1
|
#####
|
2
|
# FCKeditor - The text editor for Internet - http://www.fckeditor.net
|
3
|
# Copyright (C) 2003-2009 Frederico Caldeira Knabben
|
4
|
#
|
5
|
# == BEGIN LICENSE ==
|
6
|
#
|
7
|
# Licensed under the terms of any of the following licenses at your
|
8
|
# choice:
|
9
|
#
|
10
|
# - GNU General Public License Version 2 or later (the "GPL")
|
11
|
# http://www.gnu.org/licenses/gpl.html
|
12
|
#
|
13
|
# - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
|
14
|
# http://www.gnu.org/licenses/lgpl.html
|
15
|
#
|
16
|
# - Mozilla Public License Version 1.1 or later (the "MPL")
|
17
|
# http://www.mozilla.org/MPL/MPL-1.1.html
|
18
|
#
|
19
|
# == END LICENSE ==
|
20
|
#
|
21
|
# This is the File Manager Connector for Perl.
|
22
|
#####
|
23
|
|
24
|
# image data save dir
|
25
|
$img_dir = './temp/';
|
26
|
|
27
|
|
28
|
# File size max(unit KB)
|
29
|
$MAX_CONTENT_SIZE = 30000;
|
30
|
|
31
|
# After file is uploaded, sometimes it is required to change its permissions
|
32
|
# so that it was possible to access it at the later time.
|
33
|
# If possible, it is recommended to set more restrictive permissions, like 0755.
|
34
|
# Set to 0 to disable this feature.
|
35
|
$CHMOD_ON_UPLOAD = 0777;
|
36
|
|
37
|
# See comments above.
|
38
|
# Used when creating folders that does not exist.
|
39
|
$CHMOD_ON_FOLDER_CREATE = 0755;
|
40
|
|
41
|
# Filelock (1=use,0=not use)
|
42
|
$PM{'flock'} = '1';
|
43
|
|
44
|
|
45
|
# upload Content-Type list
|
46
|
my %UPLOAD_CONTENT_TYPE_LIST = (
|
47
|
'image/(x-)?png' => 'png', # PNG image
|
48
|
'image/p?jpe?g' => 'jpg', # JPEG image
|
49
|
'image/gif' => 'gif', # GIF image
|
50
|
'image/x-xbitmap' => 'xbm', # XBM image
|
51
|
|
52
|
'image/(x-(MS-)?)?bmp' => 'bmp', # Windows BMP image
|
53
|
'image/pict' => 'pict', # Macintosh PICT image
|
54
|
'image/tiff' => 'tif', # TIFF image
|
55
|
'application/pdf' => 'pdf', # PDF image
|
56
|
'application/x-shockwave-flash' => 'swf', # Shockwave Flash
|
57
|
|
58
|
'video/(x-)?msvideo' => 'avi', # Microsoft Video
|
59
|
'video/quicktime' => 'mov', # QuickTime Video
|
60
|
'video/mpeg' => 'mpeg', # MPEG Video
|
61
|
'video/x-mpeg2' => 'mpv2', # MPEG2 Video
|
62
|
|
63
|
'audio/(x-)?midi?' => 'mid', # MIDI Audio
|
64
|
'audio/(x-)?wav' => 'wav', # WAV Audio
|
65
|
'audio/basic' => 'au', # ULAW Audio
|
66
|
'audio/mpeg' => 'mpga', # MPEG Audio
|
67
|
|
68
|
'application/(x-)?zip(-compressed)?' => 'zip', # ZIP Compress
|
69
|
|
70
|
'text/html' => 'html', # HTML
|
71
|
'text/plain' => 'txt', # TEXT
|
72
|
'(?:application|text)/(?:rtf|richtext)' => 'rtf', # RichText
|
73
|
|
74
|
'application/msword' => 'doc', # Microsoft Word
|
75
|
'application/vnd.ms-excel' => 'xls', # Microsoft Excel
|
76
|
|
77
|
''
|
78
|
);
