From 9b54efb8e01b2bb62bb2c9b8f9f234dbb1d20c1d Mon Sep 17 00:00:00 2001 From: mitty Date: Tue, 26 Jan 2010 06:48:23 +0000 Subject: [PATCH] * add Sn Uploader from http://sugachan.dip.jp/obsolete/snup/ git-svn-id: https://lab.mitty.jp/svn/lab/vendor/SnUploader/snup_051010e/uploader@29 7d2118f6-f56c-43e7-95a2-4bb3031d96e7 --- upload.cgi | 1078 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1078 insertions(+) create mode 100644 upload.cgi diff --git a/upload.cgi b/upload.cgi new file mode 100644 index 0000000..aa2993e --- /dev/null +++ b/upload.cgi @@ -0,0 +1,1078 @@ +#!/usr/bin/perl +use vars qw(%set %in); +use strict; +$set{'log_file'} = './log.cgi'; #ƒƒOƒtƒ@ƒCƒ‹–¼ +$set{'max_log'} = 30; #•ÛŽŒ” +$set{'max_size'} = 1*1024; #Å‘å“Še—e—Ê(KB) +$set{'min_flag'} = 0; #Å¬—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 +$set{'min_size'} = 100; #Å¬“Še—e—Ê(KB) +$set{'max_all_flag'} = 0; #‘—e—ʐ§ŒÀ‚ðŽg—p‚·‚é=1 +$set{'max_all_size'} = 20*1024; #‘§ŒÀ—e—Ê(KB) +$set{'file_pre'} = 'up'; #ƒtƒ@ƒCƒ‹Ú“ªŽ« +$set{'pagelog'} = 10; #1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹” +$set{'base_html'} = 'upload.html'; #1ƒy[ƒW–ڂ̃tƒ@ƒCƒ‹–¼ +$set{'interval'} = 0; #“¯ˆêIP“ŠeŠÔŠu•b” +$set{'deny_host'} = ''; #“Še‹ÖŽ~IP/HOST ,‚Å‹æØ‚é ex.(bbtec.net,219.119.66,ac.jp) +$set{'admin_name'} = 'admin'; #ŠÇ—ŽÒƒƒOƒCƒ“ID +$set{'admin_pass'} = '1234'; #ŠÇ—ŽÒƒpƒXƒ[ƒh + +# ˆÈ‰º5€–Ú‚ðÄÝ’è‚·‚éÛ‚É‚ÍPATHCƒfƒBƒŒƒNƒgƒŠ‚Í / ‚ŏI‚í‚邱‚Æ +# $set{'html_dir'},$set{'base_cgi'}‚ð ./ ˆÈŠO‚ɐݒ肷‚éê‡, +# ‚Ü‚½‚ÍDLkey‚ðŽg—p‚µ ‚È‚¨‚©‚ÂHTMLƒLƒƒƒbƒVƒ…($set{'dummy_html'} = 2 or 3)‚ðŽg—p‚·‚éê‡‚Í +# $set{'base_cgi'} , $set{'http_html_path'} , $set{'http_src_path'} ‚ðƒtƒ‹ƒpƒX(http://`` or /``)‚Å‹Lq‚·‚é +$set{'html_dir'} = './'; # “à•”HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ +$set{'src_dir'} = './src/'; # “à•”ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ +$set{'base_cgi'} = './upload.cgi'; # ‚±‚̃XƒNƒŠƒvƒg–¼ http://`‚ÌŽw’è‰Â”\ +$set{'http_html_path'} = './'; # htmlŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ +$set{'http_src_path'} = './src/'; # fileŽQÆ httpPATH http://`‚ÌŽw’è‰Â”\ + +$set{'dlkey'} = 0; # DLKey‚ðŽg—p‚·‚é=1,DLkey•K{=2 +$set{'up_ext'} = 'txt,lzh,zip,rar,gca,mpg,mp3,avi,swf,bmp,jpg,gif,png'; #ƒAƒbƒvƒ[ƒh‚Å‚«‚éŠî–{Šg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é +$set{'up_all'} = 0; #“o˜^ˆÈŠO‚Ì‚à‚Ì‚àUP‚³‚¹‚ç‚ê‚é‚悤‚É‚·‚é=1 +$set{'ext_org'} = 0; #$set{'up_all'}‚ª1‚ÌŽžƒIƒŠƒWƒiƒ‹‚ÌŠg’£Žq‚É‚·‚é=1 +$set{'deny_ext'} = 'php,php3,phtml,rb,sh,bat,dll'; #“Še‹ÖŽ~‚ÌŠg’£Žq ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é +$set{'change_ext'} = 'cgi->txt,pl->txt,log->txt,jpeg->jpg,mpeg->mpg'; #Šg’£Žq•ÏŠ· ‘O->Œã ”¼Šp‰p”¬•¶Žš ,‚Å‹æØ‚é + +$set{'home_url'} = ''; #[HOME]‚̃Šƒ“ƒNæ ‘Š‘΃pƒX–”‚Í http://‚©‚çŽn‚Ü‚éâ‘΃pƒX +$set{'html_all'} = 1; #[ALL]‚ðo‚·=1 +$set{'dummy_html'} = 0; #ƒtƒ@ƒCƒ‹ŒÂ•ÊHTML‚ðì¬‚·‚é ’Êíƒtƒ@ƒCƒ‹‚Ì‚Ý=1,DLKeyÝ’èƒtƒ@ƒCƒ‹‚Ì‚Ý=2,‚·‚ׂÄ=3 +$set{'find_crypt'} = 1; #ˆÃ†‰»ZIP‚ðŒŸo‚·‚é=1 +$set{'binary_compare'} = 0; #Šù‘¶ƒtƒ@ƒCƒ‹‚ƃoƒCƒiƒŠ”äŠr‚·‚é=1 +$set{'post_flag'} = 0; #PostKey‚ðŽg—p‚·‚é=1 +$set{'post_key'} = 'postkey'; #PostKey ,‚Å‹æØ‚é‚Æ•¡”Žw’è ex.(postkey1,postkey2) +$set{'disp_error'} = 1; #ƒ†[ƒU[‚ɃGƒ‰[‚ð•\Ž¦‚·‚é=1 +$set{'error_level'} = 1; #ƒGƒ‰[ƒƒO‚ð‹L˜^‚·‚é=1 +$set{'error_log'} = './error.cgi'; #ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹–¼ +$set{'error_size'} = 1024; # ƒGƒ‰[ƒƒOÅ‘å—e—Ê(KB) §ŒÀ‚È‚µ=0 +$set{'zero_clear'} = 1; #ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚ç‚È‚¢ê‡ƒƒO‚©‚çíœ‚·‚é=1 + +$set{'disp_comment'} = 1; #ƒRƒƒ“ƒg‚ð•\Ž¦‚·‚é=1 +$set{'disp_date'} = 1; #“ú•t‚ð•\Ž¦‚·‚é=1 +$set{'disp_size'} = 1; #ƒTƒCƒY‚ð•\Ž¦‚·‚é=1 +$set{'disp_mime'} = 1; #MIMETYPE‚ð•\Ž¦‚·‚é=1 +$set{'disp_orgname'} = 1; #ƒIƒŠƒWƒiƒ‹ƒtƒ@ƒCƒ‹–¼‚ð•\Ž¦‚·‚é=1 + +$set{'per_upfile'} = 0666; #ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0604,other=0666 +$set{'per_dir'} = 0777; #ƒ\[ƒXƒAƒbƒvƒfƒBƒŒƒNƒgƒŠ‚̃p[ƒ~ƒbƒVƒ‡ƒ“ suexec=0701,other=0777 +$set{'per_logfile'} = 0666; #ƒƒOƒtƒ@ƒCƒ‹‚̃p[ƒ~ƒbƒVƒ‡ƒ“@suexec=0600,other=0666 +$set{'link_target'} = ''; #target‘®« + +#------ +$set{'ver'} = '2005/10/10e'; +$set{'char_delname'} = 'D'; + +$in{'time'} = time(); $in{'date'} = conv_date($in{'time'}); +$in{'addr'} = $ENV{'REMOTE_ADDR'}; +$in{'host'} = gethostbyaddr(pack('C4',split(/\./, $in{'addr'})), 2) || $ENV{'REMOTE_HOST'} || '(none)'; + +if($in{'addr'} eq $in{'host'}){ $in{'host'} = '(none)'; } + +$set{'html_head'} =<<"EOM"; + + + + + + + + + +Uploader +EOM + +$set{'html_css'} =<<"EOM"; + + +EOM + +unless(-e $set{'log_file'}){ &init; } +unless(-e $set{'base_html'}){ &makehtml; } +{ #ƒfƒR[ƒh + my $readbuffsize = 1024*8; + if ($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ + if ($ENV{'CONTENT_LENGTH'} > ($set{'max_size'} * 1024 + 1024)){ if($ENV{'SERVER_SOFTWARE'} =~ /IIS/){ while(read(STDIN,my $buff,$readbuffsize)){} } &error(106,$ENV{'CONTENT_LENGTH'});} + }else{ + if ($ENV{'CONTENT_LENGTH'} > 1024*100){ error(98); } + } + my %ck; foreach(split(/;/,$ENV{'HTTP_COOKIE'})){ my($key,$val) = split(/=/); $key =~ s/\s//g; $ck{$key} = $val;} + my @ck = split(/<>/,$ck{'SN_USER'}); + if(length($ck[0]) < 5){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + $in{'user'} = crypt($in{'addr'}.