#!/usr/bin/perl use CGI::Carp qw(fatalsToBrowser); # # CSFileshare - v.2.0 - 103104 # ##################################################################### # # # Copyright © 1999-2004 CGISCRIPTS.NET - All Rights Reserved # # # ##################################################################### # # # THIS COPYRIGHT INFORMATION MUST REMAIN INTACT # # AND MAY NOT BE MODIFIED IN ANY WAY # # # ##################################################################### # # When you downloaded this script you agreed to accept the terms # of this Agreement. This Agreement is a legal contract, which # specifies the terms of the license and warranty limitation between # you and CGISCRIPTS.NET. You should carefully read the following # terms and conditions before installing or using this software. # Unless you have a different license agreement obtained from # CGISCRIPTS.NET, installation or use of this software indicates # your acceptance of the license and warranty limitation terms # contained in this Agreement. If you do not agree to the terms of this # Agreement, promptly delete and destroy all copies of the Software. # # Versions of the Software # Only one copy of the registered version of CGISCRIPTS.NET # may used on one web site. # # License to Redistribute # Distributing the software and/or documentation with other products # (commercial or otherwise) or by other than electronic means without # CGISCRIPTS.NET's prior written permission is forbidden. # All rights to the CGISCRIPTS.NET software and documentation not expressly # granted under this Agreement are reserved to CGISCRIPTS.NET. # # Disclaimer of Warranty # THIS SOFTWARE AND ACCOMPANYING DOCUMENTATION ARE PROVIDED "AS IS" AND # WITHOUT WARRANTIES AS TO PERFORMANCE OF MERCHANTABILITY OR ANY OTHER # WARRANTIES WHETHER EXPRESSED OR IMPLIED. BECAUSE OF THE VARIOUS HARDWARE # AND SOFTWARE ENVIRONMENTS INTO WHICH CGISCRIPTS.NET MAY BE USED, NO WARRANTY # OF FITNESS FOR A PARTICULAR PURPOSE IS OFFERED. THE USER MUST ASSUME THE # ENTIRE RISK OF USING THIS PROGRAM. ANY LIABILITY OF CGISCRIPTS.NET WILL BE # LIMITED EXCLUSIVELY TO PRODUCT REPLACEMENT OR REFUND OF PURCHASE PRICE. # IN NO CASE SHALL CGISCRIPTS.NET BE LIABLE FOR ANY INCIDENTAL, SPECIAL OR # CONSEQUENTIAL DAMAGES OR LOSS, INCLUDING, WITHOUT LIMITATION, LOST PROFITS # OR THE INABILITY TO USE EQUIPMENT OR ACCESS DATA, WHETHER SUCH DAMAGES ARE # BASED UPON A BREACH OF EXPRESS OR IMPLIED WARRANTIES, BREACH OF CONTRACT, # NEGLIGENCE, STRICT TORT, OR ANY OTHER LEGAL THEORY. THIS IS TRUE EVEN IF # CGISCRIPTS.NET IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO CASE WILL # CGISCRIPTS.NET' LIABILITY EXCEED THE AMOUNT OF THE LICENSE FEE ACTUALLY PAID # BY LICENSEE TO CGISCRIPTS.NET. # # Credits: # Andy Angrick - Programmer - angrick@cgiscript.net # Mike Barone - Developer - mbarone@cgiscript.net # # For information about this script or other scripts see # http://www.cgiscript.net # # Thank you for trying out our script. # If you have any suggestions or ideas for a new innovative script # please direct them to suggest@cgiscript.net. Thanks. # # ######################################################################## # Config Variables # ######################################################################## $basepath = './'; $in{'scriptname'} = 'CSFileshare.cgi'; $in{'userscriptname'} = 'usermanage.cgi'; $overwrite=1; ######################################################################## # End Config Variables # ######################################################################## require("$basepath/libs.cgi"); if(-f "$basepath/setup.cgi"){ require("$basepath/setup.cgi"); } $in{'cgiurl'} = $cgiurl.'