[763] | 1 | #####
|
---|
| 2 | # FCKeditor - The text editor for internet
|
---|
| 3 | # Copyright (C) 2003-2006 Frederico Caldeira Knabben
|
---|
| 4 | #
|
---|
| 5 | # Licensed under the terms of the GNU Lesser General Public License:
|
---|
| 6 | # http://www.opensource.org/licenses/lgpl-license.php
|
---|
| 7 | #
|
---|
| 8 | # For further information visit:
|
---|
| 9 | # http://www.fckeditor.net/
|
---|
| 10 | #
|
---|
| 11 | # "Support Open Source software. What about a donation today?"
|
---|
| 12 | #
|
---|
| 13 | # File Name: upload_fck.pl
|
---|
| 14 | # This is the File Manager Connector for Perl.
|
---|
| 15 | #
|
---|
| 16 | # File Authors:
|
---|
| 17 | # Takashi Yamaguchi (jack@omakase.net)
|
---|
| 18 | #####
|
---|
| 19 |
|
---|
| 20 | # image data save dir
|
---|
| 21 | $img_dir = './temp/';
|
---|
| 22 |
|
---|
| 23 |
|
---|
| 24 | # File size max(unit KB)
|
---|
| 25 | $MAX_CONTENT_SIZE = 30000;
|
---|
| 26 |
|
---|
| 27 | # Filelock (1=use,0=not use)
|
---|
| 28 | $PM{'flock'} = '1';
|
---|
| 29 |
|
---|
| 30 |
|
---|
| 31 | # upload Content-Type list
|
---|
| 32 | my %UPLOAD_CONTENT_TYPE_LIST = (
|
---|
| 33 | 'image/(x-)?png' => 'png', # PNG image
|
---|
| 34 | 'image/p?jpe?g' => 'jpg', # JPEG image
|
---|
| 35 | 'image/gif' => 'gif', # GIF image
|
---|
| 36 | 'image/x-xbitmap' => 'xbm', # XBM image
|
---|
| 37 |
|
---|
| 38 | 'image/(x-(MS-)?)?bmp' => 'bmp', # Windows BMP image
|
---|
| 39 | 'image/pict' => 'pict', # Macintosh PICT image
|
---|
| 40 | 'image/tiff' => 'tif', # TIFF image
|
---|
| 41 | 'application/pdf' => 'pdf', # PDF image
|
---|
| 42 | 'application/x-shockwave-flash' => 'swf', # Shockwave Flash
|
---|
| 43 |
|
---|
| 44 | 'video/(x-)?msvideo' => 'avi', # Microsoft Video
|
---|
| 45 | 'video/quicktime' => 'mov', # QuickTime Video
|
---|
| 46 | 'video/mpeg' => 'mpeg', # MPEG Video
|
---|
| 47 | 'video/x-mpeg2' => 'mpv2', # MPEG2 Video
|
---|
| 48 |
|
---|
| 49 | 'audio/(x-)?midi?' => 'mid', # MIDI Audio
|
---|
| 50 | 'audio/(x-)?wav' => 'wav', # WAV Audio
|
---|
| 51 | 'audio/basic' => 'au', # ULAW Audio
|
---|
| 52 | 'audio/mpeg' => 'mpga', # MPEG Audio
|
---|
| 53 |
|
---|
| 54 | 'application/(x-)?zip(-compressed)?' => 'zip', # ZIP Compress
|
---|
| 55 |
|
---|
| 56 | 'text/html' => 'html', # HTML
|
---|
| 57 | 'text/plain' => 'txt', # TEXT
|
---|
| 58 | '(?:application|text)/(?:rtf|richtext)' => 'rtf', # RichText
|
---|
| 59 |
|
---|
| 60 | 'application/msword' => 'doc', # Microsoft Word
|
---|
| 61 | 'application/vnd.ms-excel' => 'xls', # Microsoft Excel
|
---|
| 62 |
|
---|
| 63 | ''
|
---|
| 64 | );
|
---|
| 65 |
|
---|
| 66 | # Upload is permitted.
|
---|
| 67 | # A regular expression is possible.