$in{'time'}, $salt); + }else{ $in{'user'} = $ck[0]; } + + if($ENV{'REQUEST_METHOD'} eq "POST" && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/i){ + my %FORM; my $subbuff; my $filename; my $valuename; + my $upflag; my $valueflag; my $bound; my $mime; + my $readlength = 0; + my $random = int(rand(900000)) + 100000; + my $endflag = 0; + binmode(STDIN); + while(){ $readlength += length($_); if(/(--.*)\r\n$/){ $bound = $1; last; }} + if(-e "$set{'src_dir'}$random.temporary"){ $random++; } + if(-e "$set{'src_dir'}$random.temporary"){ $random++; } + if(-e "$set{'src_dir'}$random.temporary"){ &error(204); } + + open(OUT,">$set{'src_dir'}$random.temporary"); + binmode(OUT); + my $formbuff; + while(my $buff = ){ + $readlength += length($buff); + if($upflag == 1){ if($buff =~ /Content-Type:\s(.*)\r\n$/i){ $mime = $1; } $upflag++; next;} + if($upflag == 2){ + while(1){ + my $readblen; my $filebuff; + if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; } + else{ $readblen = $readbuffsize; } + if(!read(STDIN,$filebuff,$readblen)){ last }; + $readlength += length($filebuff); + if($ENV{'CONTENT_LENGTH'} - $readlength < $readbuffsize){ + my $readblen = $ENV{'CONTENT_LENGTH'} - $readlength; + read(STDIN,my $subbuff,$readblen); + $readlength += length($subbuff); + $filebuff .= $subbuff; + $endflag = 1; + } + my $offset = index($filebuff,$bound); + if($offset >= 0){ + $buff = substr($filebuff,0,$offset-2); my $subbuff = substr($filebuff,$offset); + print OUT $buff; $upflag = 0; $formbuff .= $subbuff; last; + }else{ print OUT $filebuff; } + } + if($endflag){ last; } + next; + } + if($buff =~ /^Content-Disposition:\sform-data;\sname=\"upfile\";\sfilename=\"(.*)\"\r\n$/i){ + $filename = $1; $upflag = 1; next; + } + $formbuff .= $buff; + } + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}$random.temporary"); + { my $value; + foreach my $buff(split(/\r\n/,$formbuff)){ + $buff .= "\r\n"; + if($buff =~ /^$bound\-\-/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; last;} + if($buff =~ /^$bound/){ $FORM{$value} =~ s/\r\n$//; $valueflag = 0; next;} + if($valueflag == 1){ $valueflag++; next; } + if($valueflag == 2){ $FORM{$value} .= $buff; } + if($buff =~ /^Content-Disposition: form-data; name=\"(.+)\"\r\n$/){ $value = $1; $valueflag++; } + } + } + if($upflag || $valueflag){ unlink("$set{'src_dir'}$random.temporary"); &error(108);} + + $in{'org_pass'} = $in{'pass'} = $FORM{'pass'}; + $in{'dlkey'} = $FORM{'dlkey'}; + $in{'comment'} = $FORM{'comment'}; + $in{'jcode'} = $FORM{'jcode'}; + $in{'postkey'} = $FORM{'postkey'}; + $in{'upfile'} = $filename; + $in{'type'} = $mime; + $in{'tmpfile'} = "$set{'src_dir'}$random.temporary"; + $in{'orgname'} = $in{'upfile'}; + if(-s "$in{'tmpfile'}" == 0){ unlink("$in{'tmpfile'}"); &error(99) } + if($set{'min_flag'} && ((-s "$in{'tmpfile'}") < $set{'min_size'} * 1024)){ &error(107,(-s "$in{'tmpfile'}"));} + if((-s "$in{'tmpfile'}") > $set{'max_size'} * 1024){ &error(106,(-s "$in{'tmpfile'}"));} + if($set{'post_flag'} && !check_postkey($in{'postkey'})){ &error(109); } + if($set{'dlkey'} == 2 && !$in{'dlkey'}){ unlink("$in{'tmpfile'}"); &error(61); } + }else{ + my ($buffer,%FORM,@admin_delno); + if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});} + else { $buffer = $ENV{'QUERY_STRING'}; } + my @pairs = split(/&/,$buffer); + foreach my $pair (@pairs) { + my ($name, $value) = split(/=/, $pair); + $value =~ tr/+/ /; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + if($name eq 'admin_delno'){ + push(@admin_delno,$value); + }else{ + $FORM{$name} = $value; + } + } + $in{'delpass'} = $FORM{'delpass'}; + $in{'delno'} = $FORM{'delno'}; + $in{'file'} = $FORM{'file'}; + $in{'dlkey'} = $FORM{'dlkey'}; + $in{'mode'} = $FORM{'mode'}; + $in{'checkmode'} = $FORM{'checkmode'}; + $in{'admin_delno'} = join(',',@admin_delno); + if($in{'delno'} eq $set{'admin_name'} && $in{'delpass'} eq $set{'admin_pass'}){ &admin_mode(); } + if(!$in{'delno'} && $in{'delpass'} eq $set{'admin_pass'}){ &makehtml; &quit; } + } + + my @denyhost = split(/,/,$set{'deny_host'}); + foreach my $value (@denyhost){ + if ($in{'addr'} =~ /$value/ || $in{'host'} =~ /$value/){ &error(101);} + } + + my @form = ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}); + foreach my $value (@form) { + if (length($value) > 128) { $value = substr($value,0,128).'...'; } +# $value =~ s/&/&/g; + $value =~ s/"/"/g; + $value =~ s//>/g; + $value =~ s/\r//g; + $value =~ s/\n//g; + $value =~ s/\t//g; + $value =~ s/\0//g; + } + ($in{'comment'},$in{'orgname'},$in{'type'},$in{'dlkey'}) = @form; +} + + +if($in{'mode'} eq 'delete'){ &delete(); &quit(); } +if($in{'mode'} eq 'dl'){ &dlfile;} #DL +if(!$in{'upfile'}){ &error(99); } + +{#ƒƒCƒ“ˆ— + + open(IN,$set{'log_file'})||&error(303); + my @log = ; + close(IN); + my ($no,$lastip,$lasttime) = split(/<>/,$log[0]); + + if($set{'interval'} && $in{'time'} <= ($lasttime + $set{'interval'}) && $in{'addr'} eq $lastip){ &error(203);} + $in{'ext'} = extfind($in{'orgname'}); if(!$in{'ext'}){ &error(202); } + + my $orgname; + if(split(/\//,$in{'orgname'}) > split(/\\/,$in{'orgname'})){ my @name = split(/\//,$in{'orgname'}); $orgname = $name[$#name]; } + else{ my @name = split(/\\/,$in{'orgname'}); $orgname = $name[$#name];} + + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); + srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + $in{'pass'} = crypt($in{'pass'}, $salt); + + if($set{'binary_compare'}){ + my @files = globfile("$set{'src_dir'}",".