#!/usr/bin/perl -w
use strict;
$|++;
use CGI qw(:all);
use Cache::FileCache;
my $cache = Cache::FileCache->new
({namespace => 'antirobot',
username => 'nobody',
default_expires_in => '10 minutes',
auto_purge_interval => '1 hour',
});
if (length (my $info = path_info())) { # I am the image
my ($session) = $info =~ m{\A/([0-9a-f]+)\.png\z}i
or do {
warn("bad URL $info");
print header(-status => '404 Not Found');
exit 0;
};
defined(my $verify = $cache->get($session))
or do {
warn("Cannot find $session");
print header(-status => '404 Not Found');
exit 0;
};
## make up an image from the verify string
require GD;
my $font = GD::gdGiantFont();
my $image = GD::Image->new(2 + $font->width * length $verify,
2 + $font->height);
my $background = $image->colorAllocate(0,0,0);
## $image->transparent($background);
my $ink = $image->colorAllocate(255,255,255);
$image->string($font, 1, 1, $verify, $ink);
print header('image/png'), $image->png;
exit 0;
}
print header,
start_html(-encoding=>'utf-8',-title=>'File download'),
h1("File download");
if (defined(my $verify = param('verify'))) {
Delete('verify');
if (defined (my $session = param('session'))) {
Delete('session');
if (defined (my $validate = $cache->get($session))) {
$cache->remove($session); # one chance is all you get
if ($validate eq $verify) { # success!
## would save param('flavor') here
print h2("You're human!"),
p("Please use this temporary link to download Filename."),
p("MD5: (filename-0.6.iso) = 08f4fb31b1a33e126d1a1aa9315cb207"), end_html;
exit 0;
}
print p("Sorry, please reenter the security string exactly as shown!");
}
}
}
my $verify = do {
my @charset = grep !/[10joli]/i, 0..9, 'a'..'z', 'A'..'Z';
join "", map { $charset[rand @charset] } 1..8;
};
my $session = do {
require MD5;
MD5->hexhash(MD5->hexhash(time.{}.rand().$$));
};
param('session', $session);
$cache->set($session, $verify);
print hr, startform;
print h3("You must first prove that you are human (not a bot)");
print p("Please choose your favorite color:");
print radio_group(-name => "flavor",
-values => [qw(None Other Purple Green Orange)],
-default => "None",
-columns => 1);
print p("then enter this verification string:",
img({src => url()."/$session.png"}).":",
textfield(-name => "verify")." (CasE sEnSitiVe)");
print hidden('session');
print submit(-name=>'continue'), endform, hr;
print end_html;
####
header(-type=>'application/x-bzip2');
##
##
print "Status: 301 Moved Permanently\n";
print "Location: http://host.domain.tld/filename.tbz2\n\n";