| Server IP : 79.136.114.73 / Your IP : 216.73.216.37 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/icad.astacus.se/customerzon/myuploader-free/perl/myuploader/ |
Upload File : |
#!/usr/local/bin/perl
$base_directory = "uploaded-files";
$max_file_size = 100*1024*1024; # 100 MB, -1: unlimited
use CGI qw/:standard/;
$CGI::POST_MAX = $max_file_size;
$query = new CGI;
if ((scalar $query->param) < 1)
{
print "invalid body"; # will cause premature header error
exit;
}
$base_directory = $base_directory . '/' . $query->param('directory') . '/';
$base_directory =~ s{//}{/}g;
foreach $ptmp ($query->param)
{
if ($ptmp !~ /userfile/)
{
next;
}
@tmps = $query->param($ptmp);
@infiles = $query->upload($ptmp);
$i = 0;
foreach $tmp (@tmps)
{
$infile = $tmps[$i++];
$tmp =~ s/\%([A-Fa-f0-9]{2})/pack('C', hex($1))/seg;
$tmp =~ s/\+/ /sg;
$tmp =~ s/\\/\//g;
$tmp =~ s/^\/(.+)$/$1/g;
$tmp =~ s/\.\././g;
$filename = $base_directory . $tmp;
$dir = $filename;
$dir =~ s/^(.+\/)[^\/]+$/$1/;
@dirs = split('/', $dir);
$cur = '';
foreach $d (@dirs)
{
$cur = $cur . $d . '/';
if ($cur !~ /\/[^\/]+/)
{
next;
}
mkdir $cur;
if ($! ne '' && $! ne 'File exists')
{
print "could not make dir $cur"; # premature header error
exit;
}
}
open $outfile, ">$filename";
binmode $outfile;
binmode $infile;
while (<$infile>)
{
print $outfile $_;
}
close $outfile;
close $infile;
}
}
print "Content-Type: text/html\r\n\r\n";
exit;