#!/usr/local/bin/perl

&parse_form;

$platform = 0;
# 0 = Unix / 1 = Windows

$root_dir = "/path/above/web/server/downloads";
# Should be a location above your web server directory and chmod 777
# This is where you will place all files you want users to download

$root_dir_html = "/path/below/web/server/downloads";
# Should be a location right below your web server directory and chmod 777
# This is where the server will create a link of the file that is being downloaded

$logs = "/path/to/download/directory/logs";
$logname = "download.log";
# Location to store download logs

$contact = "support\@webpost.net";
# E-mail address to contact if there is a problem

$download_url = "http://www.yoursite.com/downloads";
# URL relative to $root_dir_html

# DO NOT EDIT BELOW THIS LINE
####################################################


$url = $FORM{'url'};
$email = $FORM{'email'};
$filename = $FORM{'filename'};
$notify = $FORM{'notify'};

if ($filename eq "" or not -e "$root_dir\/$filename")
 {
 print "Content-type: text/html\n\n";
 print "<HTML><BODY>\n";
 print "Sorry, $filename does not exist\n";
 print "</BODY></HTML>\n";
 exit;
 }

if ($email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/ or $email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/ or $url eq "" or $email eq "")
 {
 print "Content-type: text/html\n\n";
 &show_main;
 exit;
 }

&nowinfo;

open(LOG, ">>$logs\/$logname");
print LOG "$date_now - $time_now - $filename - $url - $email - $ENV{'REMOTE_ADDR'} - $notify\n";
close(LOG);

&download_file;
exit;

sub show_main
{
print<<EOF
<HEAD>
<TITLE>Download Director</TITLE>
</HEAD>

<HTML>
<BODY BGCOLOR="#FFFCCC">

<CENTER>
<H2><font face="Arial Bold">Download<sup><i>Director</i></sup></font></H2>

Version 1.0
<p>

<TABLE BORDER=0>
<FORM ACTION=$ENV{'SCRIPT_NAME'} METHOD=POST>
<TR><TD><B>File to download:</B></TD> <TD>$filename</TD></TR>
<TR><TD><B>Your web site URL:</B></TD><TD><INPUT NAME=url value="http://"></TD></TR>
<TR><TD><B>E-mail:</B></TD><TD><INPUT NAME=email></TD></TR>
<TR><TD><B>Notify me of updates:</B></TD><TD><INPUT TYPE=checkbox NAME=notify VALUE="YES" CHECKED></TD></TR>
<TR><TD></TD><TD><INPUT TYPE=SUBMIT VALUE="Download Now"></TD></TR>
</TABLE>
<INPUT TYPE=hidden NAME=filename value="$filename">
</FORM>

<p>
Provided By <a href="http://www.webpost.net">The Web Post Network</a>
</CENTER>
</BODY></HTML>
EOF
}

sub parse_form {

   if ("\U$ENV{'REQUEST_METHOD'}\E" eq 'GET') {
      # Split the name-value pairs
      @pairs = split(/&/, $ENV{'QUERY_STRING'});
   }
   elsif ("\U$ENV{'REQUEST_METHOD'}\E" eq 'POST') {
      # Get the input
      read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
 
      # Split the name-value pairs
      @pairs = split(/&/, $buffer);
   }
   else {
      &error('request_method');
   }

   foreach $pair (@pairs) {
      ($name, $value) = split(/=/, $pair);
 
      $name =~ tr/+/ /;
      $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

      # If they try to include server side includes, erase them, so they
      # arent a security risk if the html gets returned.  Another 
      # security hole plugged up.

      $value =~ s/<!--(.|\n)*-->//g;


      # Remove HTML Tags

      if ($allow_html == 0)
       {
       $value =~ s/<([^>]|\n)*>//g;
       }
    
      # Create two associative arrays here.  One is a configuration array
      # which includes all fields that this form recognizes.  The other
      # is for fields which the form does not recognize and will report 
      # back to the user in the html return page and the e-mail message.
      # Also determine required fields.

      if ($FORM{$name} && ($value)) {
          $FORM{$name} = "$FORM{$name}, $value";
	 }
         elsif ($value ne "") {
            $FORM{$name} = $value;
         }
  }
}


sub error
{
local($msg) = @_;
print "Content-Type: text/html\n\n";
print "<CENTER><H2>$msg</H2></CENTER>\n";
exit;
}

sub download_file
{
srand();
$rand_dir = int(rand(1000000000000000));

mkdir("$root_dir_html\/$rand_dir", 0777);
$symlink_exists = eval { symlink("",""); 1 };

if ($symlink_exists == 1)
 {
 symlink("$root_dir\/$filename","$root_dir_html\/$rand_dir/$filename");
 }
 else
 {
 if ($platform == 0)
  {
  system("cp -ip $root_dir\/$filename $root_dir_html\/$rand_dir/$filename");
  }
  else
  {
  system("copy $root_dir\/$filename $root_dir_html\/$rand_dir/$filename");
  }
 }

if (not -e "$root_dir_html\/$rand_dir/$filename")
 {
 print "Content-type: text/html\n\n";
 print "<HTML><BODY>\n";
 print "Could not create temporary storage location.<br>\n";
 print "Please contact <a href=\"mailto:$contact\">$contact</a>\n";
 print "</BODY></HTML>\n";
 exit;
 }

print "Location: $download_url\/$rand_dir\/$filename\n\n";
}

sub nowinfo
{
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);

   if ($sec < 10) {
   $sec = "0$sec";
   }
   if ($min < 10) {
      $min = "0$min";
   }
   if ($hour < 10) {
      $hour = "0$hour";
   }
   $mon++;
   if ($mon < 10) {
   $month = "0$mon";
   }
   else
   {
   $month = "$mon";
   }

   if ($mday < 10)
   {
   $mday = "0$mday";
   }

$year += 1900;
$date_now = "$month\-$mday\-$year";
$time_now = "$hour\:$min\:$sec";
}