updown/fetch.cgi

   1 #!/usr/local/bin/perl
   2 # Output one file for download
   3
   4 require './updown-lib.pl';
   5 &ReadParse();
   6 &error_setup($text{'fetch_err'});
   7 $can_fetch || &error($text{'fetch_ecannot'});
   8
   9 # Validate filename
  10 $file = $ENV{'PATH_INFO'} || $in{'fetch'};
  11 if ($file !~ /^([a-z]:)?\// && $can_dirs[0] ne "/") {
  12         $file = "$can_dirs[0]/$file";
  13         }
  14 $file || &error($text{'fetch_efile'});
  15 if ($file =~ /^(.*)\.zip$/ && $in{'unzip'}) {
  16         # Remove .zip extension
  17         $file = $1;
  18         }
  19 -r $file || -d $file || &error($text{'fetch_eexists2'});
  20 &can_write_file($file) ||
  21         &error(&text('fetch_eaccess', "<tt>$file</tt>", $!));
  22 if (-d $file && !&has_command("zip")) {
  23         &error($text{'fetch_ezip'});
  24         }
  25 if ($file eq "/" || $file =~ /^[a-z]:\/$/) {
  26         &error($text{'fetch_eroot'});
  27         }
  28
  29 if ($ENV{'PATH_INFO'}) {
  30         # Switch to the correct user
  31         if ($can_mode == 3) {
  32                 @uinfo = getpwnam($remote_user);
  33                 &switch_uid_to($uinfo[2], $uinfo[3]);
  34                 }
  35         elsif ($can_mode == 1 && @can_users == 1) {
  36                 @uinfo = getpwnam($can_users[0]);
  37                 &switch_uid_to($uinfo[2], $uinfo[3]);
  38                 }
  39
  40         if (-d $file) {
  41                 # Zip up the whole directory
  42                 ($shortfile = $file) =~ s/^.*\///g;
  43                 $shortfile =~ s/\s+//g;
  44                 $temp = &transname($shortfile.".zip");
  45                 $out = &backquote_command("cd ".quotemeta($file).
  46                                           " && zip -r ".quotemeta($temp)." .");
  47                 if ($?) {
  48                         &error(&text('fetch_ezipcmd',
  49                                      "<tt>".&html_escape($out)."</tt>"));
  50                         }
  51                 @st = stat($temp);
  52                 print "Content-length: $st[7]\n";
  53                 print "Content-type: application/zip\n\n";
  54                 open(FILE, $temp);
  55                 unlink($temp);
  56                 while(<FILE>) {
  57                         print $_;
  58                         }
  59                 close(FILE);
  60                 }
  61         else {
  62                 # Work out the type
  63                 &open_readfile(FILE, $file) ||
  64                         &error(&text('fetch_eopen', $!));
  65                 if ($fetch_show) {
  66                         $type = &guess_mime_type($file, undef);
  67                         if (!$type) {
  68                                 # See if it is really text
  69                                 $out = &backquote_command("file ".
  70                                         quotemeta(&resolve_links($file)));
  71                                 $type = "text/plain" if ($out =~ /text|script/);
  72                                 }
  73                         }
  74                 else {
  75                         print "Content-Disposition: Attachment\n";
  76                         }
  77
  78                 # Send it
  79                 $type ||= "application/octet-stream";
  80                 if (!$fetch_show) {
  81                         print "Content-Disposition: Attachment\n";
  82                         }
  83                 @st = stat($file);
  84                 print "Content-length: $st[7]\n";
  85                 print "Content-type: $type\n\n";
  86                 while(<FILE>) {
  87                         print $_;
  88                         }
  89                 close(FILE);
  90                 }
  91
  92         # Switch back to root
  93         &switch_uid_back();
  94         }
  95 else {
  96         # Save file in config
  97         if ($module_info{'usermin'}) {
  98                 &lock_file("$user_module_config_directory/config");
  99                 $userconfig{'fetch'} = $file;
 100                 $userconfig{'show'} = $in{'show'};
 101                 &write_file("$user_module_config_directory/config", \%userconfig);
 102                 &unlock_file("$user_module_config_directory/config");
 103                 }
 104         else {
 105                 &lock_file("$module_config_directory/config");
 106                 $config{'fetch_'.$remote_user} = $file;
 107                 $config{'show_'.$remote_user} = $in{'show'};
 108                 &write_file("$module_config_directory/config", \%config);
 109                 &unlock_file("$module_config_directory/config");
 110                 }
 111
 112         # Redirect to nice URL
 113         if (-d $file) {
 114                 &redirect("fetch.cgi".$file.".zip?unzip=1");
 115                 }
 116         else {
 117                 &redirect("fetch.cgi".$file);
 118                 }
 119         }
 120