|
---|
| 68 | my %UPLOAD_EXT_LIST = (
|
---|
| 69 | 'png' => 'PNG image',
|
---|
| 70 | 'p?jpe?g|jpe|jfif|pjp' => 'JPEG image',
|
---|
| 71 | 'gif' => 'GIF image',
|
---|
| 72 | 'xbm' => 'XBM image',
|
---|
| 73 |
|
---|
| 74 | 'bmp|dib|rle' => 'Windows BMP image',
|
---|
| 75 | 'pi?ct' => 'Macintosh PICT image',
|
---|
| 76 | 'tiff?' => 'TIFF image',
|
---|
| 77 | 'pdf' => 'PDF image',
|
---|
| 78 | 'swf' => 'Shockwave Flash',
|
---|
| 79 |
|
---|
| 80 | 'avi' => 'Microsoft Video',
|
---|
| 81 | 'moo?v|qt' => 'QuickTime Video',
|
---|
| 82 | 'm(p(e?gv?|e|v)|1v)' => 'MPEG Video',
|
---|
| 83 | 'mp(v2|2v)' => 'MPEG2 Video',
|
---|
| 84 |
|
---|
| 85 | 'midi?|kar|smf|rmi|mff' => 'MIDI Audio',
|
---|
| 86 | 'wav' => 'WAVE Audio',
|
---|
| 87 | 'au|snd' => 'ULAW Audio',
|
---|
| 88 | 'mp(e?ga|2|a|3)|abs' => 'MPEG Audio',
|
---|
| 89 |
|
---|
| 90 | 'zip' => 'ZIP Compress',
|
---|
| 91 | 'lzh' => 'LZH Compress',
|
---|
| 92 | 'cab' => 'CAB Compress',
|
---|
| 93 |
|
---|
| 94 | 'd?html?' => 'HTML',
|
---|
| 95 | 'rtf|rtx' => 'RichText',
|
---|
| 96 | 'txt|text' => 'Text',
|
---|
| 97 |
|
---|
| 98 | ''
|
---|
| 99 | );
|
---|
| 100 |
|
---|
| 101 |
|
---|
| 102 | # sjis or euc
|
---|
| 103 | my $CHARCODE = 'sjis';
|
---|
| 104 |
|
---|
| 105 | $TRANS_2BYTE_CODE = 0;
|
---|
| 106 |
|
---|
| 107 | ##############################################################################
|
---|
| 108 | # Summary
|
---|
| 109 | #
|
---|
| 110 | # Form Read input
|
---|
| 111 | #
|
---|
| 112 | # Parameters
|
---|
| 113 | # Returns
|
---|
| 114 | # Memo
|
---|
| 115 | ##############################################################################
|
---|
| 116 | sub read_input
|
---|
| 117 | {
|
---|
| 118 | eval("use File::Copy;");
|
---|
| 119 | eval("use File::Path;");
|
---|
| 120 |
|
---|
| 121 | my ($FORM) = @_;
|
---|
| 122 |
|
---|
| 123 |
|
---|
| 124 | mkdir($img_dir,0777);
|
---|
| 125 | chmod(0777,$img_dir);
|
---|
| 126 |
|
---|
| 127 | undef $img_data_exists;
|
---|
| 128 | undef @NEWFNAMES;
|
---|
| 129 | undef @NEWFNAME_DATA;
|
---|
| 130 |
|
---|
| 131 | if($ENV{'CONTENT_LENGTH'} > 10000000 || $ENV{'CONTENT_LENGTH'} > $MAX_CONTENT_SIZE * 1024) {
|
---|
| 132 | &upload_error(
|
---|
| 133 | 'Size Error',
|
---|
| 134 | sprintf(
|
---|
| 135 | "Transmitting size is too large.MAX <strong>%d KB</strong> Now Size <strong>%d KB</strong>(<strong>%d bytes</strong> Over)",
|
---|
| 136 | $MAX_CONTENT_SIZE,
|
---|
| 137 | int($ENV{'CONTENT_LENGTH'} / 1024),
|
---|
| 138 | $ENV{'CONTENT_LENGTH'} - $MAX_CONTENT_SIZE * 1024
|
---|
| 139 | )
|
---|
| 140 | );
|
---|
| 141 | }
|
---|
| 142 |
|
---|
| 143 | my $Buffer;
|
---|
| 144 | if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
|
---|
| 145 | # METHOD POST only
|
---|
| 146 | return unless($ENV{'CONTENT_LENGTH'});
|
---|
| 147 |
|
---|
| 148 | binmode(STDIN);
|
---|
| 149 | # STDIN A pause character is detected.'(MacIE3.0 boundary of $ENV{'CONTENT_TYPE'} cannot be trusted.)