|
79
|
|
80
|
# Upload is permitted.
|
81
|
# A regular expression is possible.
|
82
|
my %UPLOAD_EXT_LIST = (
|
83
|
'png' => 'PNG image',
|
84
|
'p?jpe?g|jpe|jfif|pjp' => 'JPEG image',
|
85
|
'gif' => 'GIF image',
|
86
|
'xbm' => 'XBM image',
|
87
|
|
88
|
'bmp|dib|rle' => 'Windows BMP image',
|
89
|
'pi?ct' => 'Macintosh PICT image',
|
90
|
'tiff?' => 'TIFF image',
|
91
|
'pdf' => 'PDF image',
|
92
|
'swf' => 'Shockwave Flash',
|
93
|
|
94
|
'avi' => 'Microsoft Video',
|
95
|
'moo?v|qt' => 'QuickTime Video',
|
96
|
'm(p(e?gv?|e|v)|1v)' => 'MPEG Video',
|
97
|
'mp(v2|2v)' => 'MPEG2 Video',
|
98
|
|
99
|
'midi?|kar|smf|rmi|mff' => 'MIDI Audio',
|
100
|
'wav' => 'WAVE Audio',
|
101
|
'au|snd' => 'ULAW Audio',
|
102
|
'mp(e?ga|2|a|3)|abs' => 'MPEG Audio',
|
103
|
|
104
|
'zip' => 'ZIP Compress',
|
105
|
'lzh' => 'LZH Compress',
|
106
|
'cab' => 'CAB Compress',
|
107
|
|
108
|
'd?html?' => 'HTML',
|
109
|
'rtf|rtx' => 'RichText',
|
110
|
'txt|text' => 'Text',
|
111
|
|
112
|
''
|
113
|
);
|
114
|
|
115
|
|
116
|
# sjis or euc
|
117
|
my $CHARCODE = 'sjis';
|
118
|
|
119
|
$TRANS_2BYTE_CODE = 0;
|
120
|
|
121
|
##############################################################################
|
122
|
# Summary
|
123
|
#
|
124
|
# Form Read input
|
125
|
#
|
126
|
# Parameters
|
127
|
# Returns
|
128
|
# Memo
|
129
|
##############################################################################
|
130
|
sub read_input
|
131
|
{
|
132
|
eval("use File::Copy;");
|
133
|
eval("use File::Path;");
|
134
|
|
135
|
my ($FORM) = @_;
|
136
|
|
137
|
if (defined $CHMOD_ON_FOLDER_CREATE && !$CHMOD_ON_FOLDER_CREATE) {
|
138
|
mkdir("$img_dir");
|
139
|
}
|
140
|
else {
|
141
|
umask(000);
|
142
|
if (defined $CHMOD_ON_FOLDER_CREATE) {
|
143
|
mkdir("$img_dir",$CHMOD_ON_FOLDER_CREATE);
|
144
|
}
|
145
|
else {
|
146
|
mkdir("$img_dir",0777);
|
147
|
}
|
148
|
}
|
149
|
|
150
|
undef $img_data_exists;
|
151
|
undef @NEWFNAMES;
|
152
|
undef @NEWFNAME_DATA;
|
153
|
|
154
|
if($ENV{'CONTENT_LENGTH'} > 10000000 || $ENV{'CONTENT_LENGTH'} > $MAX_CONTENT_SIZE * 1024) {
|
155
|
&upload_error(
|
156
|
'Size Error',
|
157
|
sprintf(
|
158
|
"Transmitting size is too large.MAX <strong>%d KB</strong> Now Size <strong>%d KB</strong>(<strong>%d bytes</strong> Over)",
|
159
|
$MAX_CONTENT_SIZE,
|
160
|
int($ENV{'CONTENT_LENGTH'} / 1024),
|
161
|
$ENV{'CONTENT_LENGTH'} - $MAX_CONTENT_SIZE * 1024
|
162
|
)
|
163
|
);
|
164
|
}
|
165
|
|
166
|
my $Buffer;
|
167
|
if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
|
168
|
# METHOD POST only
|
169
|
return unless($ENV{'CONTENT_LENGTH'});
|
170
|
|
171
|
binmode(STDIN);
