1 | #####
|
---|
2 | # FCKeditor - The text editor for internet
|
---|
3 | # Copyright (C) 2003-2006 Frederico Caldeira Knabben
|
---|
4 | #
|
---|
5 | # Licensed under the terms of the GNU Lesser General Public License:
|
---|
6 | # http://www.opensource.org/licenses/lgpl-license.php
|
---|
7 | #
|
---|
8 | # For further information visit:
|
---|
9 | # http://www.fckeditor.net/
|
---|
10 | #
|
---|
11 | # "Support Open Source software. What about a donation today?"
|
---|
12 | #
|
---|
13 | # File Name: upload_fck.pl
|
---|
14 | # This is the File Manager Connector for Perl.
|
---|
15 | #
|
---|
16 | # File Authors:
|
---|
17 | # Takashi Yamaguchi (jack@omakase.net)
|
---|
18 | #####
|
---|
19 |
|
---|
20 | # image data save dir
|
---|
21 | $img_dir = './temp/';
|
---|
22 |
|
---|
23 |
|
---|
24 | # File size max(unit KB)
|
---|
25 | $MAX_CONTENT_SIZE = 30000;
|
---|
26 |
|
---|
27 | # Filelock (1=use,0=not use)
|
---|
28 | $PM{'flock'} = '1';
|
---|
29 |
|
---|
30 |
|
---|
31 | # upload Content-Type list
|
---|
32 | my %UPLOAD_CONTENT_TYPE_LIST = (
|
---|
33 | 'image/(x-)?png' => 'png', # PNG image
|
---|
34 | 'image/p?jpe?g' => 'jpg', # JPEG image
|
---|
35 | 'image/gif' => 'gif', # GIF image
|
---|
36 | 'image/x-xbitmap' => 'xbm', # XBM image
|
---|
37 |
|
---|
38 | 'image/(x-(MS-)?)?bmp' => 'bmp', # Windows BMP image
|
---|
39 | 'image/pict' => 'pict', # Macintosh PICT image
|
---|
40 | 'image/tiff' => 'tif', # TIFF image
|
---|
41 | 'application/pdf' => 'pdf', # PDF image
|
---|
42 | 'application/x-shockwave-flash' => 'swf', # Shockwave Flash
|
---|
43 |
|
---|
44 | 'video/(x-)?msvideo' => 'avi', # Microsoft Video
|
---|
45 | 'video/quicktime' => 'mov', # QuickTime Video
|
---|
46 | 'video/mpeg' => 'mpeg', # MPEG Video
|
---|
47 | 'video/x-mpeg2' => 'mpv2', # MPEG2 Video
|
---|
48 |
|
---|
49 | 'audio/(x-)?midi?' => 'mid', # MIDI Audio
|
---|
50 | 'audio/(x-)?wav' => 'wav', # WAV Audio
|
---|
51 | 'audio/basic' => 'au', # ULAW Audio
|
---|
52 | 'audio/mpeg' => 'mpga', # MPEG Audio
|
---|
53 |
|
---|
54 | 'application/(x-)?zip(-compressed)?' => 'zip', # ZIP Compress
|
---|
55 |
|
---|
56 | 'text/html' => 'html', # HTML
|
---|
57 | 'text/plain' => 'txt', # TEXT
|
---|
58 | '(?:application|text)/(?:rtf|richtext)' => 'rtf', # RichText
|
---|
59 |
|
---|
60 | 'application/msword' => 'doc', # Microsoft Word
|
---|
61 | 'application/vnd.ms-excel' => 'xls', # Microsoft Excel
|
---|
62 |
|
---|
63 | ''
|
---|
64 | );
|
---|
65 |
|
---|
66 | # Upload is permitted.
|
---|
67 | # A regular expression is possible.