*"); + my @dir = globdir("$set{'src_dir'}",".*"); + foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } + foreach my $value (@files){ + next if($value =~ /\.temporary$/); + if(binarycmp($in{'tmpfile'},$value)){ unlink($in{'tmpfile'}); &error(205,$value);} + } + } + + if($set{'find_crypt'}){ + open(FILE,$in{'tmpfile'}); binmode(FILE); seek(FILE,0,0); read(FILE,my $buff,4); my $crypt_flag = 0; + if($buff =~ /^\x50\x4b\x03\x04$/){ seek(FILE,6,0); read(FILE,my $buff,1); $crypt_flag = 1 if(($buff & "\x01") eq "\x01"); } + close(FILE); + $in{'comment'} = '*'.$in{'comment'} if($crypt_flag); + } + + open(IN,$set{'log_file'})||&error(303); + @log = ; + close(IN); + ($no,$lastip,$lasttime) = split(/<>/,$log[0]); + shift(@log); + $no++; + my $tmpno = sprintf("%04d",$no); + + my $dlsalt; + my $filedir; + my $allsize = (-s $in{'tmpfile'}); + + if($set{'dlkey'} && $in{'dlkey'}){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9'); srand; + for (my $c = 1; $c <= 20; ++$c) { $dlsalt .= $salt[int(rand(@salt))]; } + $filedir = "$set{'src_dir'}$set{'file_pre'}${tmpno}.$in{'ext'}_$dlsalt/"; + mkdir($filedir,$set{'per_dir'}); + rename("$in{'tmpfile'}","$filedir$set{'file_pre'}$tmpno.$in{'ext'}"); + open(OUT,">${filedir}index.html"); + close(OUT); + chmod($set{'per_upfile'},"${filedir}index.html"); + $in{'comment'} = '[DLKey] '.$in{'comment'}; + }else{ + undef $in{'dlkey'}; + rename("$in{'tmpfile'}","$set{'src_dir'}$set{'file_pre'}$tmpno.$in{'ext'}"); + } + + if (length($orgname) > 128) { $orgname = substr($orgname,0,128).'...'; } + + my @note; + if($set{'post_flag'} && $set{'post_key'}){ + push(@note,'PostKey:'.$in{'postkey'}); + } + if($ENV{'SERVER_SOFTWARE'} =~ /Apache|IIS/){ + my $disptime; + my $time = time() - $in{'time'}; + my @str = ('Upload:','•b'); + my $disptime = $time.$str[1]; + push(@note,$str[0].$disptime); + } + if($in{'dlkey'}){ + my @salt = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); srand; + my $salt = $salt[int(rand(@salt))] . $salt[int(rand(@salt))]; + my $crypt_dlkey = crypt($in{'dlkey'}, $salt); + push(@note,"DLKey"); + } + my $note = join(',',@note); + my $usersalt = substr($in{'user'},0,2); + my $userid = crypt($in{'user'},$usersalt); + $in{'time'} = time(); +# $in{'date'} = conv_date(time()); + my @new; + $new[0] = "$no<>$in{'addr'}<>$in{'time'}<>1\n"; + my $addlog = "$no<>$in{'ext'}<>$in{'date'}<>$in{'comment'}<>$in{'type'}<>$orgname<>$in{'addr'}<>$in{'host'}<>$in{'pass'},$userid<>$set{'file_pre'}<>$note<>1\n"; + $new[1] = $addlog; + +# open(OUT,">>./alllog.cgi"); print OUT $addlog; close(OUT); + + my $i = 2; + + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + if(!$dummy){ $filepre = $set{'file_pre'};} + $no = sprintf("%04d",$no); + + my $filename; + my $filedir; + if($note =~ /DLpath:(.+)\s/){ + my $dlpath = $1; + $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; + $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; + }else{ + $filename = "$set{'src_dir'}$filepre$no.$ext"; + } + $allsize += (-s $filename); + + if($i <= $set{'max_log'} && !($set{'max_all_flag'} && $set{'max_all_size'}*1024 < $allsize)){ + if((-e $filename)||!$set{'zero_clear'}){ push(@new,$value); $i++; } + }else{ + if(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + }elsif(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + }elsif(-e $filename){ + push(@new,$value); + }else{ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } } rmdir($filedir); + } + } + } + logwrite(@new); + if($in{'dlkey'} && ( $set{'dummy_html'} == 2 || $set{'dummy_html'} == 3)){ + &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}",$in{'comment'},"$set{'file_pre'}$tmpno.$in{'ext'}",$dlsalt,$in{'date'},$in{'type'},$orgname,$no); + }elsif(!$in{'dlkey'} && ($set{'dummy_html'} == 1 || $set{'dummy_html'} == 3)){ + &makedummyhtml("$set{'file_pre'}$tmpno.$in{'ext'}"); + } + &makehtml(); &quit(); +} + +sub makehtml{ + + my ($buff,$init,$postval,$dlkey); + my $page = 0; my $i = 1; + + open(IN,$set{'log_file'})||&error(303); + my $log = my @log = ; + close(IN); + + if($log == 1){ $log++; $init++;} + my $lastpage = int(($log - 2)/$set{'pagelog'}) + 1; + $postval = ' obj.postkey.value = unescape(p[1]);' if($set{'post_flag'}); + my $header =<<"EOM"; +$set{'html_head'} + +$set{'html_css'} + +
Uploader
+

+Now.. Testing.. +

+EOM + my $maxsize = 'Max '.dispsize($set{'max_size'}*1024); + my ($minsize,$total); + if($set{'min_flag'}){ $minsize = 'Min '.dispsize($set{'min_size'}*1024).' - '; } + if($set{'max_all_flag'}){ $total .= ' Total '.dispsize($set{'max_all_size'}*1024);} + $header .= qq|
FILE $minsize$maxsize (*$set{'max_log'}Files$total)
|; + $header .=''; + $header .= ' DLKey: ' if($set{'dlkey'}); + $header .= ' +DELKey:
+COMMENT
+ + +
+'; + if($set{'post_flag'}){ $header .= 'PostKey
'; } + $header .= '
'; + + my $allsize = 0; + my @files = globfile("$set{'src_dir'}",".*"); + my @dir = globdir("$set{'src_dir'}",".*"); + foreach my $dir (@dir){ push(@files,globfile($dir."/",".*")); } + foreach my $value (@files){ $allsize += (-s "$value"); } + + $allsize = dispsize($allsize); + + my $footer = "
