#!/usr/bin/perl
print "Content-type: text/html\n\n";
#SET MAXIMUM FILE SIZE
#################################################
$maxfilesize = 30508; # 30.2kb
#CHECK FILE SIZE
#################################################
$len = $ENV{'CONTENT_LENGTH'};
if ($len > $maxfilesize) {
print "file is bigger than 30.2kb, sorry\n";
exit;
}
#SET PATH VARIABLES
################################################
$| = 1;
$upath = "/absolute/path/to/upload/dir/";
$uindex = "/absolute/path/to/upload/dir/upload.index";
$tempfile = $upath . $ENV{'REMOTE_ADDR'};
#READ IN BUFFER AND WRITE TO TEMP FILE
################################################
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
open (x,">$tempfile");
print x $buffer;
close (x);
#OPEN TEMP FILE AND PROCESS IT
################################################
open (temp,$tempfile);
#PULL OUT MIME/MULTIPART
################################################
$_ = ;
($vernum) = /(\d+)/;
# Next line of the file contains the filename in the format:
# filename="C:\windows\win.ini"
# KEEP ONLY PART WITHIN QUOTES
################################################
$_ = ;
$filetemp = $1 if (/filename=\"(.*)\"/);
#REMOVE FULL PATH NAME
################################################
@pathz = (split(/\\/,$filetemp));
$filetempb = $pathz[$#pathz];
@pathza = (split('/',$filetempb));
$filename = $pathza[$#pathza];
#IF FILENAME IS BLANK, SHOW ERROR MESSAGE
###############################################
if ($filename eq "") {
print "Oops, the you did not give a valid file name\n\n";
close(temp);
`rm $tempfile`;
}
#CREATE FILE IN UPLOAD DIR
###############################################
open (outfile, ">$upath$filename");
# Now we don't care about the Content-type of this, so
we'll pass that up
$junk = ;
$junk = ;
#READ/WRITE ALL APART FROM MIME/MULTIPART BIT
##############################################
while () {
if (!(/-{28,29}$vernum/)) {
print outfile $_;
}
}
#ALL DONE, CLOSE AND PRINT SUCCESS MSG
##############################################
close (temp);
close (outfile);
`rm $tempfile`;
print "Your file $filename has been successfully
transferred to this site.
\n";
exit;