#!/usr/bin/perl # WIN2K Version 6.7.2 BEGIN { ($0 =~ m!(.*)(\\|/)[^/\\]+!) && unshift(@INC, $1, "$1$2Modules"); $| = 1; }; END { $filehandle && ref($filehandle) && $filehandle->cleanup(); }; use lib("./Modules", "."); use strict; use Fcntl ':flock'; use CGI qw(:cgi); use CGI::Carp qw(fatalsToBrowser set_message); BEGIN { do "Digest/MD5.pm"; if (!$Digest::MD5::VERSION) { require Digest::Perl::MD5; import Digest::Perl::MD5 'md5_hex'; } else { import Digest::MD5 'md5_hex'; } }; use constant SEVENSEVENSEVEN => 0777; use constant SIXSIXSIX => 0666; use vars qw( $filehandle $forum_threads $alpha_threads %forum_thread_data @alltheforums @allthecategories @memberslist_array %ProfileNumber %in %GotTime $vars_groups %vars_version_information %vars_style_reference %vars_wordlets_criterr %forum_recentmeta %forum_topics %todays_active_topics %vars_ci %vars_config $vars_graemlins %vars_misc %vars_mods %vars_cats %vars_registration %vars_forums %vars_styles %vars_display %vars_style %vars_email %vars_time %vars_search %vars_pm %vars_pntf %vars_poll %vars_wordlets %vars_wordlets_err %vars_wordlets_email %vars_wordlets_pntf %vars_wordlets_img %vars_wordlets_date %vars_wordlets_poll %template_html %template_match $user_permissions $username $password $last_login_dt $session_login_dt $last_login_j $session_login_j $days_prune $pubname $user_topic_view $user_number @ubber @login @session $Header_Popup $Footer_Popup $TBB_Popup $TBT_Popup $ThisHTML $HeaderClean $FooterClean $CurrentTab $Hiddens $direct_to $Legend $LoginWording $MainButtonsLine $ContactLine $TBT $TBB $Header $Footer $EmailHeader $show_logout $show_logout_noreg $instant_jscript $title_wording $poll $PNTF $pntf_cookie_data $ULTIMATEBB $CONTROLPANEL $trademark $trade $InfopopCopyright $version $version_number $masterCharset $release_j $exact_path @memberslist $memlistopen $summary %member_profile %FILE_CACHE %GENERIC_GLOBALS $frontend $backend %ULTIMATEBB @benches %vars_wordlets_mods @refer @e %args @user_profile $Filename $real_forum $f ); eval { require "vars_config.cgi"; }; foreach my $f (qw(misc wordlets)) { eval { require "$vars_config{VariablesPath}/vars_$f.cgi"; }; die $@ if $@; } # end foreach require "$vars_config{CGIPath}/ubb_lib.cgi"; &RequireCode("$vars_config{CGIPath}/ubb_lib_filehandler.cgi"); &RequireCode("$vars_config{CGIPath}/ubb_lib_files.cgi"); &RequireCode("$vars_config{CGIPath}/ubb_lib_filehandle.cgi"); $filehandle = new UBB::FileHandler(\%vars_config); %vars_style = &LoadStyleTemplate("summary_page"); &LoadTemplate("public_common"); %in = map{ my @z = param($_); ( scalar(@z) > 1 ? ( $_ => join(",", @z) ) : ( $_ => $z[0] ) ) } param(); # retrieve cookies! @ubber = cookie("ubber$vars_config{Cookie_Number}"); if ($ubber[0] ne '') { $username = $ubber[0]; } if ($ubber[1] ne '') { $password = $ubber[1]; } if ($ubber[4] ne '') { $user_number = &Do8Digit($ubber[4]); } # Do we need to login? if ((!$user_number || !$username || !$password) && $vars_misc{'upload_unreg'} ne 'yes') { &StandardHTMLPopup($vars_wordlets{'upload-_-need_to_login'}); } # end if # Profile is already loaded in cache @user_profile = &OpenProfile2($user_number); my $status = ($user_profile[8] eq 'Administrator' ? 