; + return ("$value1$value2\n"); +} + +sub globfile{ + my ($src_dir,$filename) = @_; + opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); + my @new = (); foreach my $value (@dir){ push(@new,"$src_dir$value") if($value =~ /$filename/ && !(-d "$src_dir$value")); } + return @new; +} + +sub globdir{ + my ($src_dir,$dir) = @_; + opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); + my @new = (); foreach my $value (@dir){ if($value eq '.' ||$value eq '..' ){ next; } push(@new,"$src_dir$value") if($value =~ /$dir/ && (-d "$src_dir$value")); } + return @new; +} + +sub error_disp{ + my ($message,$mode) = @_; + my $url; + if($mode eq 'init'){ $url = qq|[ƒŠƒ[ƒh]|; }else{ $url = qq|[–ß‚é]|; } + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +
+ +$message + + +
$url
+

+ + + + + +
DATE$in{'date'}
ADDR$in{'addr'}
HOST$in{'host'}
+
+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub error{ + my ($no,$note) = @_; + if (length($note) > 64) { $note = substr($note,0,64).'...'; } + $note =~ s/&/&/g; $note =~ s/\"/"/g; $note =~ s//>/g; $note =~ s/\r//g; $note =~ s/\n//g; $note =~ s/\t//g; $note =~ s/\0//g; + my ($message,$dispmsg,$flag); + + if($no == 98){ $message = ""; } + elsif($no == 99){ $message = "UpFile‚È‚µ"; } + elsif($no == 101){ $message = "“Še‹ÖŽ~HOST"; } + elsif($no == 106){ $flag = 1; $message = "POSTƒTƒCƒY’´‰ß"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å‘å—e—ʐݒè('.dispsize($set{'max_size'}*1024).')‚ð‰z‚¦‚Ä‚¢‚Ü‚·';} + elsif($no == 107){ $flag = 1; $message = "POSTƒTƒCƒY‰ß¬"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å¬—e—ʐݒè('.dispsize($set{'min_size'}*1024).')–¢–ž‚Å‚·';} + elsif($no == 108){ $flag = 1; $message = "POSTƒf[ƒ^•sŠ®‘S"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTƒf[ƒ^‚ª•sŠ®‘S‚Å‚·';} + elsif($no == 109){ $flag = 1; $message = "POSTKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTKey‚ªˆê’v‚µ‚Ü‚¹‚ñ';} + elsif($no == 202){ $flag = 1; $message = "Šg’£Žq‡‚킸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“Še‚Å‚«‚éŠg’£Žq‚Í'.$set{'up_ext'}.'‚Å‚·';} + elsif($no == 203){ $flag = 1; $message = "“Še‘‚·‚¬"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêIPƒAƒhƒŒƒX‚©‚ç'.$set{'interval'}.'•bˆÈ“à‚ɍēŠe‚Å‚«‚Ü‚¹‚ñ';} + elsif($no == 204){ $flag = 1; $message = "ˆêŽžƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ˆêŽžƒtƒ@ƒCƒ‹‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 205){ $flag = 1; $message = "“¯ˆêƒtƒ@ƒCƒ‹‘¶Ý"; $note =~ /([^\/]+)$/; my $filename = $1; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêƒtƒ@ƒCƒ‹‚ª '.$filename.' ‚É‘¶Ý‚µ‚Ü‚·';} + elsif($no == 206){ $flag = 1; $message = "‹ÖŽ~Šg’£Žq"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½Šg’£Žq '.$note.' ‚̓Aƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ';} + elsif($no == 303){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɓǂݍž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 304){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɏ‘‚«ž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̏‘‚«ž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 306){ $message = "ƒtƒ@ƒCƒ‹ƒŠƒXƒgHTML‘‚«ž‚ß‚¸";} + elsif($no == 307){ $message = "ƒtƒ@ƒCƒ‹HTMLƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸";} + elsif($no == 401){ $flag = 1; $message = "íœNo.ŒŸo‚Å‚«‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çíœNo.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.'0774.zip‚̏ꍇ No.‚É‚Í 774 ‚ð“ü—Í‚µ‚Ü‚·';} + elsif($no == 402){ $flag = 1; $note = sprintf("%04d",int($note)); $message = "íœNo.‘¶Ý‚¹‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ';} + elsif($no == 403){ $flag = 1; $message = "íœƒAƒNƒZƒX‹‘”Û"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒtƒ@ƒCƒ‹íœðŒ‚Í–ž‚½‚µ‚Ä‚¢‚Ü‚·‚ª '.$note.' ‚̃tƒ@ƒCƒ‹‚̍폜‚ª‹‘”Û‚³‚ê‚Ü‚µ‚½ƒAƒNƒZƒX‚ª‰ßè‚ȏꍇ“™‚ÍŽžŠÔ‚ð’u‚¢‚čđ€ì‚·‚é‚ƍ폜‚Å‚«‚邱‚Æ‚ª‚ ‚è‚Ü‚·';} + elsif($no == 404){ $flag = 1; $message = "íœKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' íœKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½';} + + elsif($no == 51){ $flag = 1; $message = "[DLMode] No.