|
172
|
# STDIN A pause character is detected.'(MacIE3.0 boundary of $ENV{'CONTENT_TYPE'} cannot be trusted.)
|
173
|
my $Boundary = <STDIN>;
|
174
|
$Boundary =~ s/\x0D\x0A//;
|
175
|
$Boundary = quotemeta($Boundary);
|
176
|
while(<STDIN>) {
|
177
|
if(/^\s*Content-Disposition:/i) {
|
178
|
my($name,$ContentType,$FileName);
|
179
|
# form data get
|
180
|
if(/\bname="([^"]+)"/i || /\bname=([^\s:;]+)/i) {
|
181
|
$name = $1;
|
182
|
$name =~ tr/+/ /;
|
183
|
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
184
|
&Encode(\$name);
|
185
|
}
|
186
|
if(/\bfilename="([^"]*)"/i || /\bfilename=([^\s:;]*)/i) {
|
187
|
$FileName = $1 || 'unknown';
|
188
|
}
|
189
|
# head read
|
190
|
while(<STDIN>) {
|
191
|
last if(! /\w/);
|
192
|
if(/^\s*Content-Type:\s*"([^"]+)"/i || /^\s*Content-Type:\s*([^\s:;]+)/i) {
|
193
|
$ContentType = $1;
|
194
|
}
|
195
|
}
|
196
|
# body read
|
197
|
$value = "";
|
198
|
while(<STDIN>) {
|
199
|
last if(/^$Boundary/o);
|
200
|
$value .= $_;
|
201
|
};
|
202
|
$lastline = $_;
|
203
|
$value =~s /\x0D\x0A$//;
|
204
|
if($value ne '') {
|
205
|
if($FileName || $ContentType) {
|
206
|
$img_data_exists = 1;
|
207
|
(
|
208
|
$FileName, #
|
209
|
$Ext, #
|
210
|
$Length, #
|
211
|
$ImageWidth, #
|
212
|
$ImageHeight, #
|
213
|
$ContentName #
|
214
|
) = &CheckContentType(\$value,$FileName,$ContentType);
|
215
|
|
216
|
$FORM{$name} = $FileName;
|
217
|
$new_fname = $FileName;
|
218
|
push(@NEWFNAME_DATA,"$FileName\t$Ext\t$Length\t$ImageWidth\t$ImageHeight\t$ContentName");
|
219
|
|
220
|
# Multi-upload correspondence
|
221
|
push(@NEWFNAMES,$new_fname);
|
222
|
open(OUT,">$img_dir/$new_fname");
|
223
|
binmode(OUT);
|
224
|
eval "flock(OUT,2);" if($PM{'flock'} == 1);
|
225
|
print OUT $value;
|
226
|
eval "flock(OUT,8);" if($PM{'flock'} == 1);
|
227
|
close(OUT);
|
228
|
|
229
|
} elsif($name) {
|
230
|
$value =~ tr/+/ /;
|
231
|
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
232
|
&Encode(\$value,'trans');
|
233
|
$FORM{$name} .= "\0" if(defined($FORM{$name}));
|
234
|
$FORM{$name} .= $value;
|
235
|
}
|
236
|
}
|
237
|
};
|
238
|
last if($lastline =~ /^$Boundary\-\-/o);
|
239
|
}
|
240
|
} elsif($ENV{'CONTENT_LENGTH'}) {
|
241
|
read(STDIN,$Buffer,$ENV{'CONTENT_LENGTH'});
|
242
|
}
|
243
|
foreach(split(/&/,$Buffer),split(/&/,$ENV{'QUERY_STRING'})) {
|
244
|
my($name, $value) = split(/=/);
|
245
|
$name =~ tr/+/ /;
|
246
|
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
247
|
$value =~ tr/+/ /;
|
248
|
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
249
|
|
250
|
&Encode(\$name);
|
251
|
&Encode(\$value,'trans');
|
252
|
$FORM{$name} .= "\0" if(defined($FORM{$name}));
|
253
|
$FORM{$name} .= $value;
|
254
|
|
255
|
}
|
256
|
|
257
|
}
|
258
|
|
259
|
##############################################################################
|
260
|
# Summary
|
261
|
#
|
262
|
# CheckContentType
|
263
|
#
|
264
|
# Parameters
|
265
|
# Returns
|
266
|
# Memo
|
267
|
##############################################################################
|
268
|
sub CheckContentType
|
269
|
{
|
270
|
|
271
|
my($DATA,$FileName,$ContentType) = @_;
|
272
|
my($Ext,$ImageWidth,$ImageHeight,$ContentName,$Infomation);
|
273
|
my $DataLength = length($$DATA);
|
274
|
|
275
|
# An unknown file type
|
276
|
|
277
|
$_ = $ContentType;
|
278
|
my $UnknownType = (
|
279
|
!$_
|
280
|
|| /^application\/(x-)?macbinary$/i
|
281
|
|| /^application\/applefile$/i
|
282
|
|| /^application\/octet-stream$/i
|
283
|
|| /^text\/plane$/i
|
284
|
|| /^x-unknown-content-type/i
|
285
|
);