|
---|
68 | my %UPLOAD_EXT_LIST = (
|
---|
69 | 'png' => 'PNG image',
|
---|
70 | 'p?jpe?g|jpe|jfif|pjp' => 'JPEG image',
|
---|
71 | 'gif' => 'GIF image',
|
---|
72 | 'xbm' => 'XBM image',
|
---|
73 |
|
---|
74 | 'bmp|dib|rle' => 'Windows BMP image',
|
---|
75 | 'pi?ct' => 'Macintosh PICT image',
|
---|
76 | 'tiff?' => 'TIFF image',
|
---|
77 | 'pdf' => 'PDF image',
|
---|
78 | 'swf' => 'Shockwave Flash',
|
---|
79 |
|
---|
80 | 'avi' => 'Microsoft Video',
|
---|
81 | 'moo?v|qt' => 'QuickTime Video',
|
---|
82 | 'm(p(e?gv?|e|v)|1v)' => 'MPEG Video',
|
---|
83 | 'mp(v2|2v)' => 'MPEG2 Video',
|
---|
84 |
|
---|
85 | 'midi?|kar|smf|rmi|mff' => 'MIDI Audio',
|
---|
86 | 'wav' => 'WAVE Audio',
|
---|
87 | 'au|snd' => 'ULAW Audio',
|
---|
88 | 'mp(e?ga|2|a|3)|abs' => 'MPEG Audio',
|
---|
89 |
|
---|
90 | 'zip' => 'ZIP Compress',
|
---|
91 | 'lzh' => 'LZH Compress',
|
---|
92 | 'cab' => 'CAB Compress',
|
---|
93 |
|
---|
94 | 'd?html?' => 'HTML',
|
---|
95 | 'rtf|rtx' => 'RichText',
|
---|
96 | 'txt|text' => 'Text',
|
---|
97 |
|
---|
98 | ''
|
---|
99 | );
|
---|
100 |
|
---|
101 |
|
---|
102 | # sjis or euc
|
---|
103 | my $CHARCODE = 'sjis';
|
---|
104 |
|
---|
105 | $TRANS_2BYTE_CODE = 0;
|
---|
106 |
|
---|
107 | ##############################################################################
|
---|
108 | # Summary
|
---|
109 | #
|
---|
110 | # Form Read input
|
---|
111 | #
|
---|
112 | # Parameters
|
---|
113 | # Returns
|
---|
114 | # Memo
|
---|
115 | ##############################################################################
|
---|
116 | sub read_input
|
---|
117 | {
|
---|
118 | eval("use File::Copy;");
|
---|
119 | eval("use File::Path;");
|
---|
120 |
|
---|
121 | my ($FORM) = @_;
|
---|
122 |
|
---|
123 |
|
---|
124 | mkdir($img_dir,0777);
|
---|
125 | chmod(0777,$img_dir);
|
---|
126 |
|
---|
127 | undef $img_data_exists;
|
---|
128 | undef @NEWFNAMES;
|
---|
129 | undef @NEWFNAME_DATA;
|
---|
130 |
|
---|
131 | if($ENV{'CONTENT_LENGTH'} > 10000000 || $ENV{'CONTENT_LENGTH'} > $MAX_CONTENT_SIZE * 1024) {
|
---|
132 | &upload_error(
|
---|
133 | 'Size Error',
|
---|
134 | sprintf(
|
---|
135 | "Transmitting size is too large.MAX <strong>%d KB</strong> Now Size <strong>%d KB</strong>(<strong>%d bytes</strong> Over)",
|
---|
136 | $MAX_CONTENT_SIZE,
|
---|
137 | int($ENV{'CONTENT_LENGTH'} / 1024),
|
---|
138 | $ENV{'CONTENT_LENGTH'} - $MAX_CONTENT_SIZE * 1024
|
---|
139 | )
|
---|
140 | );
|
---|
141 | }
|
---|
142 |
|
---|
143 | my $Buffer;
|
---|
144 | if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
|
---|
145 | # METHOD POST only
|
---|
146 | return unless($ENV{'CONTENT_LENGTH'});
|
---|
147 |
|
---|
148 | binmode(STDIN);
|
---|
149 | # STDIN A pause character is detected.'(MacIE3.0 boundary of $ENV{'CONTENT_TYPE'} cannot be trusted.)