Used ${allsize}\n
"; + if($set{'up_all'} && !$set{'ext_org'}){ $footer .= $set{'up_ext'}.' +'; } + elsif(!$set{'up_all'}){ $footer .= $set{'up_ext'}; } + $footer .= "\n
No. key
\n"; + $footer .= "
\n\n"; + + my $info_title = "\n"; + if($set{'disp_comment'}){ $info_title .= ""; } if($set{'disp_size'}){ $info_title .= ""; } if($set{'disp_date'}){ $info_title .= ""; } + if($set{'disp_mime'}){ $info_title .= ""; } if($set{'disp_orgname'}){ $info_title .= ""; } + $info_title .= "\n"; + + my $home_url_link; + if($set{'home_url'}){ $home_url_link = qq|[HOME] |;} + if($set{'html_all'}){ + my $buff; my $no = 1; my $time = time; my $subheader; + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$dummy) = split(/<>/,$value); + if(!$dummy){ next; } + $buff .= makeitem($value); + } + $subheader .= "[ALL] "; + while($no <= $lastpage){ + if($no == $page) { $subheader .= "\[$no\] ";} + else{ if($no == 1){ $subheader .= "\[$no\] "} + else{$subheader .= "\[$no\] ";} } + $no++; + } + $subheader .= $info_title; + open(OUT,">$set{'html_dir'}all.html")||&error(306,"$set{'html_dir'}all.html"); + print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; + close(OUT); + chmod($set{'per_upfile'},"$set{'html_dir'}all.html"); + }else{ unlink("$set{'html_dir'}all.html"); } + + while($log > $i){ + $buff .= makeitem($log[$i]) unless($init); + if(($i % $set{'pagelog'}) == 0||$i == $log -1){ + $page++; my $subheader; my $no = 1; my $time = time; + if($set{'html_all'}){ $subheader .= "[ALL] "; } + while($no <= $lastpage){ + if($no == $page) { $subheader .= "\[$no\] ";} + else{ if($no == 1){ $subheader .= "\[$no\] "} + else{$subheader .= "\[$no\] ";} + } + $no++; + } + $subheader .= $info_title; + my $loghtml; + if($page == 1){ $loghtml = "$set{'html_dir'}$set{'base_html'}"; } + else{ $loghtml = "$set{'html_dir'}$page.html"; } + + open(OUT,">$loghtml") || &error(306,"$loghtml"); + print OUT $header."
".$home_url_link.$subheader."
".$buff.$footer; + close(OUT); + chmod($set{'per_upfile'},$loghtml); + undef $buff; + } + $i++; + } + + while($page < 1000){ + $page ++; + if(-e "$set{'html_dir'}$page.html"){ unlink("$set{'html_dir'}$page.html"); }else{ last; } + } +} + +sub delete{ + my $mode = $_[0]; + my @delno = split(/,/,$_[1]); + my $delno; my $flag = 0; my $tmpaddr; + my $delnote; + + if($in{'delno'} =~ /(\d+)/){ $delno = $1; } + if($mode ne 'admin' && !$in{'delno'}){ return; } + elsif($mode ne 'admin' && !$delno){ &error(401,$in{'delno'}); } + + open(IN,$set{'log_file'})|| &error(303); + my @log = ; + close(IN); + + if($in{'addr'} =~ /(\d+).(\d+).(\d+).(\d+)/){ $tmpaddr = "$1.$2.$3."; } + my $findflag = 0; + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + $delnote = $note; + my $delflag = 0; + if(!$addr){ next; } + if($mode eq 'admin'){ + foreach my $delno (@delno){ if($no == $delno){ $delflag = 1; last; } } + }elsif($no == $delno){ + $findflag = 1; + unless ($addr =~ /^$tmpaddr/){ + my ($pass,$id) = split(/,/,$pass); + my $delpass = $in{'delpass'} || $in{'addr'}.time(); + my $salt = substr($pass, 0, 2); $delpass = crypt($delpass,$salt); + my $usersalt = substr($in{'user'},0,2); my $userid = crypt($in{'user'},$usersalt); + if ($in{'delpass'} ne $set{'admin_pass'} && $delpass ne $pass && $userid ne $id){ + if($mode ne 'admin'){ if(!$dummy){ $filepre = $set{'file_pre'};} $no = sprintf("%04d",$no); &error(404,"$filepre$no.$ext");} + } + } + $delflag = 1; + } + if($delflag){ +# open(OUT,">>./del.cgi"); print OUT $value; close(OUT); + $flag = 1; + if(!$dummy){ $filepre = $set{'file_pre'};} + $no = sprintf("%04d",$no); + my $filename; + my ($dlpath,$filedir); + if($delnote =~ /DLpath:(.+)\s/){ + $dlpath = $1; + $filename = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"; + $filedir = "$set{'src_dir'}$filepre$no.${ext}_$dlpath/"; + }else{ + $filename = "$set{'src_dir'}$filepre$no.$ext"; + } + + if(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }elsif(unlink($filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }elsif(!(-e $filename)){ + unlink("$set{'src_dir'}$filepre$no.$ext.html"); if($filedir){ foreach(globfile($filedir,".*")){ unlink; } rmdir($filedir);} undef $value; + }else{ + if($mode ne 'admin'){ &error(403,"$filepre$no.$ext");} + } + } + } + if($mode ne 'admin' && !$findflag){ &error(402,$delno); } + if($flag){ + logwrite(@log); + &makehtml(); + } +} + + +sub quit{ + my ($cookiename,$buff); + my $flag = 0; + my @tmpfiles = globfile("$set{'src_dir'}","\.temporary"); + foreach my $value (@tmpfiles){ if((stat($value))[10] < time - 60*60){ unlink("$value"); $flag++; } } + &makehtml() if($flag); + $buff =<<"EOM"; +$set{'html_head'} +EOM + if($in{'jcode'} || $in{'mode'} eq 'delete'){ + $buff .=<<"EOM"; + + +\n|; + } + $buff .=<<"EOM"; + +

+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub admin_mode{ + &errorclear() if($in{'mode'} eq 'errorclear'); + &delete('admin',$in{'admin_delno'}) if($in{'mode'} eq 'delete'); + + open(IN,$set{'log_file'})||error(303); + my @log = ; + close(IN); + + my ($header,$buff,$footer,$value); + $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +EOM + + $buff .= leaddisp(0,1,1).'
