#!/usr/local/bin/perl
# upload.cgi
# Upload multiple files
require './updown-lib.pl';
&error_setup($text{'upload_err'});
&ReadParse(\%getin, "GET");
$upid = $getin{'id'};
&ReadParseMime($upload_max, \&read_parse_mime_callback, [ $upid ]);
$can_upload || &error($text{'upload_ecannot'});
# Validate inputs
$in{'dir'} || &error($text{'upload_edir'});
if (defined($in{'email_def'}) && !$in{'email_def'}) {
$in{'email'} =~ /\S/ || &error($text{'upload_eemail'});
$email = $in{'email'};
}
if ($can_mode != 3) {
# User can be entered
scalar(@uinfo = getpwnam($in{'user'})) ||
&error($text{'upload_euser'});
&can_as_user($in{'user'}) ||
&error(&text('upload_eucannot', $in{'user'}));
$in{'group_def'} || scalar(@ginfo = getgrnam($in{'group'})) ||
&error($text{'upload_egroup'});
$can_mode == 0 || $in{'group_def'} || &in_group(\@uinfo, \@ginfo) ||
&error($text{'upload_egcannot'});
}
else {
# User is fixed
if (&supports_users()) {
@uinfo = getpwnam($remote_user);
}
}
for($i=0; defined($d = $in{"upload$i"}); $i++) {
$f = $in{"upload${i}_filename"};
$found++ if ($d && $f);
}
$found || &error($text{'upload_enone'});
&can_write_file($in{'dir'}) ||
&error(&text('upload_eaccess', "$in{'dir'}", $!));
# Switch to the upload user
&switch_uid_to($uinfo[2], scalar(@ginfo) ? $ginfo[2] : $uinfo[3]);
# Create the directory if needed
if (!-d $in{'dir'} && $in{'mkdir'}) {
mkdir($in{'dir'}, 0755) || &error(&text('upload_emkdir', $!));
}
&ui_print_header(undef, $text{'upload_title'}, "");
# Save the actual files, showing progress
$msg = undef;
for($i=0; defined($d = $in{"upload$i"}); $i++) {
$f = $in{"upload${i}_filename"};
next if (!$f);
if (-d $in{'dir'}) {
$f =~ /([^\\\/]+)$/;
$path = "$in{'dir'}/$1";
}
else {
$path = $in{'dir'};
}
print &text('upload_saving', "$path"),"
\n";
if (!&open_tempfile(FILE, ">$path", 1)) {
&error(&text('upload_eopen', "$path", $!));
}
&print_tempfile(FILE, $d);
&close_tempfile(FILE);
push(@uploads, $path);
@st = stat($path);
print &text('upload_saved', &nice_size($st[7])),"
\n";
$estatus = undef;
if ($in{'zip'}) {
print &text('upload_unzipping', "$path"),"
\n";
local ($err, $out);
$path =~ /^(\S*\/)/;
local $dir = $1;
local $qdir = quotemeta($dir);
local $qpath = quotemeta($path);
local @files;
&switch_uid_back();
if ($path =~ /\.zip$/i) {
# ZIP file
if (!&has_command("unzip")) {
$err = &text('upload_ecmd', "unzip");
}
else {
open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && unzip -o $qpath)")." 2>&1 ) {
$out .= $_;
if (/^\s*[a-z]+:\s+(.*)/) {
push(@files, $1);
}
}
close(OUT);
$err = $out if ($?);
}
$fmt = "zip";
}
elsif ($path =~ /\.tar$/i) {
# Un-compressed tar file
if (!&has_command("tar")) {
$err = &text('upload_ecmd', "tar");
}
else {
open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && tar xvf $qpath)")." 2>&1 ) {
$out .= $_;
if (/^(.*)/) {
push(@files, $1);
}
}
close(OUT);
$err = $out if ($?);
}
$fmt = "tar";
}
elsif ($path =~ /\.(lha|lhz)$/i) {
# LHAarc file
if (!&has_command("lha")) {
$err = &text('upload_ecmd', "lha");
}
else {
open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && lha xf $qpath)")." 2>&1 ) {
$out .= $_;
if (/(\S[^\t]*\S)\s+\-\s+/) {
push(@files, "/".$1);
}
}
close(OUT);
$err = $out if ($?);
}
$fmt = "lha";
}
elsif ($path =~ /\.(tar\.gz|tgz|tar\.bz|tbz|tar\.bz2|tbz2)$/i) {
# Compressed tar file
local $zipper = $path =~ /bz(2?)$/i ? "bunzip2"
: "gunzip";
if (!&has_command("tar")) {
$err = &text('upload_ecmd', "tar");
}
elsif (!&has_command($zipper)) {
$err = &text('upload_ecmd', $zipper);
}
else {
open(OUT, &webmin_command_as_user($uinfo[0], 0, "(cd $qdir && $zipper -c $qpath | tar xvf -)")." 2>&1 ) {
$out .= $_;
if (/^(.*)/) {
push(@files, $1);
}
}
close(OUT);
$err = $out if ($?);
}
$fmt = $zipper eq "gunzip" ? "tgz" : "tbz2";
}
else {
# Doesn't look possible
$err = $text{'upload_notcomp'};
}
&switch_uid_to($uinfo[2], scalar(@ginfo) ? $ginfo[2] : $uinfo[3]);
if (!$err) {
local $j = join("
",
map { " $_" } @files);
if ($in{'zip'} == 2) {
unlink($path);
$ext{$path} = $text{'upload_deleted'}."
".$j;
}
else {
$ext{$path} = $text{'upload_extracted'}."
".$j;
}
}
else {
$ext{$path} = &text('email_eextract', $err);
}
$estatus = $err ? &text('email_extfailed', $err)
: &text('email_extdone_'.$fmt);
print &text('upload_unzipdone', $estatus),"
\n"; } # Add to email message $msg .= &text('email_upfile', $f)."\n"; $msg .= &text('email_uppath', $path)."\n"; $msg .= &text('email_upsize', &nice_size($st[7]))."\n"; if ($estatus) { $msg .= &text('email_upextract', $estatus)."\n"; } $msg .= "\n"; } # Switch back to root &switch_uid_back(); # Save the settings if ($module_info{'usermin'}) { &lock_file("$user_module_config_directory/config"); $userconfig{'dir'} = $in{'dir'}; &write_file("$user_module_config_directory/config", \%userconfig); &unlock_file("$user_module_config_directory/config"); } else { &lock_file("$module_config_directory/config"); $config{'dir_'.$remote_user} = $in{'dir'}; $config{'user_'.$remote_user} = $in{'user'}; $config{'group_'.$remote_user} = $in{'group_def'} ? undef : $in{'group'}; &write_file("$module_config_directory/config", \%config); &unlock_file("$module_config_directory/config"); } # Send email if ($email && $msg) { $msg = $text{'email_upmsg'}."\n\n".$msg; &send_email_notification($email, $text{'email_subjectu'}, $msg); } &webmin_log("upload", undef, undef, { 'uploads' => \@uploads }); &ui_print_footer("index.cgi?mode=upload", $text{'index_return'});