|
---|
150 | my $Boundary = <STDIN>;
|
---|
151 | $Boundary =~ s/\x0D\x0A//;
|
---|
152 | $Boundary = quotemeta($Boundary);
|
---|
153 | while(<STDIN>) {
|
---|
154 | if(/^\s*Content-Disposition:/i) {
|
---|
155 | my($name,$ContentType,$FileName);
|
---|
156 | # form data get
|
---|
157 | if(/\bname="([^"]+)"/i || /\bname=([^\s:;]+)/i) {
|
---|
158 | $name = $1;
|
---|
159 | $name =~ tr/+/ /;
|
---|
160 | $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
161 | &Encode(\$name);
|
---|
162 | }
|
---|
163 | if(/\bfilename="([^"]*)"/i || /\bfilename=([^\s:;]*)/i) {
|
---|
164 | $FileName = $1 || 'unknown';
|
---|
165 | }
|
---|
166 | # head read
|
---|
167 | while(<STDIN>) {
|
---|
168 | last if(! /\w/);
|
---|
169 | if(/^\s*Content-Type:\s*"([^"]+)"/i || /^\s*Content-Type:\s*([^\s:;]+)/i) {
|
---|
170 | $ContentType = $1;
|
---|
171 | }
|
---|
172 | }
|
---|
173 | # body read
|
---|
174 | $value = "";
|
---|
175 | while(<STDIN>) {
|
---|
176 | last if(/^$Boundary/o);
|
---|
177 | $value .= $_;
|
---|
178 | };
|
---|
179 | $lastline = $_;
|
---|
180 | $value =~s /\x0D\x0A$//;
|
---|
181 | if($value ne '') {
|
---|
182 | if($FileName || $ContentType) {
|
---|
183 | $img_data_exists = 1;
|
---|
184 | (
|
---|
185 | $FileName, #
|
---|
186 | $Ext, #
|
---|
187 | $Length, #
|
---|
188 | $ImageWidth, #
|
---|
189 | $ImageHeight, #
|
---|
190 | $ContentName #
|
---|
191 | ) = &CheckContentType(\$value,$FileName,$ContentType);
|
---|
192 |
|
---|
193 | $FORM{$name} = $FileName;
|
---|
194 | $new_fname = $FileName;
|
---|
195 | push(@NEWFNAME_DATA,"$FileName\t$Ext\t$Length\t$ImageWidth\t$ImageHeight\t$ContentName");
|
---|
196 |
|
---|
197 | # Multi-upload correspondence
|
---|
198 | push(@NEWFNAMES,$new_fname);
|
---|
199 | open(OUT,">$img_dir/$new_fname");
|
---|
200 | binmode(OUT);
|
---|
201 | eval "flock(OUT,2);" if($PM{'flock'} == 1);
|
---|
202 | print OUT $value;
|
---|
203 | eval "flock(OUT,8);" if($PM{'flock'} == 1);
|
---|
204 | close(OUT);
|
---|
205 |
|
---|
206 | } elsif($name) {
|
---|
207 | $value =~ tr/+/ /;
|
---|
208 | $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
209 | &Encode(\$value,'trans');
|
---|
210 | $FORM{$name} .= "\0" if(defined($FORM{$name}));
|
---|
211 | $FORM{$name} .= $value;
|
---|
212 | }
|
---|
213 | }
|
---|
214 | };
|
---|
215 | last if($lastline =~ /^$Boundary\-\-/o);
|
---|
216 | }
|
---|
217 | } elsif($ENV{'CONTENT_LENGTH'}) {
|
---|
218 | read(STDIN,$Buffer,$ENV{'CONTENT_LENGTH'});
|
---|
219 | }
|
---|
220 | foreach(split(/&/,$Buffer),split(/&/,$ENV{'QUERY_STRING'})) {
|
---|
221 | my($name, $value) = split(/=/);
|
---|
222 | $name =~ tr/+/ /;
|
---|
223 | $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
224 | $value =~ tr/+/ /;
|
---|
225 | $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