|
286
|
|
287
|
# MacBinary(Mac Unnecessary data are deleted.)
|
288
|
if($UnknownType || $ENV{'HTTP_USER_AGENT'} =~ /Macintosh|Mac_/) {
|
289
|
if($DataLength > 128 && !unpack("C",substr($$DATA,0,1)) && !unpack("C",substr($$DATA,74,1)) && !unpack("C",substr($$DATA,82,1)) ) {
|
290
|
my $MacBinary_ForkLength = unpack("N", substr($$DATA, 83, 4)); # ForkLength Get
|
291
|
my $MacBinary_FileName = quotemeta(substr($$DATA, 2, unpack("C",substr($$DATA, 1, 1))));
|
292
|
if($MacBinary_FileName && $MacBinary_ForkLength && $DataLength >= $MacBinary_ForkLength + 128
|
293
|
&& ($FileName =~ /$MacBinary_FileName/i || substr($$DATA,102,4) eq 'mBIN')) { # DATA TOP 128byte MacBinary!!
|
294
|
$$DATA = substr($$DATA,128,$MacBinary_ForkLength);
|
295
|
my $ResourceLength = $DataLength - $MacBinary_ForkLength - 128;
|
296
|
$DataLength = $MacBinary_ForkLength;
|
297
|
}
|
298
|
}
|
299
|
}
|
300
|
|
301
|
# A file name is changed into EUC.
|
302
|
# &jcode::convert(\$FileName,'euc',$FormCodeDefault);
|
303
|
# &jcode::h2z_euc(\$FileName);
|
304
|
$FileName =~ s/^.*\\//; # Windows, Mac
|
305
|
$FileName =~ s/^.*\///; # UNIX
|
306
|
$FileName =~ s/&/&/g;
|
307
|
$FileName =~ s/"/"/g;
|
308
|
$FileName =~ s/</</g;
|
309
|
$FileName =~ s/>/>/g;
|
310
|
#
|
311
|
# if($CHARCODE ne 'euc') {
|
312
|
# &jcode::convert(\$FileName,$CHARCODE,'euc');
|
313
|
# }
|
314
|
|
315
|
# An extension is extracted and it changes into a small letter.
|
316
|
my $FileExt;
|
317
|
if($FileName =~ /\.(\w+)$/) {
|
318
|
$FileExt = $1;
|
319
|
$FileExt =~ tr/A-Z/a-z/;
|
320
|
}
|
321
|
|
322
|
# Executable file detection (ban on upload)
|
323
|
if($$DATA =~ /^MZ/) {
|
324
|
$Ext = 'exe';
|
325
|
}
|
326
|
# text
|
327
|
if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)
|
328
|
&& ! $$DATA =~ /[\000-\006\177\377]/) {
|
329
|
# $$DATA =~ s/\x0D\x0A/\n/g;
|
330
|
# $$DATA =~ tr/\x0D\x0A/\n\n/;
|
331
|
#
|
332
|
# if(
|
333
|
# $$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i
|
334
|
# || $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i
|
335
|
# || $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i
|
336
|
# ) {
|
337
|
# $Infomation = '(JavaScript contains)';
|
338
|
# }
|
339
|
# if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i
|
340
|
# || $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i
|
341
|
# || $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i
|
342
|
# || $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i
|
343
|
# || $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i
|
344
|
# || $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i
|
345
|
# || $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i
|
346
|
# || $$DATA =~ /<\s*FORM(?:.|\n)*?>/i
|
347
|
# || $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i
|
348
|
# || $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i
|
349
|
# ) {
|
350
|
# $Infomation = '(the HTML tag which is not safe is included)';
|