|
---|
| 150 | my $Boundary = <STDIN>;
|
---|
| 151 | $Boundary =~ s/\x0D\x0A//;
|
---|
| 152 | $Boundary = quotemeta($Boundary);
|
---|
| 153 | while(<STDIN>) {
|
---|
| 154 | if(/^\s*Content-Disposition:/i) {
|
---|
| 155 | my($name,$ContentType,$FileName);
|
---|
| 156 | # form data get
|
---|
| 157 | if(/\bname="([^"]+)"/i || /\bname=([^\s:;]+)/i) {
|
---|
| 158 | $name = $1;
|
---|
| 159 | $name =~ tr/+/ /;
|
---|
| 160 | $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
| 161 | &Encode(\$name);
|
---|
| 162 | }
|
---|
| 163 | if(/\bfilename="([^"]*)"/i || /\bfilename=([^\s:;]*)/i) {
|
---|
| 164 | $FileName = $1 || 'unknown';
|
---|
| 165 | }
|
---|
| 166 | # head read
|
---|
| 167 | while(<STDIN>) {
|
---|
| 168 | last if(! /\w/);
|
---|
| 169 | if(/^\s*Content-Type:\s*"([^"]+)"/i || /^\s*Content-Type:\s*([^\s:;]+)/i) {
|
---|
| 170 | $ContentType = $1;
|
---|
| 171 | }
|
---|
| 172 | }
|
---|
| 173 | # body read
|
---|
| 174 | $value = "";
|
---|
| 175 | while(<STDIN>) {
|
---|
| 176 | last if(/^$Boundary/o);
|
---|
| 177 | $value .= $_;
|
---|
| 178 | };
|
---|
| 179 | $lastline = $_;
|
---|
| 180 | $value =~s /\x0D\x0A$//;
|
---|
| 181 | if($value ne '') {
|
---|
| 182 | if($FileName || $ContentType) {
|
---|
| 183 | $img_data_exists = 1;
|
---|
| 184 | (
|
---|
| 185 | $FileName, #
|
---|
| 186 | $Ext, #
|
---|
| 187 | $Length, #
|
---|
| 188 | $ImageWidth, #
|
---|
| 189 | $ImageHeight, #
|
---|
| 190 | $ContentName #
|
---|
| 191 | ) = &CheckContentType(\$value,$FileName,$ContentType);
|
---|
| 192 |
|
---|
| 193 | $FORM{$name} = $FileName;
|
---|
| 194 | $new_fname = $FileName;
|
---|
| 195 | push(@NEWFNAME_DATA,"$FileName\t$Ext\t$Length\t$ImageWidth\t$ImageHeight\t$ContentName");
|
---|
| 196 |
|
---|
| 197 | # Multi-upload correspondence
|
---|
| 198 | push(@NEWFNAMES,$new_fname);
|
---|
| 199 | open(OUT,">$img_dir/$new_fname");
|
---|
| 200 | binmode(OUT);
|
---|
| 201 | eval "flock(OUT,2);" if($PM{'flock'} == 1);
|
---|
| 202 | print OUT $value;
|
---|
| 203 | eval "flock(OUT,8);" if($PM{'flock'} == 1);
|
---|
| 204 | close(OUT);
|
---|
| 205 |
|
---|
| 206 | } elsif($name) {
|
---|
| 207 | $value =~ tr/+/ /;
|
---|
| 208 | $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
| 209 | &Encode(\$value,'trans');
|
---|
| 210 | $FORM{$name} .= "\0" if(defined($FORM{$name}));
|
---|
| 211 | $FORM{$name} .= $value;
|
---|
| 212 | }
|
---|
| 213 | }
|
---|
| 214 | };
|
---|
| 215 | last if($lastline =~ /^$Boundary\-\-/o);
|
---|
| 216 | }
|
---|
| 217 | } elsif($ENV{'CONTENT_LENGTH'}) {
|
---|
| 218 | read(STDIN,$Buffer,$ENV{'CONTENT_LENGTH'});
|
---|
| 219 | }
|
---|
| 220 | foreach(split(/&/,$Buffer),split(/&/,$ENV{'QUERY_STRING'})) {
|
---|
| 221 | my($name, $value) = split(/=/);
|
---|
| 222 | $name =~ tr/+/ /;
|
---|
| 223 | $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
| 224 | $value =~ tr/+/ /;
|
---|
| 225 | $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