---|
226 |
|
---|
227 | &Encode(\$name);
|
---|
228 | &Encode(\$value,'trans');
|
---|
229 | $FORM{$name} .= "\0" if(defined($FORM{$name}));
|
---|
230 | $FORM{$name} .= $value;
|
---|
231 |
|
---|
232 | }
|
---|
233 |
|
---|
234 | }
|
---|
235 |
|
---|
236 | ##############################################################################
|
---|
237 | # Summary
|
---|
238 | #
|
---|
239 | # CheckContentType
|
---|
240 | #
|
---|
241 | # Parameters
|
---|
242 | # Returns
|
---|
243 | # Memo
|
---|
244 | ##############################################################################
|
---|
245 | sub CheckContentType
|
---|
246 | {
|
---|
247 |
|
---|
248 | my($DATA,$FileName,$ContentType) = @_;
|
---|
249 | my($Ext,$ImageWidth,$ImageHeight,$ContentName,$Infomation);
|
---|
250 | my $DataLength = length($$DATA);
|
---|
251 |
|
---|
252 | # An unknown file type
|
---|
253 |
|
---|
254 | $_ = $ContentType;
|
---|
255 | my $UnknownType = (
|
---|
256 | !$_
|
---|
257 | || /^application\/(x-)?macbinary$/i
|
---|
258 | || /^application\/applefile$/i
|
---|
259 | || /^application\/octet-stream$/i
|
---|
260 | || /^text\/plane$/i
|
---|
261 | || /^x-unknown-content-type/i
|
---|
262 | );
|
---|
263 |
|
---|
264 | # MacBinary(Mac Unnecessary data are deleted.)
|
---|
265 | if($UnknownType || $ENV{'HTTP_USER_AGENT'} =~ /Macintosh|Mac_/) {
|
---|
266 | if($DataLength > 128 && !unpack("C",substr($$DATA,0,1)) && !unpack("C",substr($$DATA,74,1)) && !unpack("C",substr($$DATA,82,1)) ) {
|
---|
267 | my $MacBinary_ForkLength = unpack("N", substr($$DATA, 83, 4)); # ForkLength Get
|
---|
268 | my $MacBinary_FileName = quotemeta(substr($$DATA, 2, unpack("C",substr($$DATA, 1, 1))));
|
---|
269 | if($MacBinary_FileName && $MacBinary_ForkLength && $DataLength >= $MacBinary_ForkLength + 128
|
---|
270 | && ($FileName =~ /$MacBinary_FileName/i || substr($$DATA,102,4) eq 'mBIN')) { # DATA TOP 128byte MacBinary!!
|
---|
271 | $$DATA = substr($$DATA,128,$MacBinary_ForkLength);
|
---|
272 | my $ResourceLength = $DataLength - $MacBinary_ForkLength - 128;
|
---|
273 | $DataLength = $MacBinary_ForkLength;
|
---|
274 | }
|
---|
275 | }
|
---|
276 | }
|
---|
277 |
|
---|
278 | # A file name is changed into EUC.
|
---|
279 | # &jcode::convert(\$FileName,'euc',$FormCodeDefault);
|
---|
280 | # &jcode::h2z_euc(\$FileName);
|
---|
281 | $FileName =~ s/^.*\\//; # Windows, Mac
|
---|
282 | $FileName =~ s/^.*\///; # UNIX
|
---|
283 | $FileName =~ s/&/&/g;
|
---|
284 | $FileName =~ s/"/"/g;
|
---|
285 | $FileName =~ s/</</g;
|
---|
286 | $FileName =~ s/>/>/g;
|
---|
287 | #
|
---|
288 | # if($CHARCODE ne 'euc') {
|
---|
289 | # &jcode::convert(\$FileName,$CHARCODE,'euc');
|
---|
290 | # }
|
---|
291 |
|
---|
292 | # An extension is extracted and it changes into a small letter.