'administrators' : $user_profile[8] eq 'Moderator' ? 'moderators' : $user_profile[8] eq 'Member' ? 'senior_members' : $user_profile[8] eq 'Junior Member' ? 'junior_members' : !$user_number && $vars_misc{'upload_unreg'} eq 'yes' ? 'unreg' : undef); &StandardHTMLPopup($vars_wordlets{'upload-_-bad_status'}) if $status eq undef; # Default Variables $vars_misc{'upload'} ||= 'yes'; # if is installed, want on by default $vars_misc{'upload_unreg'} ||= 'no'; $vars_misc{"upload_$status"} ||= 1; $vars_misc{"upload_avatar_$status"} ||= undef; # *shrugs* $vars_misc{"upload_limit_$status"} ||= 15000; # 15k sounds good, i guess $vars_misc{"upload_filelimit_$status"} ||= 5; # Check if upload is enabled first of all &StandardHTMLPopup($vars_wordlets{'upload-_-full_deny'}) if ($vars_misc{'upload'} ne 'yes' || ($vars_misc{"upload_$status"} eq undef && $user_profile[70] ne 'no') || $user_profile[70] eq 'no'); # Verify Referer $real_forum = undef; my $quotecgi = quotemeta($vars_config{CGIURL}); my $quotenon = quotemeta($vars_config{NonCGIURL}); # forum referal check my $refer = 0; if($refer eq 1) { if($ENV{'HTTP_REFERER'} && ($in{ubb} ne 'do_upload' && $in{ubb} ne 'do_manage')) { # Standard ultimatebb check if($ENV{'HTTP_REFERER'} =~ m/^(.+?)\?(ubb.+?)$/ && ($1 eq "$vars_config{CGIURL}/ultimatebb.cgi" || $1 eq "$vars_config{NonCGIURL}/ultimatebb.php")) { map { @e = split(/\=/, $_); $args{$e[0]} = $e[1] if $e[1] ne '' } split(/\;/, $2); # Grab if from good source $real_forum = $args{f} if($args{ubb} eq 'newtopic' || 'get_topic' || 'reply' || 'edit_post' || 'topic'); $real_forum = 'avatar' if $args{ubb} eq 'avatar_select' && $vars_misc{"upload_avatar_$status"} eq 1; # Check for spidered links } elsif($ENV{'HTTP_REFERER'} =~ m/^(($quotecgi|$quotenon)\/ultimatebb\.(php|cgi))(\?)?\/(.+?)$/ && ($1 eq "$vars_config{CGIURL}/ultimatebb.cgi" || $1 eq "$vars_config{NonCGIURL}/ultimatebb.php")) { $5 =~ m/(get\_)?topic\/(\/forum\/)?(\d+)/; $real_forum = $3 if $3; # Wonder if anyone still uses that one spider hack... } elsif($ENV{'HTTP_REFERER'} =~ m/^(https?\:\/\/[^\/]+).*?\/boards\/.+?\-f\-(\d+)\-.+?$/i) { # damn, well try to decipher it... # untested... :( my $gooddomain = quotemeta($1); if($vars_config{CGIURL} =~ m/^$gooddomain/i) { $real_forum = $2; } # end if # Redirected from upload? } elsif($ENV{'HTTP_REFERER'} =~ m/^$quotecgi\/ubb\_upload\.cgi/) { #if($in{f}) { $real_forum = $in{f}; #} else { # $real_forum = $2; #} # end if # Never heard of ya } else { &StandardHTMLPopup($vars_wordlets{'upload-_-invalid_ref'}); } # end if # On submit, and from an alien site? } elsif ($ENV{'HTTP_REFERER'} && ($in{ubb} eq 'do_upload' || $in{ubb} eq 'do_manage')) { &PostHackDetails("Tried to access upload from a different site.") if $ENV{'HTTP_REFERER'} !~ m/^($quotecgi|$quotenon).*?