| 226 |
|
---|
| 227 | &Encode(\$name);
|
---|
| 228 | &Encode(\$value,'trans');
|
---|
| 229 | $FORM{$name} .= "\0" if(defined($FORM{$name}));
|
---|
| 230 | $FORM{$name} .= $value;
|
---|
| 231 |
|
---|
| 232 | }
|
---|
| 233 |
|
---|
| 234 | }
|
---|
| 235 |
|
---|
| 236 | ##############################################################################
|
---|
| 237 | # Summary
|
---|
| 238 | #
|
---|
| 239 | # CheckContentType
|
---|
| 240 | #
|
---|
| 241 | # Parameters
|
---|
| 242 | # Returns
|
---|
| 243 | # Memo
|
---|
| 244 | ##############################################################################
|
---|
| 245 | sub CheckContentType
|
---|
| 246 | {
|
---|
| 247 |
|
---|
| 248 | my($DATA,$FileName,$ContentType) = @_;
|
---|
| 249 | my($Ext,$ImageWidth,$ImageHeight,$ContentName,$Infomation);
|
---|
| 250 | my $DataLength = length($$DATA);
|
---|
| 251 |
|
---|
| 252 | # An unknown file type
|
---|
| 253 |
|
---|
| 254 | $_ = $ContentType;
|
---|
| 255 | my $UnknownType = (
|
---|
| 256 | !$_
|
---|
| 257 | || /^application\/(x-)?macbinary$/i
|
---|
| 258 | || /^application\/applefile$/i
|
---|
| 259 | || /^application\/octet-stream$/i
|
---|
| 260 | || /^text\/plane$/i
|
---|
| 261 | || /^x-unknown-content-type/i
|
---|
| 262 | );
|
---|
| 263 |
|
---|
| 264 | # MacBinary(Mac Unnecessary data are deleted.)
|
---|
| 265 | if($UnknownType || $ENV{'HTTP_USER_AGENT'} =~ /Macintosh|Mac_/) {
|
---|
| 266 | if($DataLength > 128 && !unpack("C",substr($$DATA,0,1)) && !unpack("C",substr($$DATA,74,1)) && !unpack("C",substr($$DATA,82,1)) ) {
|
---|
| 267 | my $MacBinary_ForkLength = unpack("N", substr($$DATA, 83, 4)); # ForkLength Get
|
---|
| 268 | my $MacBinary_FileName = quotemeta(substr($$DATA, 2, unpack("C",substr($$DATA, 1, 1))));
|
---|
| 269 | if($MacBinary_FileName && $MacBinary_ForkLength && $DataLength >= $MacBinary_ForkLength + 128
|
---|
| 270 | && ($FileName =~ /$MacBinary_FileName/i || substr($$DATA,102,4) eq 'mBIN')) { # DATA TOP 128byte MacBinary!!
|
---|
| 271 | $$DATA = substr($$DATA,128,$MacBinary_ForkLength);
|
---|
| 272 | my $ResourceLength = $DataLength - $MacBinary_ForkLength - 128;
|
---|
| 273 | $DataLength = $MacBinary_ForkLength;
|
---|
| 274 | }
|
---|
| 275 | }
|
---|
| 276 | }
|
---|
| 277 |
|
---|
| 278 | # A file name is changed into EUC.
|
---|
| 279 | # &jcode::convert(\$FileName,'euc',$FormCodeDefault);
|
---|
| 280 | # &jcode::h2z_euc(\$FileName);
|
---|
| 281 | $FileName =~ s/^.*\\//; # Windows, Mac
|
---|
| 282 | $FileName =~ s/^.*\///; # UNIX
|
---|
| 283 | $FileName =~ s/&/&/g;
|
---|
| 284 | $FileName =~ s/"/"/g;
|
---|
| 285 | $FileName =~ s/</</g;
|
---|
| 286 | $FileName =~ s/>/>/g;
|
---|
| 287 | #
|
---|
| 288 | # if($CHARCODE ne 'euc') {
|
---|
| 289 | # &jcode::convert(\$FileName,$CHARCODE,'euc');
|
---|
| 290 | # }
|
---|
| 291 |
|
---|
| 292 | # An extension is extracted and it changes into a small letter.