|
---|
293 | my $FileExt;
|
---|
294 | if($FileName =~ /\.(\w+)$/) {
|
---|
295 | $FileExt = $1;
|
---|
296 | $FileExt =~ tr/A-Z/a-z/;
|
---|
297 | }
|
---|
298 |
|
---|
299 | # Executable file detection (ban on upload)
|
---|
300 | if($$DATA =~ /^MZ/) {
|
---|
301 | $Ext = 'exe';
|
---|
302 | }
|
---|
303 | # text
|
---|
304 | if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)
|
---|
305 | && ! $$DATA =~ /[\000-\006\177\377]/) {
|
---|
306 | # $$DATA =~ s/\x0D\x0A/\n/g;
|
---|
307 | # $$DATA =~ tr/\x0D\x0A/\n\n/;
|
---|
308 | #
|
---|
309 | # if(
|
---|
310 | # $$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i
|
---|
311 | # || $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i
|
---|
312 | # || $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i
|
---|
313 | # ) {
|
---|
314 | # $Infomation = '(JavaScript contains)';
|
---|
315 | # }
|
---|
316 | # if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i
|
---|
317 | # || $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i
|
---|
318 | # || $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i
|
---|
319 | # || $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i
|
---|
320 | # || $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i
|
---|
321 | # || $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i
|
---|
322 | # || $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i
|
---|
323 | # || $$DATA =~ /<\s*FORM(?:.|\n)*?>/i
|
---|
324 | # || $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i
|
---|
325 | # || $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i
|
---|
326 | # ) {
|
---|
327 | # $Infomation = '(the HTML tag which is not safe is included)';
|
---|
328 | # }
|
---|
329 |
|
---|
330 | if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) { # Text File
|
---|
331 | $Ext = 'txt';
|
---|
332 | } elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) { # HTML File
|
---|
333 | $Ext = 'html';
|
---|
334 | } elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) { # XBM(x-BitMap) Image
|
---|
335 | my $XbmName = $1;
|
---|
336 | my ($XbmWidth, $XbmHeight);
|
---|
337 | if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {
|
---|
338 | $XbmWidth = $1;
|
---|
339 | }
|
---|
340 | if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {
|
---|
341 | $XbmHeight = $1;
|
---|
342 | }
|
---|
343 | if($XbmWidth && $XbmHeight) {
|
---|
344 | $Ext = 'xbm';
|
---|
345 | $ImageWidth = $XbmWidth;
|
---|
346 | $ImageHeight = $XbmHeight;
|
---|
347 | }
|
---|
348 | } else { #
|
---|
349 | $Ext = 'txt';
|
---|
350 | }
|
---|
351 | }
|
---|
352 |
|
---|
353 | # image
|
---|
354 | if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {
|
---|
355 | # PNG
|
---|
356 | if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {
|
---|
357 | if(substr($$DATA, 12, 4) eq 'IHDR') {
|
---|
358 | $Ext = 'png';
|
---|
359 | ($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));
|
---|
360 | }
|
---|
361 | } elsif($$DATA =~ /^GIF8(?:9|7)a/) { # GIF89a(modified), GIF89a, GIF87a
|
---|
362 | $Ext = 'gif';
|
---|
363 | ($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));
|
---|
364 | } elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) { # TIFF
|
---|
365 | $Ext = 'tif';
|
---|
366 | } elsif($$DATA =~ /^BM/) { # BMP
|
---|
367 | $Ext = 'bmp';
|