NAMECOMMENTSIZEDATEMIMEORIG
Upload Info
'; + $buff .= qq|
\n

\n|."\n\n"; + shift(@log); + foreach (@log){ $buff .= makeitem($_,'admin'); } + $buff .= '
DELNAMECOMMENTSIZEADDRHOSTDATENOTEMIMEORIG


'; + + if($set{'error_level'}){ + $buff .= leaddisp(-1,0,1).'
Error Info
'; + $buff .= qq|
|; + $buff .= "\n\n"; + if(open(IN,$set{'error_log'})){ @log = reverse(); close(IN); foreach (@log){ my ($date,$no,$note,$addr,$host) = split(/<>/); $buff .= "\n"; }} + $buff .= "
DATEADDRHOSTNOTE
$date$addr$host$note


\n"; + } + + $buff .= leaddisp(-1,-1,0); + $buff .= '
Setting Info
'."\n\n"; + $buff .= tablestr('ƒXƒNƒŠƒvƒgVer',$set{'ver'}); + $buff .= tablestr('ƒƒCƒ“ƒƒOƒtƒ@ƒCƒ‹',$set{'log_file'}); + if($set{'error_level'}){ + $buff .= tablestr('ƒGƒ‰[ƒƒOƒtƒ@ƒCƒ‹',$set{'error_log'}); + if($set{'error_size'}){ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—Ê',dispsize($set{'error_size'}*1024).' '.($set{'error_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('ƒGƒ‰[ƒƒOÅ‘å—e—ʐ§ŒÀ','–³'); } + }else{ $buff .= tablestr('ƒGƒ‰[ƒƒO‹L˜^','–³'); } + $buff .= tablestr('•ÛŽŒ”',$set{'max_log'}); + $buff .= tablestr('Å‘å“Še—e—Ê',dispsize($set{'max_size'}*1024).' '.($set{'max_size'}*1024).'Bytes'); + + if($set{'min_flag'}){ $buff .= tablestr('Å¬§ŒÀ—e—Ê',dispsize($set{'min_size'}*1024).' '.($set{'min_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('Å¬§ŒÀ—e—Ê',"–³"); } + if($set{'max_all_flag'}){ $buff .= tablestr('‘—e—ʐ§ŒÀ',dispsize($set{'max_all_size'}*1024).' '.($set{'max_all_size'}*1024).'Bytes'); } + else{ $buff .= tablestr('‘—e—ʐ§ŒÀ',"–³"); } + + $buff .= tablestr("ƒtƒ@ƒCƒ‹Ú“ªŽ«",$set{'file_pre'}); + $buff .= tablestr("HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'html_dir'}); + $buff .= tablestr("ƒtƒ@ƒCƒ‹•Û‘¶ƒfƒBƒŒƒNƒgƒŠ",$set{'src_dir'}); + if($set{'http_html_path'} && $set{'html_dir'} ne $set{'http_html_path'}){ $buff .= "\n";} + if($set{'http_src_path'} && $set{'src_dir'} ne $set{'http_src_path'}){ $buff .= "\n";} + $buff .= tablestr('1ƒy[ƒW‚É•\Ž¦‚·‚éƒtƒ@ƒCƒ‹”',$set{'pagelog'}); + if($set{'interval'} > 0){ $value = $set{'interval'}.'•b'; }else{ $value = '–³'; } + $buff .= tablestr('“¯ˆêIP“ŠeŠÔŠu•b”§ŒÀ',$value); + if($set{'up_ext'}){ $set{'up_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‰Â”\Šî–{Šg’£Žq',$set{'up_ext'}); } + if($set{'deny_ext'}){ $set{'deny_ext'} =~ s/,/ /g; $buff .= tablestr('“Še‹ÖŽ~Šg’£Žq',$set{'deny_ext'}); } + if($set{'change_ext'}){ $set{'change_ext'} =~ s/,/ /g; $set{'change_ext'} =~ s/>/>/g; $buff .= tablestr('Šg’£Žq•ÏŠ·',$set{'change_ext'}); } + + if($set{'up_all'}){ $buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','—L'); if($set{'ext_org'}){ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','ƒIƒŠƒWƒiƒ‹'); }else{ $buff .= tablestr('Žw’èŠOƒtƒ@ƒCƒ‹Šg’£Žq','bin'); }} + else{$buff .= tablestr('Žw’èŠOŠg’£ŽqƒAƒbƒvƒ[ƒh‹–‰Â','–³');} + + if($set{'find_crypt'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ˆÃ†‰»ƒA[ƒJƒCƒuŒŸo(ZIP)',$value); + if($set{'binary_compare'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ƒoƒCƒiƒŠ”äŠr',$value); + if($set{'post_flag'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('PostKey“Še§ŒÀ',$value); + if($set{'dlkey'}){ if($set{'dlkey'} == 2){$value = '•K{'}else{$value = '”CˆÓ';}}else{ $value = '–³';} + $buff .= tablestr('DLkey',$value); + if($set{'dummy_html'}){ if($set{'dummy_html'} == 3){$value = 'ALL'}elsif($set{'dummy_html'} == 2){$value = 'DLKey‚Ì‚Ý';}else{$value = '’ʏíƒtƒ@ƒCƒ‹‚Ì‚Ý';}}else{ $value = '–³';} + $buff .= tablestr('ŒÂ•ÊHTMLƒLƒƒƒbƒVƒ…',$value); + if($set{'disp_error'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('ƒ†[ƒUƒGƒ‰[•\Ž¦',$value); + if($set{'zero_clear'}){ $value = '—L'; }else{ $value = '–³';} + $buff .= tablestr('íœÏƒtƒ@ƒCƒ‹ƒŠƒXƒgŽ©“®Á‹Ž',$value); + if($set{'home_url'}){ $buff .= "\n";} + + $buff .= '
HTTP_HTML_PATH$set{'http_html_path'}
HTTP_SRC_PATH$set{'http_src_path'}
HOMEURL$set{'home_url'}
'; + + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub extfind{ + my $orgname = @_[0]; + my @filename = split(/\./,$orgname); + my $ext = $filename[$#filename]; + $ext =~ tr/[A-Z]/[a-z]/; + foreach my $value (split(/,/,$set{'change_ext'})){ my ($src,$dst) = split(/->/,$value); if($ext eq $src){ $ext = $dst; last; }} + foreach my $value (split(/,/,$set{'deny_ext'})){ if($ext eq $value){ &error(206,$ext); }} + foreach my $value (split(/,/,$set{'up_ext'})){ if ($ext eq $value) { return $value; } } + if(length($ext) >= 5 || length($ext) == 0){ $ext = 'bin'; } + unless ($ext =~ /^[A-Za-z0-9]+$/){ $ext = 'bin'; } + if($set{'up_all'} && $set{'ext_org'}){ return $ext;} + elsif($set{'up_all'}){ return 'bin'; } + return 0; +} + + +sub conv_date{ + my @date = gmtime($_[0] + 9*60*60); + $date[5] -= 100; $date[4]++; + if ($date[5] < 10) { $date[5] = "0$date[5]" ; } if ($date[4] < 10) { $date[4] = "0$date[4]" ; } + if ($date[3] < 10) { $date[3] = "0$date[3]" ; } if ($date[2] < 10) { $date[2] = "0$date[2]" ; } + if ($date[1] < 10) { $date[1] = "0$date[1]" ; } if ($date[0] < 10) { $date[0] = "0$date[0]" ; } + my @w = ('Sun','Mon','Tue','Wed','Thu','Fri','Sat'); + return ("$date[5]/$date[4]/$date[3]($w[$date[6]]),$date[2]:$date[1]:$date[0]"); +} + +sub dispsize{ + my $size = $_[0]; + if($size >= 1024*1024*1024*100){ $size = int($size/1024/1024/1024).'GB';} + elsif($size >= 1024*1024*1024*10){ $size = sprintf("%.1fGB",$size/1024/1024/1024);} + elsif($size > 1024*1024*1024){ $size = sprintf("%.2fGB",$size/1024/1024/1024);} + elsif($size >= 1024*1024*100){ $size = int($size/1024/1024).'MB'; } + elsif($size > 1024*1024){ $size = sprintf("%.1fMB",$size/1024/1024); } + elsif($size > 1024){ $size = int($size/1024).'KB'; } + else{ $size = int($size).'B';} + return $size; +} + +sub makeitem{ + my ($src,$mode) = @_; my ($buff,$check,$target); + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$src); + if(!$dummy){ $filepre = $set{'file_pre'}; } + my $orgno = $no; + $no = sprintf("%04d",$no); + my $size = 0; + my $dlpath = 0; + + if($note =~ /DLpath:(.+)\s/){ + $dlpath = $1; + $size = dispsize(-s "$set{'src_dir'}$filepre$no.${ext}_$dlpath/$filepre$no.$ext"); + }else{ + $size = dispsize(-s "$set{'src_dir'}$filepre$no.$ext"); + } + + my $path = $set{'http_src_path'} || $set{'src_dir'}; + if($set{'link_target'}){ $target = qq| target="$set{'link_target'}"|; } + if($mode eq 'admin'){ + if($dlpath){ $path .= "$filepre$no.${ext}_$dlpath/"; } + if($addr eq $host){ undef $host; } + if($in{'checkmode'} eq 'allcheck'){$check = ' checked';} + $buff = "$filepre$no.$ext$comment$size$addr$host$date$note$mime$orgname\n"; + }else{ + my($d_com,$d_date,$d_size,$d_mime,$d_org); + if($set{'disp_comment'}){ $d_com = "$comment"; } if($set{'disp_size'}){ $d_size = "$size"; } if($set{'disp_date'}){ $d_date= "$date"; } + if($set{'disp_mime'}){ $d_mime = "$mime"; } if($set{'disp_orgname'}){ $d_org = "$orgname"; } + if(-e "$set{'src_dir'}$filepre$no.$ext.html"){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + elsif($dlpath){$buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + else{ $buff = "$filepre$no.$ext$d_com$d_size$d_date$d_mime$d_org\n";} + } + return $buff; +} + +sub makedummyhtml{ + my ($filename,$com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; + my $buff; + + if(!$no){ + $buff = "$filename"; + $buff .= qq|Download $filename|; + $buff .= ''; + }else{ + $buff = cryptfiledl($com,$file,$orgdlpath,$date,$mime,$orgname,$no); + } + + open(OUT,">$set{'src_dir'}$filename.html")||&error(307,"$set{'src_dir'}$filename.html"); + print OUT $buff; + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}$filename.html"); + return 1; +} + + +sub logwrite{ + my @log = @_; + open(OUT,"+>$set{'log_file'}")||&error(304); + eval{ flock(OUT, 2);}; + eval{ truncate(OUT, 0);}; + seek(OUT, 0, 0); + print OUT @log; + eval{ flock(OUT, 8);}; + close(OUT); + chmod($set{'per_upfile'},$set{'log_file'}); + return 1; +} + +sub binarycmp{ + my ($src,$dst) = @_; + return 0 if (-s $src != -s $dst); + open(SRC,$src)||return 0; open(DST,$dst)||return 0; + my ($buff,$buff2); + binmode(SRC); binmode(DST); seek(SRC,0,0); seek(DST,0,0); + while(read(SRC,$buff,8192)){ read(DST,$buff2,8192); if($buff ne $buff2){ close(SRC); close(DST); return 0; } } + close(SRC); close(DST); + return 1; +} + +sub init{ + my $buff; + if(open(OUT,">$set{'log_file'}")){ + print OUT "0<>0<>0<>1\n"; + close(OUT); + chmod($set{'per_logfile'},$set{'log_file'}); + }else{ + $buff = "ƒƒCƒ“ƒƒO‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + + unless (-d "$set{'src_dir'}"){ + if(mkdir("$set{'src_dir'}",$set{'per_dir'})){ + chmod($set{'per_dir'},"$set{'src_dir'}"); + open(OUT,">$set{'src_dir'}index.html"); + close(OUT); + chmod($set{'per_upfile'},"$set{'src_dir'}index.html"); + }else{ + $buff .= "Source•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + } + + unless (-d "$set{'html_dir'}"){ + if(mkdir("$set{'html_dir'}",$set{'per_dir'})){ + chmod($set{'per_dir'},"$set{'html_dir'}"); + }else{ + $buff .= "HTML•Û‘¶ƒfƒBƒŒƒNƒgƒŠ‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½"; + } + } + + if($buff){ + $buff .