|
---|
| 293 | my $FileExt;
|
---|
| 294 | if($FileName =~ /\.(\w+)$/) {
|
---|
| 295 | $FileExt = $1;
|
---|
| 296 | $FileExt =~ tr/A-Z/a-z/;
|
---|
| 297 | }
|
---|
| 298 |
|
---|
| 299 | # Executable file detection (ban on upload)
|
---|
| 300 | if($$DATA =~ /^MZ/) {
|
---|
| 301 | $Ext = 'exe';
|
---|
| 302 | }
|
---|
| 303 | # text
|
---|
| 304 | if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)
|
---|
| 305 | && ! $$DATA =~ /[\000-\006\177\377]/) {
|
---|
| 306 | # $$DATA =~ s/\x0D\x0A/\n/g;
|
---|
| 307 | # $$DATA =~ tr/\x0D\x0A/\n\n/;
|
---|
| 308 | #
|
---|
| 309 | # if(
|
---|
| 310 | # $$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i
|
---|
| 311 | # || $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i
|
---|
| 312 | # || $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i
|
---|
| 313 | # ) {
|
---|
| 314 | # $Infomation = '(JavaScript contains)';
|
---|
| 315 | # }
|
---|
| 316 | # if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i
|
---|
| 317 | # || $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i
|
---|
| 318 | # || $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i
|
---|
| 319 | # || $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i
|
---|
| 320 | # || $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i
|
---|
| 321 | # || $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i
|
---|
| 322 | # || $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i
|
---|
| 323 | # || $$DATA =~ /<\s*FORM(?:.|\n)*?>/i
|
---|
| 324 | # || $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i
|
---|
| 325 | # || $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i
|
---|
| 326 | # ) {
|
---|
| 327 | # $Infomation = '(the HTML tag which is not safe is included)';
|
---|
| 328 | # }
|
---|
| 329 |
|
---|
| 330 | if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) { # Text File
|
---|
| 331 | $Ext = 'txt';
|
---|
| 332 | } elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) { # HTML File
|
---|
| 333 | $Ext = 'html';
|
---|
| 334 | } elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) { # XBM(x-BitMap) Image
|
---|
| 335 | my $XbmName = $1;
|
---|
| 336 | my ($XbmWidth, $XbmHeight);
|
---|
| 337 | if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {
|
---|
| 338 | $XbmWidth = $1;
|
---|
| 339 | }
|
---|
| 340 | if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {
|
---|
| 341 | $XbmHeight = $1;
|
---|
| 342 | }
|
---|
| 343 | if($XbmWidth && $XbmHeight) {
|
---|
| 344 | $Ext = 'xbm';
|
---|
| 345 | $ImageWidth = $XbmWidth;
|
---|
| 346 | $ImageHeight = $XbmHeight;
|
---|
| 347 | }
|
---|
| 348 | } else { #
|
---|
| 349 | $Ext = 'txt';
|
---|
| 350 | }
|
---|
| 351 | }
|
---|
| 352 |
|
---|
| 353 | # image
|
---|
| 354 | if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {
|
---|
| 355 | # PNG
|
---|
| 356 | if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {
|
---|
| 357 | if(substr($$DATA, 12, 4) eq 'IHDR') {
|
---|
| 358 | $Ext = 'png';
|
---|
| 359 | ($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));
|
---|
| 360 | }
|
---|
| 361 | } elsif($$DATA =~ /^GIF8(?:9|7)a/) { # GIF89a(modified), GIF89a, GIF87a
|
---|
| 362 | $Ext = 'gif';
|
---|
| 363 | ($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));
|
---|
| 364 | } elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) { # TIFF
|
---|
| 365 | $Ext = 'tif';
|
---|
| 366 | } elsif($$DATA =~ /^BM/) { # BMP
|
---|
| 367 | $Ext = 'bmp';
|
---|