([^\=]*)$/; $real_forum = $2; # No Referer? } else { &StandardHTMLPopup($vars_wordlets{'upload-_-no_ref'}); } # end if # no forum detected? uh-oh &StandardHTMLPopup($vars_wordlets{'upload-_-invalid_ref'}) if $real_forum eq undef; } # end if # If we're this far, do some forum checks &GetForumRecord($real_forum) if $real_forum; &StandardHTMLPopup($vars_wordlets{'upload-_-forum_deny'}) if $real_forum ne 'avatar' && (($vars_forums{$real_forum}->[23] eq 'allreg' && $user_number eq undef) ? 0 : ($vars_forums{$real_forum}->[23] eq 'restrict' && $user_profile[8] !~ m/^(Administrator|(Mega)?Moderator)$/) ? 0 : $vars_forums{$real_forum}->[23] eq 'none' ? 0 : $vars_forums{$real_forum}->[23] eq 'all' ? 1 : 1) eq 0; # we're uploading an avatar, eh? &StandardHTML($vars_wordlets{'upload-_-full_deny'}) if $real_forum eq 'avatar' && $vars_misc{"upload_avatar_$status"} eq undef; # Check to see if directories exist, make them !if chop $vars_misc{'upload_dir'} if ($vars_misc{'upload_dir'} =~ /\/$/); chop $vars_misc{'upload_url'} if ($vars_misc{'upload_url'} =~ /\/$/); unless (&DirExists($vars_misc{upload_dir})) { mkdir($vars_misc{'upload_dir'}, SEVENSEVENSEVEN) or die $!; chmod(SEVENSEVENSEVEN, $vars_misc{'upload_dir'}); } # end if my $error = &DirectoryError($vars_misc{'upload_dir'}); &StandardHTMLPopup($error) if $error; $user_number ||= 'unreg' if !$user_number; unless (&DirExists($vars_misc{upload_dir} . "/$user_number")) { mkdir($vars_misc{'upload_dir'} . "/$user_number", SEVENSEVENSEVEN) or die $!; chmod(SEVENSEVENSEVEN, $vars_misc{'upload_dir'} . "/$user_number"); } # end if my $error = &DirectoryError($vars_misc{'upload_dir'} . "/$user_number") if $user_number; &StandardHTMLPopup($error) if $error; # Do Upload if($in{ubb} eq 'do_upload') { # Determine filename $in{FILE} =~ /([^\/\\]+)$/; $Filename = $1; my $extension = (split(/\./, $Filename))[-1]; # custom avatar? $Filename = "$user_number.$extension" if($real_forum eq 'avatar'); my @allowed = split(/ /, ($real_forum ne 'avatar' ? $vars_misc{'upload_extreg'} : $vars_misc{'upload_extavt'})); &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-invalid_ext'}, {EXT=>$extension,FILE=>join(", ", @allowed)})) if(!grep m/^$extension$/i, map { &strip_lead_trail_whitespace(lc($_)); } @allowed); my $fullpath = "$vars_misc{upload_dir}/".$user_number."/$Filename"; open (FILE, ">$fullpath") || &StandardHTMLPopup("Unable to open $fullpath file for writing."); binmode FILE || &StandardHTML("Unable to open $fullpath for binary mode writing."); my $FileSize = 0; flock(FILE,LOCK_EX); while (my $bytesread = read($in{FILE}, my $buffer, 1024)) { $FileSize += $bytesread; if ($FileSize > $vars_misc{"upload_limit_$status"}) { flock(FILE,LOCK_UN); close (FILE); unlink($fullpath); &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-filesize_over'}, { GOOD => $vars_misc{"upload_limit_$status"}, BAD => $FileSize })); exit(0); } # end if print FILE $buffer; } flock(FILE,LOCK_UN); close (FILE); chmod(0777, "$fullpath"); if($real_forum ne 'avatar') { &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-up_success'}, { LINK=> qq~$vars_misc{'upload_url'}/$user_number/$Filename~, BACK => qq~$vars_config{CGIURL}/ubb_upload.cgi?ubb=upload;f=$real_forum~, MANAGER => qq~$vars_config{CGIURL}/ubb_upload.cgi?ubb=manager;f=$real_forum~, })); } else { &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-up_avtsuccess'}, { JS => qq~ ~ })); } # end if } elsif($in{ubb} eq 'manager') { &ManagePage; exit(0); } elsif($in{ubb} eq 'do_manage') { foreach my $file (keys %in) { next if !