Œ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çƒtƒ@ƒCƒ‹No.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'; } + elsif($no == 52){ $flag = 1; $message = "[DLMode] FileŒ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ'; } + elsif($no == 53){ $flag = 1; $message = "[DLMode] DLkey–¢Ý’è"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ª–¢Ý’è‚Å‚·'; } + elsif($no == 54){ $flag = 1; $message = "[DLMode] DLkey•sˆê’v"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½'; } + elsif($no == 55){ $flag = 1; $message = "[DLMode] File Oepn Error"; $dispmsg = '[DLMode] Open Error'.$note.' ƒtƒ@ƒCƒ‹‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½'; } + elsif($no == 56){ $flag = 1; $message = "[DLMode] File Not Found"; $dispmsg = '[DLMode] Not Found'.$note.' ƒtƒ@ƒCƒ‹‚ª‘¶Ý‚µ‚Ü‚¹‚ñ'; } + + elsif($no == 61){ $flag = 1; $message = "DLkey–¢Ý’è"; $dispmsg = 'DLKey‚ª–¢Ý’è‚Å‚·'; } + + unlink($in{'tmpfile'}); + if($note){$message .= ' ';} + if($set{'error_level'} && $no > 100){ + unless(-e $set{'error_log'}){ + open(OUT,">$set{'error_log'}"); + close(OUT); + chmod($set{'per_logfile'},$set{'error_log'}); + } + if($set{'error_size'} && ((-s $set{'error_log'}) > $set{'error_size'} * 1024)){ + my $err_bkup = "$set{'error_log'}.bak.cgi"; + unlink($err_bkup); + rename($set{'error_log'},$err_bkup); + open(OUT,">$set{'error_log'}"); + close(OUT); + chmod($set{'per_logfile'},$set{'error_log'}); + } + open(OUT,">>$set{'error_log'}"); + print OUT "$in{'date'}<>$no<>$message$note<>$in{'addr'}<>$in{'host'}<>1\n"; + close(OUT); + } + &error_disp($dispmsg) if($flag && $set{'disp_error'}); + &quit(); +} + +sub dlfile{ + my $msg; + my ($orgdlkey,$orgdlpath); + my ($dlext,$dlfilepre); + my ($dl_date,$dl_comment,$dl_size,$dl_mime,,$dl_orgname); + my $dlno = 0; + my $findflag; + + open(IN,$set{'log_file'})||&error(303); + my @log = ; + close(IN); + shift(@log); + + if($in{'file'} =~ /(\d+)/){ $dlno = $1; } + if($dlno == 0) { &error(51,$in{'file'}); } + + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + my @note = split(/,/,$note); + if(int($dlno) == $no){ + $dl_comment = $comment; + $dl_mime = $mime; + $dl_date = $date; + $dl_orgname = $orgname; + $dlext = $ext; + $dlfilepre = $filepre; + foreach my $tmpnote (@note){ + if($tmpnote =~ /\!--\sDLKey:(.+)\s--.*\!--\sDLpath:(.+)\s--/){ + $orgdlkey = $1; + $orgdlpath = $2; + last; + } + } + $findflag = 1; + last; + } + } + + my $dlfile = $dlfilepre.sprintf("%04d",int($dlno)).'.'.$dlext; + if(!(-e "$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile")){ &error(56,"$dlfile----$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile"); } + + if($in{'dlkey'}){ + my $dlsalt = substr($orgdlkey,0,2); + my $dlkey = crypt($in{'dlkey'},$dlsalt); + + if($findflag == 0){ &error(52,$dlfile); } + elsif(!$orgdlkey){ &error(53,$dlfile); } + elsif($orgdlkey ne $dlkey && $set{'admin_pass'} ne $in{'dlkey'}){ &error(54,$dlfile); } + #print "Location: $set{'http_src_path'}${dlfile}_$orgdlpath/$dlfile\n\n"; + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + + + +
+
+ + +
”ò‚΂Ȃ¢ê‡‚Í ‚±‚¿‚ç ‚©‚ç
+
+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + }else{ + my $buff = cryptfiledl($dl_comment,$dlfile,$orgdlpath,$dl_date,$dl_mime,$dl_orgname,$dlno); + print "Content-type: text/html\n\n"; + print $buff; + } + exit; +} + +sub cryptfiledl{ + my($com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; + my($d_com,$d_date,$d_size,$d_mime,$d_org); + + if($set{'disp_comment'}){ $d_com = "COMMENT$com"; } if($set{'disp_size'}){ $d_size = "SIZE".dispsize(-s "$set{'src_dir'}${file}_$orgdlpath/$file")." (".(-s "$set{'src_dir'}${file}_$orgdlpath/$file")."bytes)".""; } if($set{'disp_date'}){ $d_date= "DATE$date"; } + if($set{'disp_mime'}){ $d_mime = "ORGMIME$mime"; } if($set{'disp_orgname'}){ $d_org = "ORGNAME$orgname"; } + + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +
+
+$file ‚É‚ÍDLKey‚ªÝ’肳‚ê‚Ä‚¢‚Ü‚· + + + + +$d_com$d_date$d_size$d_mime$d_org + + + +
+ + +
DLKey:
+
+ +EOM + + return $buff; } \ No newline at end of file