/'.$in{'scriptname'}; $in{'rooturl'} = $rooturl; $sharedrivepath=$rootpath.'/drives'; $datapath=$rootpath.'/data/'; $ownerpath = $rootpath.'/owner'; $descpath = $rootpath.'/desc'; $in{'imageurl'} = $imageurl; $| = 1; &main; exit; sub main{ &getdata(1); &SanCheck; ($in{'command'} eq 'df')&&(&DownloadFile); print "Content-type: text/html\n\n"; if((! -e "$basepath/setup.cgi") && ($in{'command'} eq "")){ &DoSetup; } if($in{'command'} eq "savesetup"){ if(-e "$basepath/setup.cgi"){ &PError("Error. Permission denied."); } else{ &SaveSetup; } } ($in{'command'} eq 'login')&&(&Login); ($anonupload)&&($in{'command'} eq '')&&(&GoHome); (!$anonupload)&&($in{'command'} eq '')&&(&Login); #all require password below (!$anonupload)&&(&GetLogin); ##public subs (!$in{'UserName'})&&($in{'UserName'}='anon'); ($in{'command'} eq 'open')&&(&View); ($in{'command'} eq 'showcd')&&(&ShowCD); ($in{'command'} eq 'gohome')&&(&GoHome); ($in{'command'} eq 'adddir')&&(&AddDir); ($in{'command'} eq 'goup')&&(&GoUp); ($in{'command'} eq 'rmdir')&&(&RmDir); ($in{'command'} eq 'showup')&&(&ShowUpload); ($in{'command'} eq 'upload')&&(&Upload); ($in{'command'} eq 'rmfile')&&(&RmFile); ##management subs &GetLogin; ($in{'command'} eq 'manage')&&(&Manage); ($in{'command'} eq 'adddrive')&&(&AddDrive); ($in{'command'} eq 'savedrive')&&(&SaveDrive); ($in{'command'} eq 'deletedrive')&&(&DeleteDrive); ($in{'command'} eq 'editdrive')&&(&EditDrive); } sub DownloadFile{ (!$anonupload)&&(&GetLogin); my($file) = $sharedrivepath."/$in{'f'}"; exit if (-e !$file); my(@s) = stat($file); my($rn) = &GetRealName($file); print "Content-Type: application/octet-stream\n"; print "Content-disposition: attachment; filename=\"$rn\"\n"; print "Content-length: $s[7]\n\n"; open(F,"<$file"); binmode(F); while(){ print; } close F; exit; } sub Upload{ &CheckConfig; (!$in{'upfields'})&&($in{'upfields'}=1); for my $i (1..$in{'upfields'}){ next if (!$in{'file'.$i}); $rn=&GetRealName($in{'file'.$i}); (!$in{'fdesc'.$i})&&($in{'fdesc'.$i} = $rn); ($rn =~ /^index.htm/i)&&(&PError("index.htm files are not allowed in shared drives. Please rename the file and try to upload again.")); &CheckExt($rn); if((-e "$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$rn")&&($overwrite==0)){ &PError("Error. File already exists"); } &SaveFile("file$i","$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$rn"); ##create permission file open(DB,">$ownerpath/$in{'sdrive'}/$in{'cdir'}/$rn.cgi"); print DB "$in{'UserName'}\n"; close DB; ##create desc file open(DB,">$descpath/$in{'sdrive'}/$in{'cdir'}/$rn.cgi"); print DB "$in{'fdesc'.$i}\n"; close DB; $allfiles .= "$rooturl/drives/$in{'sdrive'}/$in{'cdir'}$rn\n"; } if($in{'emailnotify'}){ $allfiles =~ s/ /%20/g; my $message = qq| The following file(s) has been uploaded to drive $in{'sdrive'} $allfiles $in{'cgiurl'} |; if($mailserver){ require("$basepath/sendmail.cgi"); &SendMail($in{'emailnotify'},$in{'emailnotify'},"CSFileshare upload to $in{'sdrive'}",$message,$mailserver); } else{ open(MAIL,"|$sendmail -t"); print MAIL "To: $in{'emailnotify'}\n"; print MAIL "From: $in{'emailnotify'}\n"; print MAIL "Subject: CSFileshare upload to $in{'sdrive'}\n\n"; print MAIL $message; close MAIL; } } print <<"EOF"; EOF } sub ShowUpload{ &CheckConfig; (!$in{'upfields'})&&($in{'upfields'}=1); for my $i (1..$in{'upfields'}){ $in{'ufields'} .= qq| File: Description:

(Optional. Only alpha-numeric characters are allowed.)

