mirror of git://git.qorg11.net/lainsafe.git
109 lines
2.6 KiB
Perl
Executable File
109 lines
2.6 KiB
Perl
Executable File
#!/usr/bin/perl
|
|
# This file is part of sakisafe.
|
|
|
|
# sakisafe is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
# sakisafe is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with sakisafe. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
use CGI;
|
|
use CGI::Carp qw(fatalsToBrowser);
|
|
|
|
my $q = CGI->new;
|
|
|
|
my $filename = $q->param('file');
|
|
my $url = $q->param('url');
|
|
|
|
my $upload_dir = "files/";
|
|
|
|
$size = $ENV{CONTENT_LENGTH};
|
|
|
|
# Configuration
|
|
|
|
our $MAX_SIZE = 1024*1024*100; # Change for your size
|
|
our $MAX_SIZE_MB = $MAX_SIZE / 1024 / 1024; # Don't change this
|
|
|
|
our @not_allowed_extensions = qw(sh out exe);
|
|
|
|
print $q->header();
|
|
|
|
# do something better
|
|
if ($url ne "") {
|
|
goto url_shorter;
|
|
}
|
|
|
|
if ($filename eq "" || $ENV{REQUEST_METHOD} eq "GET") {
|
|
print("What are you looking for?");
|
|
exit;
|
|
}
|
|
|
|
if ($filename) {
|
|
if ($size > $MAX_SIZE) {
|
|
print("Max size for a file is $MAX_SIZE_MB MBs");
|
|
exit;
|
|
}
|
|
|
|
|
|
my @chars = ("A"..."z","a"..."z");
|
|
my $dirname;
|
|
my $extension = $filename;
|
|
|
|
$dirname .= $chars[rand @chars] for 1..8;
|
|
$extension =~ s/.*\.//;
|
|
$filename .= ".notcgi" if $extension eq "cgi";
|
|
|
|
mkdir("$upload_dir/$dirname");
|
|
my $upload_filehandle = $q->upload("file");
|
|
|
|
# onion urls will be http
|
|
my $prot = length $ENV{HTTPS} ? "https" : "http";
|
|
|
|
my $allowed_extension = 1;
|
|
|
|
foreach (@not_allowed_extensions) {
|
|
if ($filename =~ /\.$_$/i) {
|
|
$allowed_extension = 0;
|
|
last;
|
|
}
|
|
|
|
}
|
|
if ($filename eq "-") {
|
|
$filename .= ".txt"; # for pastes
|
|
}
|
|
if ($allowed_extension) {
|
|
|
|
open(FILE,">$upload_dir/$dirname/$filename");
|
|
binmode(FILE);
|
|
while (<$upload_filehandle>) {
|
|
print FILE;
|
|
}
|
|
close FILE;
|
|
$filename =~ s/ /%20/g;
|
|
|
|
print $prot. "://" . $ENV{HTTP_HOST} . "/$upload_dir$dirname/$filename" . "\n";
|
|
} else {
|
|
print "The file extension .$extension is not allowed in this instance.";
|
|
}
|
|
exit;
|
|
} elsif ($url != "" && !$filename) {
|
|
url_shorter:
|
|
my $template = "<meta http-equiv=\"Refresh\" content=\"0; url='$url'\"/>";
|
|
my @chars = ("A"..."z","a"..."z",1..9);
|
|
my $dirname;
|
|
$dirname .= $chars[rand @chars] for 1..4;
|
|
mkdir($dirname);
|
|
open(my $fh, ">$dirname/index.html");
|
|
print $fh $template;
|
|
my $prot = length $ENV{HTTPS} ? "https" : "http";
|
|
print $prot. "://" . $ENV{HTTP_HOST} . "/$dirname" . "\n";
|
|
exit;
|
|
}
|