---|
368 | } elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) { # JPEG
|
---|
369 | my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);
|
---|
370 | my $Point = $HeaderPoint + 2;
|
---|
371 | while($Point < $DataLength) {
|
---|
372 | my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));
|
---|
373 | if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {
|
---|
374 | last;
|
---|
375 | } elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {
|
---|
376 | $Ext = 'jpg';
|
---|
377 | ($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));
|
---|
378 | if($HeaderPoint > 0) {
|
---|
379 | $$DATA = substr($$DATA, $HeaderPoint);
|
---|
380 | $DataLength = length($$DATA);
|
---|
381 | }
|
---|
382 | last;
|
---|
383 | } else {
|
---|
384 | $Point += $MakerLength + 2;
|
---|
385 | }
|
---|
386 | }
|
---|
387 | }
|
---|
388 | }
|
---|
389 |
|
---|
390 | # audio
|
---|
391 | if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {
|
---|
392 | # MIDI Audio
|
---|
393 | if($$DATA =~ /^MThd/) {
|
---|
394 | $Ext = 'mid';
|
---|
395 | } elsif($$DATA =~ /^\x2esnd/) { # ULAW Audio
|
---|
396 | $Ext = 'au';
|
---|
397 | } elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
---|
398 | my $HeaderPoint = index($$DATA, "RIFF", 0);
|
---|
399 | $_ = substr($$DATA, $HeaderPoint + 8, 8);
|
---|
400 | if(/^WAVEfmt $/) {
|
---|
401 | # WAVE
|
---|
402 | if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {
|
---|
403 | $Ext = 'wav';
|
---|
404 | } else { # RIFF WAVE MP3
|
---|
405 | $Ext = 'mp3';
|
---|
406 | }
|
---|
407 | } elsif(/^RMIDdata$/) { # RIFF MIDI
|
---|
408 | $Ext = 'rmi';
|
---|
409 | } elsif(/^RMP3data$/) { # RIFF MP3
|
---|
410 | $Ext = 'rmp';
|
---|
411 | }
|
---|
412 | if($ContentType =~ /^audio\//i) {
|
---|
413 | $Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
---|
414 | }
|
---|
415 | }
|
---|
416 | }
|
---|
417 |
|
---|
418 | # a binary file
|
---|
419 | unless ($Ext) {
|
---|
420 | # PDF image
|
---|
421 | if($$DATA =~ /^\%PDF/) {
|
---|
422 | # Picture size is not measured.
|
---|
423 | $Ext = 'pdf';
|
---|
424 | } elsif($$DATA =~ /^FWS/) { # Shockwave Flash
|
---|
425 | $Ext = 'swf';
|
---|
426 | } elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
---|
427 | my $HeaderPoint = index($$DATA, "RIFF", 0);
|
---|
428 | $_ = substr($$DATA,$HeaderPoint + 8, 8);
|
---|
429 | # AVI
|
---|
430 | if(/^AVI LIST$/) {
|
---|
431 | $Ext = 'avi';
|
---|
432 | }
|
---|
433 | if($ContentType =~ /^video\//i) {
|
---|
434 | $Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
---|
435 | }
|
---|
436 | } elsif($$DATA =~ /^PK/) { # ZIP Compress File
|
---|
437 | $Ext = 'zip';
|
---|
438 | } elsif($$DATA =~ /^MSCF/) { # CAB Compress File
|
---|
439 | $Ext = 'cab';
|
---|
440 | } elsif($$DATA =~ /^Rar\!/) { # RAR Compress File
|
---|
441 | $Ext = 'rar';
|
---|
442 | } elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) { # LHA Compress File
|
---|
443 | $Infomation .= "(lh$1)";
|
---|
444 | $Ext = 'lzh';
|
---|
445 | } elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {
|
---|
446 | # QuickTime
|
---|
447 | $Ext = 'mov';
|
---|
448 | }
|
---|
449 | }
|
---|
450 |
|
---|
451 | # Header analysis failure
|
---|
452 | unless ($Ext) {
|
---|
453 | # It will be followed if it applies for the MIME type from the browser.