|; } &PageOut("$basepath/t_upload.htm"); exit; } sub RmFile{ ##go to shared drive unlink("$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}"); unlink("$ownerpath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}.cgi"); unlink("$descpath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}.cgi"); &RecalQuota($in{'sdrive'}); print <<"EOF"; EOF } sub RmDir{ ##go to shared drive #delete the index file unlink("$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}/index.htm"); rmdir("$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}"); #check to see if delete was successful if(-e "$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}"){ #put back index.htm file. open(IND,">$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}/index.htm"); print IND "permission denied.\n"; close IND; &PError("Directory not deleted. Only emptry directories can be deleted"); } unlink("$ownerpath/$in{'sdrive'}/$in{'cdir'}/~$in{'nd'}.cgi"); rmdir("$ownerpath/$in{'sdrive'}/$in{'cdir'}/$in{'nd'}"); print <<"EOF"; EOF } sub GoUp{ #take off last directory $in{'cdir'} =~ s/[^\/]*\/$//; &View; exit; } sub AddDir{ #validate ($in{'dname'} =~ /\W/)&&(&PError("Invalid characters in directory name. Only A-Z,a-z,0-1 allowed")); #createdir in drive mkdir "$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'dname'}",0755 ; ##create index file so they can't browse open(IND,">$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$in{'dname'}/index.htm"); print IND "permission denied.\n"; close IND; ##create permission file mkdir "$ownerpath/$in{'sdrive'}/$in{'cdir'}/$in{'dname'}",0755; open(DB,">$ownerpath/$in{'sdrive'}/$in{'cdir'}/~$in{'dname'}.cgi"); print DB "$in{'UserName'}\n"; close DB; ##create desc dir mkdir "$descpath/$in{'sdrive'}/$in{'cdir'}/$in{'dname'}",0755; print <<"EOF"; EOF exit; } sub GoHome{ my(@drives); if(($driveno == 1)&&($level ne 'admin')&&($drives ne 'all')){ $in{'sdrive'} = $maindrive; &View; exit; } opendir(DIR,"$datapath"); @sd = grep{/[^\.]/} readdir(DIR); foreach $i (@sd){ next if ($i =~ /index.html?/i); next if ($i =~ /^\_/); $ei = $i; $ei =~ s/([^\w])/'%'.sprintf("%.2x",ord($1))/ge; $iname = sprintf("%.12s",$i); #get description open(DESC, "$datapath/$i")||die print "$!:$datapath/$i"; $desc = ; close DESC; #### push(@drives,"
$iname
$desc
") unless (!&noaccess($ei)); if(&noaccess($ei)){ $found=1; } ##### } my($count) = 0; $in{'line'} = "\n"; foreach my $drive (sort @drives){ $count++; $in{'line'} .= "$drive"; if($count==3){ $in{'line'} .= "\n"; $count=0; } } for my $i (0..3){ $in{'line'} .= ""; } $in{'line'} .= ""; if(!$found){ $in{'line'} = "No drives configured$t[1]$t[2]$t[3]\n"; } &PageOut("$basepath/t_home.htm"); exit; } sub ShowCD{ &PageOut("$basepath/t_cd.htm"); exit; } sub Login{ (!$in{'command'})&&($in{'command'} = 'gohome'); ($in{'command'} eq 'login')&&($in{'command'} = 'gohome'); &PageOut("$basepath/t_login.htm"); exit; } sub GetLogin{ &GetCookies; $in{'UserName'} = $cookie{'UserName'}; $in{'PassWord'} = $cookie{'PassWord'}; ## if(!