~ubuntu-branches/ubuntu/natty/moin/natty-updates

if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)

328

&& ! $$DATA =~ /[\000-\006\177\377]/) {

329

# $$DATA =~ s/\x0D\x0A/\n/g;

330

# $$DATA =~ tr/\x0D\x0A/\n\n/;

331

332

# if(

333

# $$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i

334

# || $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i

335

# || $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i

336

# ) {

337

# $Infomation = '(JavaScript contains)';

338

# }

339

# if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i

340

# || $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i

341

# || $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i

342

# || $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i

343

# || $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i

344

# || $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i

345

# || $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i

346

# || $$DATA =~ /<\s*FORM(?:.|\n)*?>/i

347

# || $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i

348

# || $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i

349

# ) {

350

# $Infomation = '(the HTML tag which is not safe is included)';

351

# }

352

353

if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) { # Text File

354

$Ext = 'txt';

355

} elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) { # HTML File

356

$Ext = 'html';

357

} elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) { # XBM(x-BitMap) Image

358

my $XbmName = $1;

359

my ($XbmWidth, $XbmHeight);

360

if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {

361

$XbmWidth = $1;

362

}

363

if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {

364

$XbmHeight = $1;

365

}

366

if($XbmWidth && $XbmHeight) {

367

$Ext = 'xbm';

368

$ImageWidth = $XbmWidth;

369

$ImageHeight = $XbmHeight;

370

}

371

} else { #

372

$Ext = 'txt';

373

}

374

}

375

376

# image

377

if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {

378

# PNG

379

if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {

380

if(substr($$DATA, 12, 4) eq 'IHDR') {

381

$Ext = 'png';

382

($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));

383

}

384

} elsif($$DATA =~ /^GIF8(?:9|7)a/) { # GIF89a(modified), GIF89a, GIF87a

385

$Ext = 'gif';

386

($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));

387

} elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) { # TIFF

388

$Ext = 'tif';

389

} elsif($$DATA =~ /^BM/) { # BMP

390

$Ext = 'bmp';

391

} elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) { # JPEG

392

my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);

393

my $Point = $HeaderPoint + 2;

394

while($Point < $DataLength) {

395

my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));

396

if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {

397

last;

398

} elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {

399

$Ext = 'jpg';

400

($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));

401

if($HeaderPoint > 0) {

402

$$DATA = substr($$DATA, $HeaderPoint);

403

$DataLength = length($$DATA);

404

}

405

last;

406

} else {

407

$Point += $MakerLength + 2;

408

}

409

}

410

}

411

}

412

413

# audio

414

if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {

415

# MIDI Audio

416

if($$DATA =~ /^MThd/) {

417

$Ext = 'mid';

418

} elsif($$DATA =~ /^\x2esnd/) { # ULAW Audio

419

$Ext = 'au';

420

} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {

421

my $HeaderPoint = index($$DATA, "RIFF", 0);

422

$_ = substr($$DATA, $HeaderPoint + 8, 8);

423

if(/^WAVEfmt $/) {

424

# WAVE

425

if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {

426

$Ext = 'wav';

427

} else { # RIFF WAVE MP3

428

$Ext = 'mp3';

429

}

430

} elsif(/^RMIDdata$/) { # RIFF MIDI

431

$Ext = 'rmi';

432

} elsif(/^RMP3data$/) { # RIFF MP3

433

$Ext = 'rmp';

434

}

435

if($ContentType =~ /^audio\//i) {

436

$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';

437

}

438

}

439

}

440

441

# a binary file

442

unless ($Ext) {

443

# PDF image

444

if($$DATA =~ /^\%PDF/) {

445

# Picture size is not measured.

446

$Ext = 'pdf';

447

} elsif($$DATA =~ /^FWS/) { # Shockwave Flash

448

$Ext = 'swf';

449

} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {

450

my $HeaderPoint = index($$DATA, "RIFF", 0);

451

$_ = substr($$DATA,$HeaderPoint + 8, 8);

452

# AVI

453

if(/^AVI LIST$/) {

454

$Ext = 'avi';

455

}

456

if($ContentType =~ /^video\//i) {

457

$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';

458

}

459

} elsif($$DATA =~ /^PK/) { # ZIP Compress File

460

$Ext = 'zip';

461

} elsif($$DATA =~ /^MSCF/) { # CAB Compress File

462

$Ext = 'cab';

463

} elsif($$DATA =~ /^Rar\!/) { # RAR Compress File

464

$Ext = 'rar';

465

} elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) { # LHA Compress File

466

$Infomation .= "(lh$1)";

467

$Ext = 'lzh';

468

} elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {

469

# QuickTime

470

$Ext = 'mov';

471

}

472

}

473

474

# Header analysis failure

475

unless ($Ext) {

476

# It will be followed if it applies for the MIME type from the browser.

477

foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {

478

next unless ($_);

479

if($ContentType =~ /^$_$/i) {

480

$Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};