|
---|
454 | foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {
|
---|
455 | next unless ($_);
|
---|
456 | if($ContentType =~ /^$_$/i) {
|
---|
457 | $Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};
|
---|
458 | $ContentName = &CheckContentExt($Ext);
|
---|
459 | if(
|
---|
460 | grep {$_ eq $Ext;} (
|
---|
461 | 'png',
|
---|
462 | 'gif',
|
---|
463 | 'jpg',
|
---|
464 | 'xbm',
|
---|
465 | 'tif',
|
---|
466 | 'bmp',
|
---|
467 | 'pdf',
|
---|
468 | 'swf',
|
---|
469 | 'mov',
|
---|
470 | 'zip',
|
---|
471 | 'cab',
|
---|
472 | 'lzh',
|
---|
473 | 'rar',
|
---|
474 | 'mid',
|
---|
475 | 'rmi',
|
---|
476 | 'au',
|
---|
477 | 'wav',
|
---|
478 | 'avi',
|
---|
479 | 'exe'
|
---|
480 | )
|
---|
481 | ) {
|
---|
482 | $Infomation .= ' / Header analysis failure';
|
---|
483 | }
|
---|
484 | if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {
|
---|
485 | $Ext = $FileExt;
|
---|
486 | }
|
---|
487 | last;
|
---|
488 | }
|
---|
489 | }
|
---|
490 | # a MIME type is unknown--It judges from an extension.
|
---|
491 | unless ($Ext) {
|
---|
492 | $ContentName = &CheckContentExt($FileExt);
|
---|
493 | if($ContentName) {
|
---|
494 | $Ext = $FileExt;
|
---|
495 | $Infomation .= ' / MIME type is unknown('. $ContentType. ')';
|
---|
496 | last;
|
---|
497 | }
|
---|
498 | }
|
---|
499 | }
|
---|
500 |
|
---|
501 | # $ContentName = &CheckContentExt($Ext) unless($ContentName);
|
---|
502 | # if($Ext && $ContentName) {
|
---|
503 | # $ContentName .= $Infomation;
|
---|
504 | # } else {
|
---|
505 | # &upload_error(
|
---|
506 | # 'Extension Error',
|
---|
507 | # "$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))
|
---|
508 | # );
|
---|
509 | # }
|
---|
510 |
|
---|
511 | # # SSI Tag Deletion
|
---|
512 | # if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {
|
---|
513 | # foreach (
|
---|
514 | # 'config',
|
---|
515 | # 'echo',
|
---|
516 | # 'exec',
|
---|
517 | # 'flastmod',
|
---|
518 | # 'fsize',
|
---|
519 | # 'include'
|
---|
520 | # ) {
|
---|
521 | # $$DATA =~ s/\#\s*$_/\&\#35\;$_/ig
|
---|
522 | # }
|
---|
523 | # }
|
---|
524 |
|
---|
525 | return (
|
---|
526 | $FileName,
|
---|
527 | $Ext,
|
---|
528 | int($DataLength / 1024 + 1),
|
---|
529 | $ImageWidth,
|
---|
530 | $ImageHeight,
|
---|
531 | $ContentName
|
---|
532 | );
|
---|
533 | }
|
---|
534 |
|
---|
535 | ##############################################################################
|
---|
536 | # Summary
|
---|
537 | #
|
---|
538 | # Extension discernment
|
---|
539 | #
|
---|
540 | # Parameters
|
---|
541 | # Returns
|
---|
542 | # Memo
|
---|
543 | ##############################################################################
|
---|
544 |
|
---|
545 | sub CheckContentExt
|
---|
546 | {
|
---|
547 |
|
---|
548 | my($Ext) = @_;
|
---|
549 | my $ContentName;
|
---|
550 | foreach (keys %UPLOAD_EXT_LIST) {
|
---|
551 | next unless ($_);
|
---|
552 | if($_ && $Ext =~ /^$_$/) {
|
---|
553 | $ContentName = $UPLOAD_EXT_LIST{$_};
|
---|
554 | last;
|
---|
555 | }
|
---|
556 | }
|
---|
557 | return $ContentName;
|
---|
558 |
|
---|
559 | }
|
---|
560 |
|
---|
561 | ##############################################################################
|
---|