| 368 | } elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) { # JPEG
|
---|
| 369 | my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);
|
---|
| 370 | my $Point = $HeaderPoint + 2;
|
---|
| 371 | while($Point < $DataLength) {
|
---|
| 372 | my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));
|
---|
| 373 | if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {
|
---|
| 374 | last;
|
---|
| 375 | } elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {
|
---|
| 376 | $Ext = 'jpg';
|
---|
| 377 | ($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));
|
---|
| 378 | if($HeaderPoint > 0) {
|
---|
| 379 | $$DATA = substr($$DATA, $HeaderPoint);
|
---|
| 380 | $DataLength = length($$DATA);
|
---|
| 381 | }
|
---|
| 382 | last;
|
---|
| 383 | } else {
|
---|
| 384 | $Point += $MakerLength + 2;
|
---|
| 385 | }
|
---|
| 386 | }
|
---|
| 387 | }
|
---|
| 388 | }
|
---|
| 389 |
|
---|
| 390 | # audio
|
---|
| 391 | if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {
|
---|
| 392 | # MIDI Audio
|
---|
| 393 | if($$DATA =~ /^MThd/) {
|
---|
| 394 | $Ext = 'mid';
|
---|
| 395 | } elsif($$DATA =~ /^\x2esnd/) { # ULAW Audio
|
---|
| 396 | $Ext = 'au';
|
---|
| 397 | } elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
---|
| 398 | my $HeaderPoint = index($$DATA, "RIFF", 0);
|
---|
| 399 | $_ = substr($$DATA, $HeaderPoint + 8, 8);
|
---|
| 400 | if(/^WAVEfmt $/) {
|
---|
| 401 | # WAVE
|
---|
| 402 | if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {
|
---|
| 403 | $Ext = 'wav';
|
---|
| 404 | } else { # RIFF WAVE MP3
|
---|
| 405 | $Ext = 'mp3';
|
---|
| 406 | }
|
---|
| 407 | } elsif(/^RMIDdata$/) { # RIFF MIDI
|
---|
| 408 | $Ext = 'rmi';
|
---|
| 409 | } elsif(/^RMP3data$/) { # RIFF MP3
|
---|
| 410 | $Ext = 'rmp';
|
---|
| 411 | }
|
---|
| 412 | if($ContentType =~ /^audio\//i) {
|
---|
| 413 | $Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
---|
| 414 | }
|
---|
| 415 | }
|
---|
| 416 | }
|
---|
| 417 |
|
---|
| 418 | # a binary file
|
---|
| 419 | unless ($Ext) {
|
---|
| 420 | # PDF image
|
---|
| 421 | if($$DATA =~ /^\%PDF/) {
|
---|
| 422 | # Picture size is not measured.
|
---|
| 423 | $Ext = 'pdf';
|
---|
| 424 | } elsif($$DATA =~ /^FWS/) { # Shockwave Flash
|
---|
| 425 | $Ext = 'swf';
|
---|
| 426 | } elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
---|
| 427 | my $HeaderPoint = index($$DATA, "RIFF", 0);
|
---|
| 428 | $_ = substr($$DATA,$HeaderPoint + 8, 8);
|
---|
| 429 | # AVI
|
---|
| 430 | if(/^AVI LIST$/) {
|
---|
| 431 | $Ext = 'avi';
|
---|
| 432 | }
|
---|
| 433 | if($ContentType =~ /^video\//i) {
|
---|
| 434 | $Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
---|
| 435 | }
|
---|
| 436 | } elsif($$DATA =~ /^PK/) { # ZIP Compress File
|
---|
| 437 | $Ext = 'zip';
|
---|
| 438 | } elsif($$DATA =~ /^MSCF/) { # CAB Compress File
|
---|
| 439 | $Ext = 'cab';
|
---|
| 440 | } elsif($$DATA =~ /^Rar\!/) { # RAR Compress File
|
---|
| 441 | $Ext = 'rar';
|
---|
| 442 | } elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) { # LHA Compress File
|
---|
| 443 | $Infomation .= "(lh$1)";
|
---|
| 444 | $Ext = 'lzh';
|
---|
| 445 | } elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {
|
---|
| 446 | # QuickTime
|
---|
| 447 | $Ext = 'mov';
|
---|
| 448 | }
|
---|
| 449 | }
|
---|
| 450 |
|
---|
| 451 | # Header analysis failure
|
---|
| 452 | unless ($Ext) {
|
---|
| 453 | # It will be followed if it applies for the MIME type from the browser.