$in{'UserName'}){ &PageOut("$basepath/t_login.htm"); exit; } else{ ##open the user database open(USERS,"$basepath/users.cgi"); while(){ chomp; ($username,$password,$name,$level,$drives) = split(":",$_); last if($in{'UserName'} eq $username); } close USERS; $okay=1; if(!$in{'sdrive'}){ $driveno = 0; @d = split(",",$drives); foreach $x (@d){ $driveno++; $maindrive = $x; } $okay=1; } if($in{'sdrive'}){ @d = split(",",$drives); $okay=0; foreach $x (@d){ ($x eq $in{'sdrive'})&&($okay=1); } ($level eq 'admin')&&($okay=1); ($drives eq 'all')&&($okay=1); } (($in{'UserName'} ne $username)||(($in{'PassWord'} ne $password)))&&(&PError("Error. Invalid username or password")); (!$okay)&&(&PError("Error. You don't have access to this drive")); } ## } sub View{ &CheckConfig; $a = $rootpath; &noaccess($in{'sdrive'}); my(@a); my $dpc = $createdir{"$in{'sdrive'}-c"}; if(($createdir{"call"})||($dpc)||($level eq 'admin')){ push(@a,"[ Make Directory ] "); } my $dpu = $upload{"$in{'sdrive'}-u"}; if(($upload{"uall"})||($dpu)||($level eq 'admin')){ push(@a,"[ File Upload ] "); } $in{'aline'} = join(" - ",@a); ($in{'aline'})&&($in{'aline'} = $in{'aline'} . ' - '); ##go to shared drive chdir("$sharedrivepath/$in{'sdrive'}")||print "$!:$sharedrivepath/$in{'sdrive'}
"; #if in subdir .. go to subdir ($in{'nd'})&&($in{'cdir'} = "$in{'cdir'}$in{'nd'}/"); ($in{'cdir'})&&(chdir("$in{'cdir'}")); ##get dirs/files opendir(DIR,"."); @all = readdir(DIR); close DIR; ##read dirs foreach $i (sort (@all)){ next if (! -d "$i"); next if ($i =~ /^\./); next if ($i =~ /^\_/); #getowner open(DB,"$ownerpath/$in{'sdrive'}/$in{'cdir'}/~$i.cgi"); $oe = ; close DB; #get date @st = stat("$i"); $date = &ctime($st[9]); my ($dl); my $dp = $delete{"$in{'sdrive'}-d"}; if(($delete{"dall"})||($dp)||($level eq 'admin')){ $dl = qq||; } $in{'directory'} .= qq| Goto $d $i Directory $date $oe $dl  |; } ##read files foreach $i (sort (@all)){ next if (-d "$i"); next if ($i =~ /^\./); next if ($i =~ /^index.htm/i); #check to purge.. don't display if purged next if (&CheckToPurge); #getowner open(DB,"$ownerpath/$in{'sdrive'}/$in{'cdir'}/$i.cgi"); $oe = ;chomp $oe; close DB; #getowner open(DB,"$descpath/$in{'sdrive'}/$in{'cdir'}/$i.cgi"); $d = ;chomp $d; close DB; #get date @st = stat("$i"); $date = &ctime($st[9]); if($in{'apurgedays'}){ my $daysold = int((time - $st[9])/86400); my $daysleft = $in{'apurgedays'} - $daysold; $in{'daysleft'} = qq|
