#!/usr/local/bin/perl
&parse_form;
$platform = 0;
# 0 = Unix / 1 = Windows
$root_dir = "/path/above/web/server/downloads";
# Should be a location above your web server directory and chmod 777
# This is where you will place all files you want users to download
$root_dir_html = "/path/below/web/server/downloads";
# Should be a location right below your web server directory and chmod 777
# This is where the server will create a link of the file that is being downloaded
$logs = "/path/to/download/directory/logs";
$logname = "download.log";
# Location to store download logs
$contact = "support\@webpost.net";
# E-mail address to contact if there is a problem
$download_url = "http://www.yoursite.com/downloads";
# URL relative to $root_dir_html
# DO NOT EDIT BELOW THIS LINE
####################################################
$url = $FORM{'url'};
$email = $FORM{'email'};
$filename = $FORM{'filename'};
$notify = $FORM{'notify'};
if ($filename eq "" or not -e "$root_dir\/$filename")
{
print "Content-type: text/html\n\n";
print "
\n";
print "Sorry, $filename does not exist\n";
print "\n";
exit;
}
if ($email =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/ or $email !~ /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?)$/ or $url eq "" or $email eq "")
{
print "Content-type: text/html\n\n";
&show_main;
exit;
}
&nowinfo;
open(LOG, ">>$logs\/$logname");
print LOG "$date_now - $time_now - $filename - $url - $email - $ENV{'REMOTE_ADDR'} - $notify\n";
close(LOG);
&download_file;
exit;
sub show_main
{
print<Download Director
EOF
}
sub parse_form {
if ("\U$ENV{'REQUEST_METHOD'}\E" eq 'GET') {
# Split the name-value pairs
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
elsif ("\U$ENV{'REQUEST_METHOD'}\E" eq 'POST') {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
}
else {
&error('request_method');
}
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
# If they try to include server side includes, erase them, so they
# arent a security risk if the html gets returned. Another
# security hole plugged up.
$value =~ s///g;
# Remove HTML Tags
if ($allow_html == 0)
{
$value =~ s/<([^>]|\n)*>//g;
}
# Create two associative arrays here. One is a configuration array
# which includes all fields that this form recognizes. The other
# is for fields which the form does not recognize and will report
# back to the user in the html return page and the e-mail message.
# Also determine required fields.
if ($FORM{$name} && ($value)) {
$FORM{$name} = "$FORM{$name}, $value";
}
elsif ($value ne "") {
$FORM{$name} = $value;
}
}
}
sub error
{
local($msg) = @_;
print "Content-Type: text/html\n\n";
print "