351
|
# }
|
352
|
|
353
|
if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) { # Text File
|
354
|
$Ext = 'txt';
|
355
|
} elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) { # HTML File
|
356
|
$Ext = 'html';
|
357
|
} elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) { # XBM(x-BitMap) Image
|
358
|
my $XbmName = $1;
|
359
|
my ($XbmWidth, $XbmHeight);
|
360
|
if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {
|
361
|
$XbmWidth = $1;
|
362
|
}
|
363
|
if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {
|
364
|
$XbmHeight = $1;
|
365
|
}
|
366
|
if($XbmWidth && $XbmHeight) {
|
367
|
$Ext = 'xbm';
|
368
|
$ImageWidth = $XbmWidth;
|
369
|
$ImageHeight = $XbmHeight;
|
370
|
}
|
371
|
} else { #
|
372
|
$Ext = 'txt';
|
373
|
}
|
374
|
}
|
375
|
|
376
|
# image
|
377
|
if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {
|
378
|
# PNG
|
379
|
if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {
|
380
|
if(substr($$DATA, 12, 4) eq 'IHDR') {
|
381
|
$Ext = 'png';
|
382
|
($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));
|
383
|
}
|
384
|
} elsif($$DATA =~ /^GIF8(?:9|7)a/) { # GIF89a(modified), GIF89a, GIF87a
|
385
|
$Ext = 'gif';
|
386
|
($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));
|
387
|
} elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) { # TIFF
|
388
|
$Ext = 'tif';
|
389
|
} elsif($$DATA =~ /^BM/) { # BMP
|
390
|
$Ext = 'bmp';
|
391
|
} elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) { # JPEG
|
392
|
my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);
|
393
|
my $Point = $HeaderPoint + 2;
|
394
|
while($Point < $DataLength) {
|
395
|
my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));
|
396
|
if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {
|
397
|
last;
|
398
|
} elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {
|
399
|
$Ext = 'jpg';
|
400
|
($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));
|
401
|
if($HeaderPoint > 0) {
|
402
|
$$DATA = substr($$DATA, $HeaderPoint);
|
403
|
$DataLength = length($$DATA);
|
404
|
}
|
405
|
last;
|
406
|
} else {
|
407
|
$Point += $MakerLength + 2;
|
408
|
}
|
409
|
}
|
410
|
}
|
411
|
}
|
412
|
|
413
|
# audio
|
414
|
if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {
|
415
|
# MIDI Audio
|
416
|
if($$DATA =~ /^MThd/) {
|
417
|
$Ext = 'mid';
|
418
|
} elsif($$DATA =~ /^\x2esnd/) { # ULAW Audio
|
419
|
$Ext = 'au';
|
420
|
} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
421
|
my $HeaderPoint = index($$DATA, "RIFF", 0);
|
422
|
$_ = substr($$DATA, $HeaderPoint + 8, 8);
|
423
|
if(/^WAVEfmt $/) {
|
424
|
# WAVE
|
425
|
if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {
|
426
|
$Ext = 'wav';
|
427
|
} else { # RIFF WAVE MP3
|
428
|
$Ext = 'mp3';
|
429
|
}
|
430
|
} elsif(/^RMIDdata$/) { # RIFF MIDI
|
431
|
$Ext = 'rmi';
|
432
|
} elsif(/^RMP3data$/) { # RIFF MP3
|
433
|
$Ext = 'rmp';
