equal
deleted
inserted
replaced
9 # | </Files> |
9 # | </Files> |
10 # |
10 # |
11 # Je nach Permission-Lage kann es gut sein, daß das upload.d-Verzeichnis |
11 # Je nach Permission-Lage kann es gut sein, daß das upload.d-Verzeichnis |
12 # mit der Hand angelegt werden muß und dem Webserver-Nutzer „geschenkt“ |
12 # mit der Hand angelegt werden muß und dem Webserver-Nutzer „geschenkt“ |
13 # werden muß. |
13 # werden muß. |
|
14 # |
|
15 # Das Upload-Verzeichnis sollte natuerlich vor der Indizierung geschuetzt |
|
16 # werden - siehe Beispiel .htaccess. |
14 # |
17 # |
15 # Eventuell in der Apache-Config sowas wie |
18 # Eventuell in der Apache-Config sowas wie |
16 # ScriptAlias /ud /home/ud/XXX/upload.pl |
19 # ScriptAlias /ud /home/ud/XXX/upload.pl |
17 # Alias /d /home/ud/d/ |
20 # Alias /d /home/ud/XXX/d/ |
18 # gesetzt werden. |
21 # gesetzt werden. |
19 |
22 |
20 use strict; |
23 use strict; |
21 use warnings; |
24 use warnings; |
22 use CGI qw(:all *table); |
25 use CGI qw(:all *table); |
26 use File::Basename; |
29 use File::Basename; |
27 use Digest::SHA1 qw(sha1_hex); |
30 use Digest::SHA1 qw(sha1_hex); |
28 |
31 |
29 my $DIR = "d"; |
32 my $DIR = "d"; |
30 my $DIR_URI = "/$DIR"; |
33 my $DIR_URI = "/$DIR"; |
|
34 |
|
35 delete @ENV{grep /PATH/, keys %ENV}; |
|
36 $ENV{PATH} = "/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"; |
31 |
37 |
32 -d $DIR |
38 -d $DIR |
33 or mkdir $DIR => 0750 |
39 or mkdir $DIR => 0750 |
34 or die "Can't mkdir $DIR: $!\n"; |
40 or die "Can't mkdir $DIR: $!\n"; |
35 |
41 |
46 rmdir "$DIR/$dir" or die "Can't rmdir $DIR/$dir: $!\n"; |
52 rmdir "$DIR/$dir" or die "Can't rmdir $DIR/$dir: $!\n"; |
47 } |
53 } |
48 } |
54 } |
49 |
55 |
50 if (length(my $file = param("upload"))) { |
56 if (length(my $file = param("upload"))) { |
51 my $expires = param("expires"); |
57 my $days = param("expires"); |
|
58 my $expires; |
52 |
59 |
53 # sanitize expires |
60 # sanitize expires |
54 $expires =~ /.*?(\d+).*/; |
61 $days =~ /.*?(\d+).*/; |
55 $expires = time + (defined $1 ? $1 : 10) * 86400; |
62 $days = defined $1 ? $1 : 10; |
|
63 $expires = time + $days * 86400; |
|
64 |
56 |
65 |
57 # sanitizing the filename |
66 # sanitizing the filename |
58 (my $filename = $file) =~ tr /\\/\//; |
67 (my $filename = $file) =~ tr /\\/\//; |
59 $filename =~ /(.*)/; |
68 $filename =~ /(.*)/; |
60 $filename = $1; |
69 $filename = $1; |
62 my $dir = "$DIR/" . sha1_hex(time + rand(10_000)) . "-$expires"; |
71 my $dir = "$DIR/" . sha1_hex(time + rand(10_000)) . "-$expires"; |
63 mkdir $dir, 0750 or die "Can't mkdir $dir: $!\n"; |
72 mkdir $dir, 0750 or die "Can't mkdir $dir: $!\n"; |
64 my $outfh = new IO::File ">$dir/$filename" |
73 my $outfh = new IO::File ">$dir/$filename" |
65 or die "Can't create $dir/$filename: $!\n"; |
74 or die "Can't create $dir/$filename: $!\n"; |
66 print {$outfh} <$file>; |
75 print {$outfh} <$file>; |
|
76 |
|
77 if (my $atfh = new IO::File("|at now + $days days")) { |
|
78 print {$atfh} |
|
79 "rm -f \"$dir/$filename\"\n", |
|
80 "rmdir \"$dir\"\n"; |
|
81 close $atfh; |
|
82 system("cat /tmp/log"); |
|
83 } |
|
84 |
67 } |
85 } |
68 print hr; |
86 print hr; |
69 |
87 |
70 #print "<pre>", |
88 #print "<pre>", |
71 #(map { "$_: $ENV{$_}\n" } sort keys %ENV), |
89 #(map { "$_: $ENV{$_}\n" } sort keys %ENV), |