|
---|
| 454 | foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {
|
---|
| 455 | next unless ($_);
|
---|
| 456 | if($ContentType =~ /^$_$/i) {
|
---|
| 457 | $Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};
|
---|
| 458 | $ContentName = &CheckContentExt($Ext);
|
---|
| 459 | if(
|
---|
| 460 | grep {$_ eq $Ext;} (
|
---|
| 461 | 'png',
|
---|
| 462 | 'gif',
|
---|
| 463 | 'jpg',
|
---|
| 464 | 'xbm',
|
---|
| 465 | 'tif',
|
---|
| 466 | 'bmp',
|
---|
| 467 | 'pdf',
|
---|
| 468 | 'swf',
|
---|
| 469 | 'mov',
|
---|
| 470 | 'zip',
|
---|
| 471 | 'cab',
|
---|
| 472 | 'lzh',
|
---|
| 473 | 'rar',
|
---|
| 474 | 'mid',
|
---|
| 475 | 'rmi',
|
---|
| 476 | 'au',
|
---|
| 477 | 'wav',
|
---|
| 478 | 'avi',
|
---|
| 479 | 'exe'
|
---|
| 480 | )
|
---|
| 481 | ) {
|
---|
| 482 | $Infomation .= ' / Header analysis failure';
|
---|
| 483 | }
|
---|
| 484 | if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {
|
---|
| 485 | $Ext = $FileExt;
|
---|
| 486 | }
|
---|
| 487 | last;
|
---|
| 488 | }
|
---|
| 489 | }
|
---|
| 490 | # a MIME type is unknown--It judges from an extension.
|
---|
| 491 | unless ($Ext) {
|
---|
| 492 | $ContentName = &CheckContentExt($FileExt);
|
---|
| 493 | if($ContentName) {
|
---|
| 494 | $Ext = $FileExt;
|
---|
| 495 | $Infomation .= ' / MIME type is unknown('. $ContentType. ')';
|
---|
| 496 | last;
|
---|
| 497 | }
|
---|
| 498 | }
|
---|
| 499 | }
|
---|
| 500 |
|
---|
| 501 | # $ContentName = &CheckContentExt($Ext) unless($ContentName);
|
---|
| 502 | # if($Ext && $ContentName) {
|
---|
| 503 | # $ContentName .= $Infomation;
|
---|
| 504 | # } else {
|
---|
| 505 | # &upload_error(
|
---|
| 506 | # 'Extension Error',
|
---|
| 507 | # "$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))
|
---|
| 508 | # );
|
---|
| 509 | # }
|
---|
| 510 |
|
---|
| 511 | # # SSI Tag Deletion
|
---|
| 512 | # if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {
|
---|
| 513 | # foreach (
|
---|
| 514 | # 'config',
|
---|
| 515 | # 'echo',
|
---|
| 516 | # 'exec',
|
---|
| 517 | # 'flastmod',
|
---|
| 518 | # 'fsize',
|
---|
| 519 | # 'include'
|
---|
| 520 | # ) {
|
---|
| 521 | # $$DATA =~ s/\#\s*$_/\&\#35\;$_/ig
|
---|
| 522 | # }
|
---|
| 523 | # }
|
---|
| 524 |
|
---|
| 525 | return (
|
---|
| 526 | $FileName,
|
---|
| 527 | $Ext,
|
---|
| 528 | int($DataLength / 1024 + 1),
|
---|
| 529 | $ImageWidth,
|
---|
| 530 | $ImageHeight,
|
---|
| 531 | $ContentName
|
---|
| 532 | );
|
---|
| 533 | }
|
---|
| 534 |
|
---|
| 535 | ##############################################################################
|
---|
| 536 | # Summary
|
---|
| 537 | #
|
---|
| 538 | # Extension discernment
|
---|
| 539 | #
|
---|
| 540 | # Parameters
|
---|
| 541 | # Returns
|
---|
| 542 | # Memo
|
---|
| 543 | ##############################################################################
|
---|
| 544 |
|
---|
| 545 | sub CheckContentExt
|
---|
| 546 | {
|
---|
| 547 |
|
---|
| 548 | my($Ext) = @_;
|
---|
| 549 | my $ContentName;
|
---|
| 550 | foreach (keys %UPLOAD_EXT_LIST) {
|
---|
| 551 | next unless ($_);
|
---|
| 552 | if($_ && $Ext =~ /^$_$/) {
|
---|
| 553 | $ContentName = $UPLOAD_EXT_LIST{$_};
|
---|
| 554 | last;
|
---|
| 555 | }
|
---|
| 556 | }
|
---|
| 557 | return $ContentName;
|
---|
| 558 |
|
---|
| 559 | }
|
---|
| 560 |
|
---|
| 561 | ##############################################################################
|