= "ƒfƒBƒŒƒNƒgƒŠ‚ɏ‘‚«ž‚ÝŒ ŒÀ‚ª‚ ‚é‚©Šm”F‚µ‚Ä‚­‚¾‚³‚¢"; + &error_disp($buff,'init'); + } +} + +sub check_postkey{ + my $inputkey = @_[0]; + my @key = split(/,/,$set{'post_key'}); + foreach my $key (@key){ if($inputkey eq $key){ return 1; } } + return 0; +} + +sub leaddisp{ + my @src = @_; + my ($str,$count); + foreach my $value (@src){ + my ($mark,$name,$link); $count++; + if($count == 1){ $name = 'Upload Info'; $link = 'up'; } + elsif($count == 2){ $name = 'Error Info'; $link = 'error'; next if(!$set{'error_level'}); } + elsif($count == 3){ $name = 'Setting Info'; $link = 'set'; } + if($value){ if($value > 0){ $mark = '¥'; }else{ $mark = '£'; } $str .= qq|${mark}${name} |; } + else{ $str .= qq|[$name] |; } + } + return $str; +} + +sub errorclear{ + open(OUT,">$set{'error_log'}")||return 0; + eval{ flock(OUT, 2);}; eval{ truncate(OUT, 0);}; seek(OUT, 0, 0); eval{ flock(OUT, 8);}; close(OUT); + chmod($set{'per_upfile'},$set{'log_file'}); + return 1; +} + +sub tablestr{ + my ($value1,$value2) = @_; + return ("$value1$value2\n"); +} + +sub globfile{ + my ($src_dir,$filename) = @_; + opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); + my @new = (); foreach my $value (@dir){ push(@new,"$src_dir$value") if($value =~ /$filename/ && !(-d "$src_dir$value")); } + return @new; +} + +sub globdir{ + my ($src_dir,$dir) = @_; + opendir(DIR,$src_dir)||return 0; my @dir = readdir(DIR); closedir(DIR); + my @new = (); foreach my $value (@dir){ if($value eq '.' ||$value eq '..' ){ next; } push(@new,"$src_dir$value") if($value =~ /$dir/ && (-d "$src_dir$value")); } + return @new; +} + +sub error_disp{ + my ($message,$mode) = @_; + my $url; + if($mode eq 'init'){ $url = qq|[ƒŠƒ[ƒh]|; }else{ $url = qq|[–ß‚é]|; } + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +
+ +$message + + +
$url
+

+ + + + + +
DATE$in{'date'}
ADDR$in{'addr'}
HOST$in{'host'}
+
+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + exit; +} + +sub error{ + my ($no,$note) = @_; + if (length($note) > 64) { $note = substr($note,0,64).'...'; } + $note =~ s/&/&/g; $note =~ s/\"/"/g; $note =~ s//>/g; $note =~ s/\r//g; $note =~ s/\n//g; $note =~ s/\t//g; $note =~ s/\0//g; + my ($message,$dispmsg,$flag); + + if($no == 98){ $message = ""; } + elsif($no == 99){ $message = "UpFile‚È‚µ"; } + elsif($no == 101){ $message = "“Še‹ÖŽ~HOST"; } + elsif($no == 106){ $flag = 1; $message = "POSTƒTƒCƒY’´‰ß"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å‘å—e—ʐݒè('.dispsize($set{'max_size'}*1024).')‚ð‰z‚¦‚Ä‚¢‚Ü‚·';} + elsif($no == 107){ $flag = 1; $message = "POSTƒTƒCƒY‰ß¬"; $note = dispsize($note); $dispmsg= 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒAƒbƒvƒ[ƒhƒtƒ@ƒCƒ‹('.$note.')‚Í Å¬—e—ʐݒè('.dispsize($set{'min_size'}*1024).')–¢–ž‚Å‚·';} + elsif($no == 108){ $flag = 1; $message = "POSTƒf[ƒ^•sŠ®‘S"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTƒf[ƒ^‚ª•sŠ®‘S‚Å‚·';} + elsif($no == 109){ $flag = 1; $message = "POSTKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½POSTKey‚ªˆê’v‚µ‚Ü‚¹‚ñ';} + elsif($no == 202){ $flag = 1; $message = "Šg’£Žq‡‚킸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“Še‚Å‚«‚éŠg’£Žq‚Í'.$set{'up_ext'}.'‚Å‚·';} + elsif($no == 203){ $flag = 1; $message = "“Še‘‚·‚¬"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêIPƒAƒhƒŒƒX‚©‚ç'.$set{'interval'}.'•bˆÈ“à‚ɍēŠe‚Å‚«‚Ü‚¹‚ñ';} + elsif($no == 204){ $flag = 1; $message = "ˆêŽžƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ˆêŽžƒtƒ@ƒCƒ‹‚̍쐬‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 205){ $flag = 1; $message = "“¯ˆêƒtƒ@ƒCƒ‹‘¶Ý"; $note =~ /([^\/]+)$/; my $filename = $1; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½“¯ˆêƒtƒ@ƒCƒ‹‚ª '.$filename.' ‚É‘¶Ý‚µ‚Ü‚·';} + elsif($no == 206){ $flag = 1; $message = "‹ÖŽ~Šg’£Žq"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðƒAƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½Šg’£Žq '.$note.' ‚̓Aƒbƒvƒ[ƒh‚Å‚«‚Ü‚¹‚ñ';} + elsif($no == 303){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɓǂݍž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 304){ $flag = 1; $message = "ƒƒOƒtƒ@ƒCƒ‹‚ɏ‘‚«ž‚ß‚¸"; $dispmsg = 'ƒƒCƒ“ƒƒO‚̏‘‚«ž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½';} + elsif($no == 306){ $message = "ƒtƒ@ƒCƒ‹ƒŠƒXƒgHTML‘‚«ž‚ß‚¸";} + elsif($no == 307){ $message = "ƒtƒ@ƒCƒ‹HTMLƒtƒ@ƒCƒ‹‘‚«ž‚ß‚¸";} + elsif($no == 401){ $flag = 1; $message = "íœNo.ŒŸo‚Å‚«‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çíœNo.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.'0774.zip‚̏ꍇ No.‚É‚Í 774 ‚ð“ü—Í‚µ‚Ü‚·';} + elsif($no == 402){ $flag = 1; $note = sprintf("%04d",int($note)); $message = "íœNo.‘¶Ý‚¹‚¸"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ';} + elsif($no == 403){ $flag = 1; $message = "íœƒAƒNƒZƒX‹‘”Û"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½ƒtƒ@ƒCƒ‹íœðŒ‚Í–ž‚½‚µ‚Ä‚¢‚Ü‚·‚ª '.