Days to deletion: $daysleft|; } else{ $in{'daysleft'} =''; } $size = $st[7]; $size = sprintf("%1.2fMB",($size/1000000)); my ($URL) = "drives/$in{'sdrive'}/$in{'cdir'}/$i"; $URL =~ s/\/\//\//g; $URL = $rooturl.$URL; my ($dl2); my $dp = $delete{"$in{'sdrive'}-d"}; if(($delete{"dall"})||($dp)||($level eq 'admin')){ $dl2 = qq||; } $in{'files'} .= qq| Download $d $d $size Uploaded: $date$in{'daysleft'} $oe $dl2  |; } (!$in{'directory'})&&(!$in{'files'})&&($in{'files'} = "Directory Empty"); chdir("$a"); ($in{'apurge'} ne 'NEVER')?($in{'pdays'} = "$in{'apurgedays'} Day"):($in{'pdays'} = 'Infinite'); ($in{'qshare'} eq 'UNLIMITED')?($in{'pfull'} = '0'):($in{'pfull'} = &GetQuota); $in{'upheight'} = 275 + (50*($in{'upfields'}-1)); $in{'ssdrive'} = substr($in{'sdrive'},0,30); &PageOut("$cgipath/t_index.htm"); exit; } sub EditDrive{ open(DB,"$datapath/$in{'id'}"); $in{'sdesc'}=; chomp $in{'sdesc'}; $in{'filetype'}=; chomp $in{'filetype'}; $in{'fileext'}=; chomp $in{'fileext'}; $in{'qshare'}=; chomp $in{'qshare'}; $in{'qsharelimit'}=; chomp $in{'qsharelimit'}; $in{'quser'}=; chomp $in{'quser'}; $in{'quserlimit'}=; chomp $in{'quserlimit'}; $in{'apurge'}=; chomp $in{'apurge'}; $in{'apurgedays'}=; chomp $in{'apurgedays'}; $in{'pwarn'}=; chomp $in{'pwarn'}; $in{'pwarndays'}=; chomp $in{'pwarndays'}; $in{'ptext'}=; chomp $in{'ptext'}; $in{'emailnotify'}=; chomp $in{'emailnotify'}; $in{'upfields'}=; chomp $in{'upfields'}; $in{'ptext'} =~ s/~~/\n/g; close DB; $in{'sname'} = "$in{'id'}"; #get check boxes $in{'filetype_'.$in{'filetype'}} = 'checked'; $in{'qshare_'.$in{'qshare'}} = 'checked'; $in{'quser_'.$in{'quser'}} = 'checked'; $in{'apurge_'.$in{'apurge'}} = 'checked'; $in{'pwarn_'.$in{'pwarn'}} = 'checked'; $in{'upfields'.$in{'upfields'}} = 'selected'; &PageOut("$basepath/t_addGlobalSharedDrive.htm"); exit; } sub DeleteDrive{ ##delete shared drive path unlink("$sharedrivepath/$in{'id'}/index.htm"); rmdir("$sharedrivepath/$in{'id'}"); if(-e "$sharedrivepath/$in{'id'}"){ #put back index.htm file. open(IND,">$sharedrivepath/$in{'id'}/index.htm"); print IND "permission denied.\n"; close IND; &PError("Drive not deleted. Only emptry drives can be deleted"); } #delete listing of shared drive unlink("$datapath/$in{'id'}"); #delete ownerpath unlink("$ownerpath/$in{'id'}/index.htm"); rmdir("$ownerpath/$in{'id'}"); if(-e "$ownerpath/$in{'id'}"){ #put back index.htm file. open(IND,">$ownerpath/$in{'id'}/index.htm"); print IND "permission denied.\n"; close IND; } #delete desc path unlink("$descpath/$in{'id'}/index.htm"); rmdir("$descpath/$in{'id'}"); if(-e "$descpath/$in{'id'}"){ #put back index.htm file. open(IND,">$descpath/$in{'id'}/index.htm"); print IND "permission denied.\n"; close IND; } print <<"EOF"; EOF exit; } sub SaveDrive{ if($in{'id'}){ $in{'sname'} = $in{'id'}; } else{ (-e "$datapath/$in{'sname'}")&&(&PError("Error. Drive name already exists.")); mkdir "$sharedrivepath/$in{'sname'}",0755; mkdir "$ownerpath/$in{'sname'}",0755; mkdir "$descpath/$in{'sname'}",0755; } open(DB,">$datapath/$in{'sname'}"); print DB "$in{'sdesc'}\n"; print DB "$in{'filetype'}\n"; print DB "$in{'fileext'}\n"; print DB "$in{'qshare'}\n"; print DB "$in{'qsharelimit'}\n"; print DB "$in{'quser'}\n"; print DB "$in{'quserlimit'}\n"; print DB "$in{'apurge'}\n"; print DB "$in{'apurgedays'}\n"; print DB "$in{'pwarn'}\n"; print DB "$in{'pwarndays'}\n"; $in{'ptext'} =~ s/[\r]\n/~~/g; print DB "$in{'ptext'}\n"; print DB "$in{'emailnotify'}\n"; print DB "$in{'upfields'}\n"; close DB; #create index files open(DB,">$sharedrivepath/$in{'sname'}/index.htm"); print DB "permission denied\n"; close DB; open(DB,">$ownerpath/$in{'sname'}/index.htm"); print DB "permission denied\n"; close DB; open(DB,">$descpath/$in{'sname'}/index.htm"); print DB "permission denied\n"; close DB; ($in{'id'})?($mess="Share Drive Modified"):($mess="Share Drive Created"); print <<"EOF"; EOF exit; } sub AddDrive{ $in{'sname'} = ""; #get check boxes $in{'filetype_NOLIMIT'} = 'checked'; $in{'qshare_UNLIMITED'} = 'checked'; $in{'quser_UNLIMITED'} = 'checked'; $in{'apurge_NEVER'} = 'checked'; $in{'pwarn_NO'} = 'checked'; $in{'ptext'} = "Your files will be purged in [days] day(s). Please make sure you save copies if required."; &PageOut("$basepath/t_addGlobalSharedDrive.htm"); exit; } sub Manage{ ($level ne 'admin')&&(&PError("Access denied for level: $level")); opendir(DIR,"$datapath"); @sd = grep{/[^\.]/} readdir(DIR); foreach $i (@sd){ next if ($i =~ /index.html?/i); next if ($i =~ /^\_/); my $i2 = $i; $i2 =~ s/([^\w])/'%'.sprintf("%.2x",ord($1))/ge; $in{'line'} .= " $i "; } (!$in{'line'})&&($in{'line'} = "No drives defined"); &PageOut("$basepath/t_manage.htm"); exit; } sub GetRealName{ local($filename) = @_; if ($filename =~ /\//) { @array = split(/\//, $filename); $real_name = pop(@array); } elsif ($filename =~ /\\/) { @array = split(/\\/, $filename); $real_name = pop(@array); } else { $real_name = "$filename"; } return $real_name; } sub SaveFile { my($fieldname,$outfile,$t)=@_; #my $filename=$query->upload($fieldname); my $filename=$in{$fieldname}; #get total used space open(QUOTA,"$rootpath/$in{'sdrive'}.quota"); $used = ; close QUOTA; ($in{'qsharelimit'})&&(($used+$ENV{'CONTENT_LENGTH'}) > ($in{'qsharelimit'}*1000000))&&(&PError("Error. Global quota exceeded")); ##we are overwriting.. take out old quota if(-e "$outfile"){ @info = stat("$outfile"); $used -= $info[7]; $user_used -= $info[7]; } if (!open(OUTFILE, ">$outfile")) { &PError("Error. There was an error saving your attachment."); } binmode(OUTFILE); while ($bytesread = read($filename,$buffer,1024)) { ###convert to ascii ($t eq 'ASCII')&&($buffer =~ s/\r//g); $totalbytes += $bytesread; $used += $bytesread; $user_used += $bytesread; ##check to see if global gone over quota. if(($in{'qshare'} eq 'LIMIT')&&($used > ($in{'qsharelimit'}*1000000))){ close($filename); close(OUTFILE); close(QUOTA); unlink("$outfile"); &PError("Error. Global Disk quota exceeded."); } ##check to see if global gone over quota. if(($in{'uquota'} != 0)&&($user_used > ($in{'uquota'}*1000000))){ close($filename); close(OUTFILE); close(QUOTA); unlink("$outfile"); &PError("Error. User Disk quota exceeded."); } print OUTFILE $buffer; } close($filename); close(OUTFILE); &RecalQuota($in{'sdrive'}); } sub CheckConfig{ #Read in variables; open(DB,"$datapath/$in{'sdrive'}"); $in{'sdesc'}=; chomp $in{'sdesc'}; $in{'filetype'}=; chomp $in{'filetype'}; $in{'fileext'}=; chomp $in{'fileext'}; $in{'qshare'}=; chomp $in{'qshare'}; $in{'qsharelimit'}=; chomp $in{'qsharelimit'}; $in{'quser'}=; chomp $in{'quser'}; $in{'quserlimit'}=; chomp $in{'quserlimit'}; $in{'apurge'}=; chomp $in{'apurge'}; $in{'apurgedays'}=; chomp $in{'apurgedays'}; $in{'pwarn'}=; chomp $in{'pwarn'}; $in{'pwarndays'}=; chomp $in{'pwarndays'}; $in{'ptext'}=; chomp $in{'ptext'}; $in{'emailnotify'}=; chomp $in{'emailnotify'}; $in{'upfields'}=; chomp $in{'upfields'}; $in{'ptext'} =~ s/~~/\n/g; close DB; } sub CheckExt{ local($rn) = @_; #check file extension. if($in{'filetype'} eq 'LIMIT'){ ($ext) = $rn =~ /.*\.(\w*)$/; (@fx) = split(",",$in{'fileext'}); foreach $i (@fx){ ($i =~ /$ext/i)&&($found=1); } (!$found)&&(&PError("Error. Only $in{'fileext'} types are permitted")); } } sub GetQuota{ ($globalfilespurged)&&(&RecalQuota($in{'sdrive'})); ##get quotas open(QUOTA,"$rootpath/$in{'sdrive'}.quota"); $in{'suse'} = ; close QUOTA; $in{'suse'} = sprintf("%.2fMB",$in{'suse'}/1000000); return sprintf("%.2f",($in{'suse'}/$in{'qsharelimit'})*100); } sub CheckToPurge{ local(@info); local($localfilespurged); $localfilespurged=0; #san check return if(!$sharedrivepath); return if(!$in{'sdrive'}); if($in{'apurge'} eq 'NEVER'){ ##don't purge the files return; } if(!$in{'apurgedays'}){ ##we don't have number of days to purge..do return return; } $now = time; @info = stat("$i"); $created = $info[9]; $size = $info[7]; if(($now - $created) > ($in{'apurgedays'})*86400){ #purge the file. unlink("$sharedrivepath/$in{'sdrive'}/$in{'cdir'}/$i"); ##get owner file unlink("$ownerpath/$in{'sdrive'}/$in{'cdir'}/$i"); ##get description file unlink("$descpath/$in{'sdrive'}/$in{'cdir'}/$i"); $localfilespurged=1; $globalfilespurged=1; } return $localfilespurged; } sub RecalQuota{ local($sdrive) = @_; ##now recal &RecalcQuotas2("$sharedrivepath/$sdrive"); chdir($a); ##update global used open(QUOTA,">$rootpath/$in{'sdrive'}.quota")||print "$!$rootpath/$in{'sdrive'}.quota
"; print QUOTA $q; close QUOTA; } sub RecalcQuotas2{ local($cdir) = @_; local(@files); local($i); opendir(DIR,$cdir); @files = readdir(DIR); close DIR; ($cdir eq '.')?($cdir=''):($cdir .= '/'); foreach $i (@files){ next if ($i =~ /^\./); next if ($i =~ /^\_/); if(-d "$cdir$i"){&RecalcQuotas2("$cdir$i");} else{ @info = stat("$cdir$i"); $created = $info[9]; $size = $info[7]; $q += $size; } } } sub SanCheck(){ ($in{'sdrive'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'cdir'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'nd'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'file'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'id'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'sname'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'f'} =~ /\.