---|
| 562 | # Summary
|
---|
| 563 | #
|
---|
| 564 | # Form decode
|
---|
| 565 | #
|
---|
| 566 | # Parameters
|
---|
| 567 | # Returns
|
---|
| 568 | # Memo
|
---|
| 569 | ##############################################################################
|
---|
| 570 | sub Encode
|
---|
| 571 | {
|
---|
| 572 |
|
---|
| 573 | my($value,$Trans) = @_;
|
---|
| 574 |
|
---|
| 575 | # my $FormCode = &jcode::getcode($value) || $FormCodeDefault;
|
---|
| 576 | # $FormCodeDefault ||= $FormCode;
|
---|
| 577 | #
|
---|
| 578 | # if($Trans && $TRANS_2BYTE_CODE) {
|
---|
| 579 | # if($FormCode ne 'euc') {
|
---|
| 580 | # &jcode::convert($value, 'euc', $FormCode);
|
---|
| 581 | # }
|
---|
| 582 | # &jcode::tr(
|
---|
| 583 | # $value,
|
---|
| 584 | # "\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",
|
---|
| 585 | # '0-9A-Za-z'
|
---|
| 586 | # );
|
---|
| 587 | # if($CHARCODE ne 'euc') {
|
---|
| 588 | # &jcode::convert($value,$CHARCODE,'euc');
|
---|
| 589 | # }
|
---|
| 590 | # } else {
|
---|
| 591 | # if($CHARCODE ne $FormCode) {
|
---|
| 592 | # &jcode::convert($value,$CHARCODE,$FormCode);
|
---|
| 593 | # }
|
---|
| 594 | # }
|
---|
| 595 | # if($CHARCODE eq 'euc') {
|
---|
| 596 | # &jcode::h2z_euc($value);
|
---|
| 597 | # } elsif($CHARCODE eq 'sjis') {
|
---|
| 598 | # &jcode::h2z_sjis($value);
|
---|
| 599 | # }
|
---|
| 600 |
|
---|
| 601 | }
|
---|
| 602 |
|
---|
| 603 | ##############################################################################
|
---|
| 604 | # Summary
|
---|
| 605 | #
|
---|
| 606 | # Error Msg
|
---|
| 607 | #
|
---|
| 608 | # Parameters
|
---|
| 609 | # Returns
|
---|
| 610 | # Memo
|
---|
| 611 | ##############################################################################
|
---|
| 612 |
|
---|
| 613 | sub upload_error
|
---|
| 614 | {
|
---|
| 615 |
|
---|
| 616 | local($error_message) = $_[0];
|
---|
| 617 | local($error_message2) = $_[1];
|
---|
| 618 |
|
---|
| 619 | print "Content-type: text/html\n\n";
|
---|
| 620 | print<<EOF;
|
---|
| 621 | <HTML>
|
---|
| 622 | <HEAD>
|
---|
| 623 | <TITLE>Error Message</TITLE></HEAD>
|
---|
| 624 | <BODY>
|
---|
| 625 | <table border="1" cellspacing="10" cellpadding="10">
|
---|
| 626 | <TR bgcolor="#0000B0">
|
---|
| 627 | <TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>
|
---|
| 628 | </TR>
|
---|
| 629 | </table>
|
---|
| 630 | <UL>
|
---|
| 631 | <H4> $error_message </H4>
|
---|
| 632 | $error_message2 <BR>
|
---|
| 633 | </UL>
|
---|
| 634 | </BODY>
|
---|
| 635 | </HTML>
|
---|
| 636 | EOF
|
---|
| 637 | &rm_tmp_uploaded_files; # Image Temporary deletion
|
---|
| 638 | exit;
|
---|
| 639 | }
|
---|
| 640 |
|
---|
| 641 | ##############################################################################
|
---|
| 642 | # Summary
|
---|
| 643 | #
|
---|
| 644 | # Image Temporary deletion
|
---|
| 645 | #
|
---|
| 646 | # Parameters
|
---|
| 647 | # Returns
|
---|
| 648 | # Memo
|
---|
| 649 | ##############################################################################
|
---|
| 650 |
|
---|
| 651 | sub rm_tmp_uploaded_files
|
---|
| 652 | {
|
---|
| 653 | if($img_data_exists == 1){
|
---|
| 654 | sleep 1;
|
---|
| 655 | foreach $fname_list(@NEWFNAMES) {
|
---|
| 656 | if(-e "$img_dir/$fname_list") {
|
---|
| 657 | unlink("$img_dir/$fname_list");
|
---|
| 658 | }
|
---|
| 659 | }
|
---|
| 660 | }
|
---|
| 661 |
|
---|
| 662 | }
|
---|
| 663 | 1;
|
---|