|
434
|
}
|
435
|
if($ContentType =~ /^audio\//i) {
|
436
|
$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
437
|
}
|
438
|
}
|
439
|
}
|
440
|
|
441
|
# a binary file
|
442
|
unless ($Ext) {
|
443
|
# PDF image
|
444
|
if($$DATA =~ /^\%PDF/) {
|
445
|
# Picture size is not measured.
|
446
|
$Ext = 'pdf';
|
447
|
} elsif($$DATA =~ /^FWS/) { # Shockwave Flash
|
448
|
$Ext = 'swf';
|
449
|
} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
|
450
|
my $HeaderPoint = index($$DATA, "RIFF", 0);
|
451
|
$_ = substr($$DATA,$HeaderPoint + 8, 8);
|
452
|
# AVI
|
453
|
if(/^AVI LIST$/) {
|
454
|
$Ext = 'avi';
|
455
|
}
|
456
|
if($ContentType =~ /^video\//i) {
|
457
|
$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
|
458
|
}
|
459
|
} elsif($$DATA =~ /^PK/) { # ZIP Compress File
|
460
|
$Ext = 'zip';
|
461
|
} elsif($$DATA =~ /^MSCF/) { # CAB Compress File
|
462
|
$Ext = 'cab';
|
463
|
} elsif($$DATA =~ /^Rar\!/) { # RAR Compress File
|
464
|
$Ext = 'rar';
|
465
|
} elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) { # LHA Compress File
|
466
|
$Infomation .= "(lh$1)";
|
467
|
$Ext = 'lzh';
|
468
|
} elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {
|
469
|
# QuickTime
|
470
|
$Ext = 'mov';
|
471
|
}
|
472
|
}
|
473
|
|
474
|
# Header analysis failure
|
475
|
unless ($Ext) {
|
476
|
# It will be followed if it applies for the MIME type from the browser.
|
477
|
foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {
|
478
|
next unless ($_);
|
479
|
if($ContentType =~ /^$_$/i) {
|
480
|
$Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};
|
481
|
$ContentName = &CheckContentExt($Ext);
|
482
|
if(
|
483
|
grep {$_ eq $Ext;} (
|
484
|
'png',
|
485
|
'gif',
|
486
|
'jpg',
|
487
|
'xbm',
|
488
|
'tif',
|
489
|
'bmp',
|
490
|
'pdf',
|
491
|
'swf',
|
492
|
'mov',
|
493
|
'zip',
|
494
|
'cab',
|
495
|
'lzh',
|
496
|
'rar',
|
497
|
'mid',
|
498
|
'rmi',
|
499
|
'au',
|
500
|
'wav',
|
501
|
'avi',
|
502
|
'exe'
|
503
|
)
|
504
|
) {
|
505
|
$Infomation .= ' / Header analysis failure';
|
506
|
}
|
507
|
if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {
|
508
|
$Ext = $FileExt;
|
509
|
}
|
510
|
last;
|
511
|
}
|
512
|
}
|
513
|
# a MIME type is unknown--It judges from an extension.
|
514
|
unless ($Ext) {
|
515
|
$ContentName = &CheckContentExt($FileExt);
|
516
|
if($ContentName) {
|
517
|
$Ext = $FileExt;
|
518
|
$Infomation .= ' / MIME type is unknown('. $ContentType. ')';
|
519
|
last;
|
520
|
}
|
521
|
}
|
522
|
}
|
523
|
|
524
|
# $ContentName = &CheckContentExt($Ext) unless($ContentName);
|
525
|
# if($Ext && $ContentName) {
|
526
|
# $ContentName .= $Infomation;
|
527
|
# } else {
|
528
|
# &upload_error(
|
529
|
# 'Extension Error',
|
530
|
# "$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))
|
531
|
# );
|
532
|
# }
|
533
|
|
534
|
# # SSI Tag Deletion
|
535
|
# if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {
|
536
|
# foreach (
|
537
|
# 'config',
|
538
|
# 'echo',
|
539
|
# 'exec',
|
540
|
# 'flastmod',
|
541
|
# 'fsize',
|
542
|
# 'include'
|
543
|
# ) {
|
544
|
# $$DATA =~ s/\#\s*$_/\&\#35\;$_/ig
|
545
|
# }
|
546
|
# }
|
547
|
|
548
|
return (
|
549
|
$FileName,
|
550
|
$Ext,
|
551
|
int($DataLength / 1024 + 1),
|
552
|
$ImageWidth,
|
553
|
$ImageHeight,
|
554
|
$ContentName
|
555
|
);
|
556
|
}
|
557
|
|
558
|