$note.' ‚̃tƒ@ƒCƒ‹‚̍폜‚ª‹‘”Û‚³‚ê‚Ü‚µ‚½ƒAƒNƒZƒX‚ª‰ßè‚ȏꍇ“™‚ÍŽžŠÔ‚ð’u‚¢‚čđ€ì‚·‚é‚ƍ폜‚Å‚«‚邱‚Æ‚ª‚ ‚è‚Ü‚·';} + elsif($no == 404){ $flag = 1; $message = "íœKey•sˆê’v"; $dispmsg = 'ƒtƒ@ƒCƒ‹‚ðíœ‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' íœKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½';} + + elsif($no == 51){ $flag = 1; $message = "[DLMode] No.Œ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$note.' ‚©‚çƒtƒ@ƒCƒ‹No.‚ðŒŸo‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½'; } + elsif($no == 52){ $flag = 1; $message = "[DLMode] FileŒ©‚‚©‚炸"; $dispmsg = '[DLMode] ƒtƒ@ƒCƒ‹‚ªŒ©‚‚©‚è‚Ü‚¹‚ñ‚Å‚µ‚½'.$set{'file_pre'}.$note.'.*** ‚̓ƒCƒ“ƒƒO‚É‘¶Ý‚µ‚Ü‚¹‚ñ'; } + elsif($no == 53){ $flag = 1; $message = "[DLMode] DLkey–¢Ý’è"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ª–¢Ý’è‚Å‚·'; } + elsif($no == 54){ $flag = 1; $message = "[DLMode] DLkey•sˆê’v"; $dispmsg = '[DLMode] orgDLkeyError'.$note.' DLKey‚ªˆê’v‚µ‚Ü‚¹‚ñ‚Å‚µ‚½'; } + elsif($no == 55){ $flag = 1; $message = "[DLMode] File Oepn Error"; $dispmsg = '[DLMode] Open Error'.$note.' ƒtƒ@ƒCƒ‹‚̓ǂݍž‚Ý‚ÉŽ¸”s‚µ‚Ü‚µ‚½'; } + elsif($no == 56){ $flag = 1; $message = "[DLMode] File Not Found"; $dispmsg = '[DLMode] Not Found'.$note.' ƒtƒ@ƒCƒ‹‚ª‘¶Ý‚µ‚Ü‚¹‚ñ'; } + + elsif($no == 61){ $flag = 1; $message = "DLkey–¢Ý’è"; $dispmsg = 'DLKey‚ª–¢Ý’è‚Å‚·'; } + + unlink($in{'tmpfile'}); + if($note){$message .= ' ';} + if($set{'error_level'} && $no > 100){ + unless(-e $set{'error_log'}){ + open(OUT,">$set{'error_log'}"); + close(OUT); + chmod($set{'per_logfile'},$set{'error_log'}); + } + if($set{'error_size'} && ((-s $set{'error_log'}) > $set{'error_size'} * 1024)){ + my $err_bkup = "$set{'error_log'}.bak.cgi"; + unlink($err_bkup); + rename($set{'error_log'},$err_bkup); + open(OUT,">$set{'error_log'}"); + close(OUT); + chmod($set{'per_logfile'},$set{'error_log'}); + } + open(OUT,">>$set{'error_log'}"); + print OUT "$in{'date'}<>$no<>$message$note<>$in{'addr'}<>$in{'host'}<>1\n"; + close(OUT); + } + &error_disp($dispmsg) if($flag && $set{'disp_error'}); + &quit(); +} + +sub dlfile{ + my $msg; + my ($orgdlkey,$orgdlpath); + my ($dlext,$dlfilepre); + my ($dl_date,$dl_comment,$dl_size,$dl_mime,,$dl_orgname); + my $dlno = 0; + my $findflag; + + open(IN,$set{'log_file'})||&error(303); + my @log = ; + close(IN); + shift(@log); + + if($in{'file'} =~ /(\d+)/){ $dlno = $1; } + if($dlno == 0) { &error(51,$in{'file'}); } + + foreach my $value (@log){ + my ($no,$ext,$date,$comment,$mime,$orgname,$addr,$host,$pass,$filepre,$note,$dummy) = split(/<>/,$value); + my @note = split(/,/,$note); + if(int($dlno) == $no){ + $dl_comment = $comment; + $dl_mime = $mime; + $dl_date = $date; + $dl_orgname = $orgname; + $dlext = $ext; + $dlfilepre = $filepre; + foreach my $tmpnote (@note){ + if($tmpnote =~ /\!--\sDLKey:(.+)\s--.*\!--\sDLpath:(.+)\s--/){ + $orgdlkey = $1; + $orgdlpath = $2; + last; + } + } + $findflag = 1; + last; + } + } + + my $dlfile = $dlfilepre.sprintf("%04d",int($dlno)).'.'.$dlext; + if(!(-e "$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile")){ &error(56,"$dlfile----$set{'src_dir'}${dlfile}_$orgdlpath/$dlfile"); } + + if($in{'dlkey'}){ + my $dlsalt = substr($orgdlkey,0,2); + my $dlkey = crypt($in{'dlkey'},$dlsalt); + + if($findflag == 0){ &error(52,$dlfile); } + elsif(!$orgdlkey){ &error(53,$dlfile); } + elsif($orgdlkey ne $dlkey && $set{'admin_pass'} ne $in{'dlkey'}){ &error(54,$dlfile); } + #print "Location: $set{'http_src_path'}${dlfile}_$orgdlpath/$dlfile\n\n"; + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + + + +
+
+ + +
”ò‚΂Ȃ¢ê‡‚Í ‚±‚¿‚ç ‚©‚ç
+
+ +EOM + print "Content-type: text/html\n\n"; + print $buff; + }else{ + my $buff = cryptfiledl($dl_comment,$dlfile,$orgdlpath,$dl_date,$dl_mime,$dl_orgname,$dlno); + print "Content-type: text/html\n\n"; + print $buff; + } + exit; +} + +sub cryptfiledl{ + my($com,$file,$orgdlpath,$date,$mime,$orgname,$no) = @_; + my($d_com,$d_date,$d_size,$d_mime,$d_org); + + if($set{'disp_comment'}){ $d_com = "COMMENT$com"; } if($set{'disp_size'}){ $d_size = "SIZE".dispsize(-s "$set{'src_dir'}${file}_$orgdlpath/$file")." (".(-s "$set{'src_dir'}${file}_$orgdlpath/$file")."bytes)".""; } if($set{'disp_date'}){ $d_date= "DATE$date"; } + if($set{'disp_mime'}){ $d_mime = "ORGMIME$mime"; } if($set{'disp_orgname'}){ $d_org = "ORGNAME$orgname"; } + + my $buff =<<"EOM"; +$set{'html_head'}$set{'html_css'} + +
+
+$file ‚É‚ÍDLKey‚ªÝ’肳‚ê‚Ä‚¢‚Ü‚· + + + + +$d_com$d_date$d_size$d_mime$d_org + + + +
+ + +
DLKey:
+
+ +EOM + + return $buff; +} \ No newline at end of file -- 1.7.9.5