#!/usr/pkg/bin/perl # ============================= # GREYMATTER - Uploading Module # Weblog/Journal Software # version one point two # Copyright (c)2000 Noah Grey # http://noahgrey.com/greysoft/ # ============================= # *** Your possession of this software indicates that you agree to the terms *** # *** specified under the "Copyright & Usage" heading in the "manual.txt" file. *** eval { ($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); ($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); }; use CGI::Carp qw(fatalsToBrowser); use CGI qw(:standard); require "gm-library.cgi"; print "Content-type: text/html\n\n"; $authorIP = $ENV{'REMOTE_ADDR'}; $| = 1; use CGI qw(:standard); $cgiquery = new CGI; $otherkeys = ""; foreach $key (sort {$a <=> $b} $cgiquery->param()) { $otherparams = param($key); $otherkeys .= "$otherparams|"; } chop ($otherkeys); @otherkeyvalues = split (/\|/, $otherkeys); $IN{'authorname'} = $otherkeyvalues[0]; $IN{'authorpassword'} = $otherkeyvalues[1]; if (($IN{'authorname'} eq "") || ($IN{'authorpassword'} eq "")) { &gm_dangermouse("The author name or password is blank. This file is only to be used by logging into Greymatter."); } &gm_validate; if ($gmuploadaccess ne "yes") { &gm_writetocplog("$IN{'authorname'} attempted to upload a file without authorization"); &gm_dangermouse("You don't have access to upload files."); } foreach $key (sort {$a <=> $b} $cgiquery->param()) { next if ($key =~ /^\s*$/); next if ($cgiquery->param($key) =~ /^\s*$/); next if ($key !~ /^uploadfile-(\d+)$/); if ($cgiquery->param($key) =~ /([^\/\\]+)$/) { $uploadfilename = $1; $uploadfilename =~ s/^\.+//; $uploadfilenamehandle = $cgiquery->param($key); if ($uploadfilename =~ m/\ /) { &gm_dangermouse("Your filename cannot contain spaces. Please rename your file, go back, and try again."); } } else { &gm_dangermouse("Your filename cannot contain backslashes, or have a period at the beginning of its name. Please rename your file, go back, and try again."); } if ($uploadfilename =~ /'/) { &gm_dangermouse("Your filename cannot contain apostrophes. Please rename your file, go back, and try again."); } if ($uploadfilesallowed ne "") { $thisfileisokay = "no"; @uploadfiletypecheck = split (/;/, $uploadfilesallowed); foreach $checkagainstthis (@uploadfiletypecheck) { if ($uploadfilename =~ /\.$checkagainstthis$/i) { $thisfileisokay = "yes"; } } if ($thisfileisokay eq "no") { &gm_dangermouse("Uploading files of that type is currently not permitted. Please go back and try a different file."); } } if (-e "$EntriesPath/$uploadfilename") { &gm_dangermouse("A file with that name already exists in your entries/archives directory. Please go back and try a file with a different name."); } undef $bytesread; undef $buffer; open(OUTFILE, ">$EntriesPath/$uploadfilename") || &gm_dangermouse("Can't write to $EntriesPath/$uploadfilename. Make sure that $EntriesPath is your correct entries/archives directory, and that this directory is CHMODed to 777."); while ($bytes = read($uploadfilenamehandle, $buffer, 2096)) { $bytesread += $bytes; binmode OUTFILE; print OUTFILE $buffer; } push (@fileswritten, "$EntriesPath\/$uploadfilename"); $totalbytes += $bytesread; $uploadconfirm{$uploadfilenamehandle} = $bytesread; close($uploadfilenamehandle); close(OUTFILE); } $filesuploaded = scalar(keys(%uploadconfirm)); if (($totalbytes eq $null) || ($totalbytes == 0)) { &gm_dangermouse("You didn't enter a filename, or you attempted to upload an empty file. Please go back and try again."); } $totalkbytes = $totalbytes / 1024; $totalkbytes = sprintf("%.0f", $totalkbytes); if (($uploadfilesizelimit ne "0") && ($totalkbytes > $uploadfilesizelimit)) { foreach $filetemp (@fileswritten) { unlink $filetemp; } $overthelimitby = $totalkbytes - $uploadfilesizelimit; &gm_dangermouse("The file you attempted to upload was too large ($overthelimitby\k over the $uploadfilesizelimit\k filesize limit). Please go back and try a smaller file."); } &gm_writetocplog("$IN{'authorname'} uploaded a file ($uploadfilename, $totalkbytes\k)"); if (($uploadfilename =~ /\.jpg$/i) || ($uploadfilename =~ /\.gif$/i) || ($uploadfilename =~ /\.png$/i)) { $usethisauthorname = $IN{'authorname'}; $usethisauthorpassword = $IN{'authorpassword'}; $filenameprefix = $uploadfilename; $filenameprefix =~ s/\.(...)$//; print< Measuring Image... UPLOADEDIMAGE exit; } if ($statusnote eq "") { $statusnote = qq(Upload Complete

); } $uploadfilenamelink = qq(<A HREF="$EntriesWebPath/$uploadfilename">$uploadfilename ($totalkbytes\k file)</A>); print< $uploadfilenamelink

"We can never tell what is in store for us."—Harry S. Truman $gmframebottom UPLOADCOMPLETE exit;