&FileExists("$in{d}/$file"); &Unlink("$in{d}/$file") || &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-cant_delete'}, {FILE=>qq~$in{d}/$file~})); } # end foreach &ManagePage; exit(0); } else { opendir(DIR, "$vars_misc{upload_dir}/".$user_number); my @files = grep m/^(\S+)\.(\S+)$/, readdir(DIR); closedir(DIR); if(scalar @files >= $vars_misc{"upload_filelimit_$status"}) { &StandardHTMLPopup(&Template($vars_wordlets{'upload-_-at_limit'}, {LINK=>qq~$vars_config{CGIURL}/ubb_upload.cgi?ubb=manager;f=$real_forum~})); } # end if &UploadPage(0, $real_forum); exit(0); } # end if exit(0); sub UploadPage { my($title, $f) = @_; $vars_wordlets{'upload-_-form-title'} = &Template($vars_wordlets{'upload-_-form-title'}, {BBTITLE => $vars_config{BBName}}); &set_page_elements; print "Content-type: text/html\n\n"; print<
$TBT_Popup $vars_wordlets{'upload-_-form-title'} $TBB_Popup
$vars_wordlets{'upload-_-form-link'} | $vars_wordlets{'upload-_-form-manager'} $vars_wordlets{close_window}
$Footer_Popup EOF } # UploadPage sub ManagePage { $vars_wordlets{'upload-_-manager-title'} = &Template($vars_wordlets{'upload-_-manager-title'}, {BBTITLE => $vars_config{BBName}}); # ok, gizmo. Here's your ADMIN manager :p my($url, $dir); if(!$in{u} && !$in{d}) { $dir = $vars_misc{'upload_dir'}."/".$user_number; $url = $vars_misc{'upload_url'}."/".$user_number; if($user_profile[8] eq 'Administrator' && $in{p}) { $dir = "$vars_misc{'upload_dir'}/" . ($in{p} eq '..' ? '' : $in{p}); $url = "$vars_misc{'upload_url'}/" . ($in{p} eq '..' ? '' : $in{p}); } # end if chop $url if $url =~ m/\/$/; } else { $dir = $in{d}; $url = $in{u}; } # end if &set_page_elements; print "Content-type: text/html\n\n"; print<
$TBT_Popup $vars_wordlets{'upload-_-manager-title'} $vars_wordlets{'upload-_-manager-delete'} $vars_wordlets{'upload-_-manager-file'} EOF if((my $error = &DirectoryError($dir)) eq undef) { opendir(DIR, $dir); my @files = readdir(DIR); closedir(DIR); if(scalar @files >= 1) { foreach $f (@files) { next if $f eq '.'; if($f =~ m/^[^\.]+$/ && $user_profile[8] eq 'Administrator') { print qq~ $url/$f ~; } elsif($f eq '..' && $user_profile[8] eq 'Administrator' && $in{p} ne '..') { print qq~ $vars_wordlets{'upload-_-back_directory'} ~; } elsif($f ne '..') { print qq~ $url/$f ~; } #end if } # end foreach } else { print qq~ $vars_wordlets{'upload-_-manager-nofiles'} ~; } # end if } else { print qq~ $error ~; } # end if print<
$vars_wordlets{'upload-_-form-link'} | $vars_wordlets{'upload-_-form-manager'} $vars_wordlets{close_window}
$Footer_Popup EOF } # end ManagePage sub DirectoryError { my $dir = shift; my @bdir = split(/\/|\\/, $dir); my $err = &Template($vars_wordlets{'upload-_-bad_directory'}, { DIR => "$bdir[-3]/$bdir[-2]/$bdir[-1]" }); return (!&DirExists($dir) || !-e $dir || !-W $dir ? $err : undef); } # end DirectoryError exit(0);