481

$ContentName = &CheckContentExt($Ext);

482

if(

483

grep {$_ eq $Ext;} (

484

'png',

485

'gif',

486

'jpg',

487

'xbm',

488

'tif',

489

'bmp',

490

'pdf',

491

'swf',

492

'mov',

493

'zip',

494

'cab',

495

'lzh',

496

'rar',

497

'mid',

498

'rmi',

499

'au',

500

'wav',

501

'avi',

502

'exe'

503

)

504

) {

505

$Infomation .= ' / Header analysis failure';

506

}

507

if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {

508

$Ext = $FileExt;

509

}

510

last;

511

}

512

}

513

# a MIME type is unknown--It judges from an extension.

514

unless ($Ext) {

515

$ContentName = &CheckContentExt($FileExt);

516

if($ContentName) {

517

$Ext = $FileExt;

518

$Infomation .= ' / MIME type is unknown('. $ContentType. ')';

519

last;

520

}

521

}

522

}

523

524

# $ContentName = &CheckContentExt($Ext) unless($ContentName);

525

# if($Ext && $ContentName) {

526

# $ContentName .= $Infomation;

527

# } else {

528

# &upload_error(

529

# 'Extension Error',

530

# "$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))

531

# );

532

# }

533

534

# # SSI Tag Deletion

535

# if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {

536

# foreach (

537

# 'config',

538

# 'echo',

539

# 'exec',

540

# 'flastmod',

541

# 'fsize',

542

# 'include'

543

# ) {

544

# $$DATA =~ s/\#\s*$_/\&\#35\;$_/ig

545

# }

546

# }

547

548

return (

549

$FileName,

550

$Ext,

551

int($DataLength / 1024 + 1),

552

$ImageWidth,

553

$ImageHeight,

554

$ContentName

555

);

556

}

557

558

##############################################################################

559

# Summary

560

561

# Extension discernment

562

563

# Parameters

564

# Returns

565

# Memo

566

##############################################################################

567

568

sub CheckContentExt

569

{

570

571

my($Ext) = @_;

572

my $ContentName;

573

foreach (keys %UPLOAD_EXT_LIST) {

574

next unless ($_);

575

if($_ && $Ext =~ /^$_$/) {

576

$ContentName = $UPLOAD_EXT_LIST{$_};

577

last;

578

}

579

}

580

return $ContentName;

581

582

}

583

584

##############################################################################

585

# Summary

586

587

# Form decode

588

589

# Parameters

590

# Returns

591

# Memo

592

##############################################################################

593

sub Encode

594

{

595

596

my($value,$Trans) = @_;

597

598

# my $FormCode = &jcode::getcode($value) || $FormCodeDefault;

599

# $FormCodeDefault ||= $FormCode;

600

601

# if($Trans && $TRANS_2BYTE_CODE) {

602

# if($FormCode ne 'euc') {

603

# &jcode::convert($value, 'euc', $FormCode);

604

# }

605

# &jcode::tr(

606

# $value,

607

# "\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",

608

# '0-9A-Za-z'

609

# );

610

# if($CHARCODE ne 'euc') {

611

# &jcode::convert($value,$CHARCODE,'euc');

612

# }

613

# } else {

614

# if($CHARCODE ne $FormCode) {

615

# &jcode::convert($value,$CHARCODE,$FormCode);

616

# }

617

# }

618

# if($CHARCODE eq 'euc') {

619

# &jcode::h2z_euc($value);

620

# } elsif($CHARCODE eq 'sjis') {

621

# &jcode::h2z_sjis($value);

622

# }

623

624

}

625

626

##############################################################################

627

# Summary

628

629

# Error Msg

630

631

# Parameters

632

# Returns

633

# Memo

634

##############################################################################

635

636

sub upload_error

637

{

638

639

local($error_message) = $_[0];

640

local($error_message2) = $_[1];

641

642

print "Content-type: text/html\n\n";

643

print<<EOF;

644

<HTML>

645

<HEAD>

646

<TITLE>Error Message</TITLE></HEAD>

647

<BODY>

648

649

650

<TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>

651

</TR>

652

</table>

653

<UL>

654

<H4> $error_message </H4>

655

$error_message2 <BR>

656

</UL>

657

</BODY>

658

</HTML>

659

EOF

660

&rm_tmp_uploaded_files; # Image Temporary deletion

661

exit;

662

}

663

664

##############################################################################

665

# Summary

666

667

# Image Temporary deletion

668

669

# Parameters

670

# Returns

671

# Memo

672

##############################################################################

673

674

sub rm_tmp_uploaded_files

675

{

676

if($img_data_exists == 1){

677

sleep 1;

678

foreach $fname_list(@NEWFNAMES) {

679

if(-e "$img_dir/$fname_list") {

680

unlink("$img_dir/$fname_list");

681

}

682

}

683

}

684

685

}

686

Older »