562 | # Summary
|
---|
563 | #
|
---|
564 | # Form decode
|
---|
565 | #
|
---|
566 | # Parameters
|
---|
567 | # Returns
|
---|
568 | # Memo
|
---|
569 | ##############################################################################
|
---|
570 | sub Encode
|
---|
571 | {
|
---|
572 |
|
---|
573 | my($value,$Trans) = @_;
|
---|
574 |
|
---|
575 | # my $FormCode = &jcode::getcode($value) || $FormCodeDefault;
|
---|
576 | # $FormCodeDefault ||= $FormCode;
|
---|
577 | #
|
---|
578 | # if($Trans && $TRANS_2BYTE_CODE) {
|
---|
579 | # if($FormCode ne 'euc') {
|
---|
580 | # &jcode::convert($value, 'euc', $FormCode);
|
---|
581 | # }
|
---|
582 | # &jcode::tr(
|
---|
583 | # $value,
|
---|
584 | # "\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",
|
---|
585 | # '0-9A-Za-z'
|
---|
586 | # );
|
---|
587 | # if($CHARCODE ne 'euc') {
|
---|
588 | # &jcode::convert($value,$CHARCODE,'euc');
|
---|
589 | # }
|
---|
590 | # } else {
|
---|
591 | # if($CHARCODE ne $FormCode) {
|
---|
592 | # &jcode::convert($value,$CHARCODE,$FormCode);
|
---|
593 | # }
|
---|
594 | # }
|
---|
595 | # if($CHARCODE eq 'euc') {
|
---|
596 | # &jcode::h2z_euc($value);
|
---|
597 | # } elsif($CHARCODE eq 'sjis') {
|
---|
598 | # &jcode::h2z_sjis($value);
|
---|
599 | # }
|
---|
600 |
|
---|
601 | }
|
---|
602 |
|
---|
603 | ##############################################################################
|
---|
604 | # Summary
|
---|
605 | #
|
---|
606 | # Error Msg
|
---|
607 | #
|
---|
608 | # Parameters
|
---|
609 | # Returns
|
---|
610 | # Memo
|
---|
611 | ##############################################################################
|
---|
612 |
|
---|
613 | sub upload_error
|
---|
614 | {
|
---|
615 |
|
---|
616 | local($error_message) = $_[0];
|
---|
617 | local($error_message2) = $_[1];
|
---|
618 |
|
---|
619 | print "Content-type: text/html\n\n";
|
---|
620 | print<<EOF;
|
---|
621 | <HTML>
|
---|
622 | <HEAD>
|
---|
623 | <TITLE>Error Message</TITLE></HEAD>
|
---|
624 | <BODY>
|
---|
625 | <table border="1" cellspacing="10" cellpadding="10">
|
---|
626 | <TR bgcolor="#0000B0">
|
---|
627 | <TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>
|
---|
628 | </TR>
|
---|
629 | </table>
|
---|
630 | <UL>
|
---|
631 | <H4> $error_message </H4>
|
---|
632 | $error_message2 <BR>
|
---|
633 | </UL>
|
---|
634 | </BODY>
|
---|
635 | </HTML>
|
---|
636 | EOF
|
---|
637 | &rm_tmp_uploaded_files; # Image Temporary deletion
|
---|
638 | exit;
|
---|
639 | }
|
---|
640 |
|
---|
641 | ##############################################################################
|
---|
642 | # Summary
|
---|
643 | #
|
---|
644 | # Image Temporary deletion
|
---|
645 | #
|
---|
646 | # Parameters
|
---|
647 | # Returns
|
---|
648 | # Memo
|
---|
649 | ##############################################################################
|
---|
650 |
|
---|
651 | sub rm_tmp_uploaded_files
|
---|
652 | {
|
---|
653 | if($img_data_exists == 1){
|
---|
654 | sleep 1;
|
---|
655 | foreach $fname_list(@NEWFNAMES) {
|
---|
656 | if(-e "$img_dir/$fname_list") {
|
---|
657 | unlink("$img_dir/$fname_list");
|
---|
658 | }
|
---|
659 | }
|
---|
660 | }
|
---|
661 |
|
---|
662 | }
|
---|
663 | 1;
|
---|