\./)&&(&PError("Error. Invalid entry")); ($in{'sdrive'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'cdir'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'nd'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'file'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'id'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'sname'} =~ /\|/)&&(&PError("Error. Invalid entry")); ($in{'f'} =~ /\|/)&&(&PError("Error. Invalid entry")) } sub noaccess{ local($ei) = @_; ##open the user database open(USERS,"$basepath/users.cgi"); while(){ chomp; ($username,$password,$name,$level,$drives,$p1,$p2,$p3) = split(":",$_); last if($in{'UserName'} eq $username); } close USERS; @d = split(",",$drives); $okay=0; foreach $x (@d){ $x =~ s/([^\w])/'%'.sprintf("%.2x",ord($1))/ge; ($x eq $ei)&&($okay=1); } ($level eq 'admin')&&($okay=1); ($drives eq 'all')&&($okay=1); my @mpu = split(",",$p1); my @mpd = split(",",$p2); my @mpc = split(",",$p3); foreach $i (@mpu){ $upload{$i} = 1; } foreach $i (@mpd){ $delete{$i} = 1; } foreach $i (@mpc){ $createdir{$i} = 1; } return $okay; } sub DoSetup{ (-f "$basepath/setup.cgi")&&(&PError("Error. Access Denied")); (-f "../setup.cgi")&&(&PError("Error. Access Denied")); use Cwd; $in{'mcgipath'} = Cwd::cwd(); $in{'mcgiurl'} = "$ENV{'HTTP_HOST'}/$ENV{'SCRIPT_NAME'}"; $in{'mcgiurl'} =~ s/\/\//\//g; $in{'mcgiurl'} = "http://".$in{'mcgiurl'}; $in{'mcgiurl'} =~ s/\/$in{'scriptname'}//i; $in{'mimageurl'} = $in{'mcgiurl'}.'/images'; $in{'msendmail'} = '/usr/sbin/sendmail'; $in{'mrootpath'} = $in{'mcgipath'}; $in{'mrooturl'} = $in{'mcgiurl'}; &PageOut("$basepath/t_setup.htm"); exit; } sub SaveSetup{ (-f "$basepath/setup.cgi")&&(&PError("Error. Access Denied")); (-f "../setup.cgi")&&(&PError("Error. Access Denied")); $in{'setup'} =~ s/\r*\n/\n/g; my $sfile = "$basepath/setup.cgi"; $in{'mcgiurl'} =~ s/[\'\%\$]//g; $in{'mcgipath'} =~ s/[\'\%\$]//g; $in{'mimageurl'} =~ s/[\'\%\$]//g; $in{'mrootpath'} =~ s/[\'\%\$]//g; $in{'mrooturl'} =~ s/[\'\%\$]//g; $in{'msendmail'} =~ s/[\'\%\$]//g; $in{'musername'} =~ s/[\'\%\$]//g; $in{'mpassword'} =~ s/[\'\%\$]//g; open(SETUP,">$basepath/setup.cgi"); print SETUP "\$cgiurl='$in{'mcgiurl'}';\n"; print SETUP "\$cgipath='$in{'mcgipath'}';\n"; print SETUP "\$imageurl='$in{'mimageurl'}';\n"; print SETUP "\$rootpath='$in{'mrootpath'}';\n"; print SETUP "\$rooturl='$in{'mrooturl'}';\n"; if($in{'msendmail'}){ print SETUP "\$sendmail='$in{'msendmail'}';\n"; } if($in{'mmailserver'}){ print SETUP "\$mailserver='$in{'mmailserver'}';\n"; } print SETUP "\$anonupload = 0; #<-- set to '1' to not require a password to use CSFileshare. #<-- set to '0' to require users from the users.dat file.\n"; print SETUP "1;\n"; open(USERS,">$basepath/users.cgi"); print USERS "$in{'musername'}:$in{'mpassword'}:Admin:admin\n"; close USERS; print <<"EOF"; EOF exit; }