##############################################################################
|
559
|
# Summary
|
560
|
#
|
561
|
# Extension discernment
|
562
|
#
|
563
|
# Parameters
|
564
|
# Returns
|
565
|
# Memo
|
566
|
##############################################################################
|
567
|
|
568
|
sub CheckContentExt
|
569
|
{
|
570
|
|
571
|
my($Ext) = @_;
|
572
|
my $ContentName;
|
573
|
foreach (keys %UPLOAD_EXT_LIST) {
|
574
|
next unless ($_);
|
575
|
if($_ && $Ext =~ /^$_$/) {
|
576
|
$ContentName = $UPLOAD_EXT_LIST{$_};
|
577
|
last;
|
578
|
}
|
579
|
}
|
580
|
return $ContentName;
|
581
|
|
582
|
}
|
583
|
|
584
|
##############################################################################
|
585
|
# Summary
|
586
|
#
|
587
|
# Form decode
|
588
|
#
|
589
|
# Parameters
|
590
|
# Returns
|
591
|
# Memo
|
592
|
##############################################################################
|
593
|
sub Encode
|
594
|
{
|
595
|
|
596
|
my($value,$Trans) = @_;
|
597
|
|
598
|
# my $FormCode = &jcode::getcode($value) || $FormCodeDefault;
|
599
|
# $FormCodeDefault ||= $FormCode;
|
600
|
#
|
601
|
# if($Trans && $TRANS_2BYTE_CODE) {
|
602
|
# if($FormCode ne 'euc') {
|
603
|
# &jcode::convert($value, 'euc', $FormCode);
|
604
|
# }
|
605
|
# &jcode::tr(
|
606
|
# $value,
|
607
|
# "\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",
|
608
|
# '0-9A-Za-z'
|
609
|
# );
|
610
|
# if($CHARCODE ne 'euc') {
|
611
|
# &jcode::convert($value,$CHARCODE,'euc');
|
612
|
# }
|
613
|
# } else {
|
614
|
# if($CHARCODE ne $FormCode) {
|
615
|
# &jcode::convert($value,$CHARCODE,$FormCode);
|
616
|
# }
|
617
|
# }
|
618
|
# if($CHARCODE eq 'euc') {
|
619
|
# &jcode::h2z_euc($value);
|
620
|
# } elsif($CHARCODE eq 'sjis') {
|
621
|
# &jcode::h2z_sjis($value);
|
622
|
# }
|
623
|
|
624
|
}
|
625
|
|
626
|
##############################################################################
|
627
|
# Summary
|
628
|
#
|
629
|
# Error Msg
|
630
|
#
|
631
|
# Parameters
|
632
|
# Returns
|
633
|
# Memo
|
634
|
##############################################################################
|
635
|
|
636
|
sub upload_error
|
637
|
{
|
638
|
|
639
|
local($error_message) = $_[0];
|
640
|
local($error_message2) = $_[1];
|
641
|
|
642
|
print "Content-type: text/html\n\n";
|
643
|
print<<EOF;
|
644
|
<HTML>
|
645
|
<HEAD>
|
646
|
<TITLE>Error Message</TITLE></HEAD>
|
647
|
<BODY>
|
648
|
<table border="1" cellspacing="10" cellpadding="10">
|
649
|
<TR bgcolor="#0000B0">
|
650
|
<TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>
|
651
|
</TR>
|
652
|
</table>
|
653
|
<UL>
|
654
|
<H4> $error_message </H4>
|
655
|
$error_message2 <BR>
|
656
|
</UL>
|
657
|
</BODY>
|
658
|
</HTML>
|
659
|
EOF
|
660
|
&rm_tmp_uploaded_files; # Image Temporary deletion
|
661
|
exit;
|
662
|
}
|
663
|
|
664
|
##############################################################################
|
665
|
# Summary
|
666
|
#
|
667
|
# Image Temporary deletion
|
668
|
#
|
669
|
# Parameters
|
670
|
# Returns
|
671
|
# Memo
|
672
|
##############################################################################
|
673
|
|
674
|
sub rm_tmp_uploaded_files
|
675
|
{
|
676
|
if($img_data_exists == 1){
|
677
|
sleep 1;
|
678
|
foreach $fname_list(@NEWFNAMES) {
|
679
|
if(-e "$img_dir/$fname_list") {
|
680
|
unlink("$img_dir/$fname_list");
|
681
|
}
|
682
|
}
|
683
|
}
|
684
|
|
685
|
}
|
686
|
1;
|