From dcea6b2a247341312b0ca7191781cc9c0f887300 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Palomares=20Pizarro?= Date: Sun, 12 Feb 2023 13:29:44 +0100 Subject: [PATCH] Bug fix --- http/sakisafe.pl | 108 ++++++++++++++++++++++++----------------------- 1 file changed, 55 insertions(+), 53 deletions(-) diff --git a/http/sakisafe.pl b/http/sakisafe.pl index af736c3..1ae1e6b 100755 --- a/http/sakisafe.pl +++ b/http/sakisafe.pl @@ -4,12 +4,14 @@ use if $^O eq "openbsd", OpenBSD::Pledge, qw(pledge); use Mojolicious::Lite -signatures; use Mojolicious::Routes::Pattern; -use List::MoreUtils qw(any uniq); +use List::MoreUtils qw(uniq); use Carp; use Term::ANSIColor; use English; use MIME::Types; +use warnings; use experimental 'signatures'; +use feature 'say'; plugin 'RenderFile'; @@ -17,14 +19,15 @@ plugin 'RenderFile'; my $openbsd = 0; $openbsd = 1 if $^O eq "openbsd"; pledge("stdio cpath rpath wpath inet flock fattr") if $openbsd; -use strict; my $MAX_SIZE = 1024 * 1024 * 100; -my @BANNED = qw(); # Add banned IP addresses here +my @BANNED = qw(); # Add banned IP addresses here my $dirname; my $host; +mkdir "f"; + # Function to handle file uploads sub logger ( $level, $address, $message ) { @@ -38,17 +41,17 @@ sub handle_file { my $filedata = $c->param("file"); if ( $filedata->size > $MAX_SIZE ) { return $c->render( - text => "Max upload size: $MAX_SIZE", - status => 400 - ); + text => "Max upload size: $MAX_SIZE", + status => 400 + ); } - if ( any { /$c->tx->remote_address/ } uniq @BANNED ) { + if ( List::MoreUtils::any { /$c->tx->remote_address/ } uniq @BANNED ) { $c->render( - text => - "Hi! Seems like the server admin added your IP address to the banned IP array." . - "As the developer of sakisafe, I can't do anything.", - status => 403 - ); + text => + "Hi! Seems like the server admin added your IP address to the banned IP array." . + "As the developer of sakisafe, I can't do anything.", + status => 403 + ); return; } @@ -63,11 +66,11 @@ sub handle_file { $filedata->move_to( "f/" . $dirname . "/" . $filename ); my $host = $c->req->url->to_abs->host; $c->res->headers->header( - 'Location' => "http://$host/$dirname/" . $filename ); + 'Location' => "http://$host/$dirname/" . $filename ); $c->render( - text => "http://$host/f/$dirname/" . $filename, - status => 201, - ); + text => "http://$host/f/$dirname/" . $filename, + status => 201, + ); logger( "INFO", $c->tx->remote_address, $dirname . "/" . $filename ); $dirname = ""; @@ -80,17 +83,16 @@ post '/' => sub ($c) { handle_file($c) }; # Allow files to be downloaded. -get '/f/:dir/:name' => sub ($c) { - my $captures = $c->req->url; - $captures =~ s/^.//; - my $filerender = Mojolicious::Plugin::RenderFile->new; - my $ext = $captures; +get '/f/:dir/#name' => sub ($c) { + my $dir = $c->param("dir"); + my $file = $c->param("name"); + print $dir, $file . "\n"; + my $ext = $file; $ext =~ s/.*\.//; - carp(color("bold yellow"), "sakisafe warning: could not get file: $ERRNO", color("reset")) unless - $c->render_file( filepath => $captures, - format => $ext, - content_disposition => 'inline' - ); + $c->render_file( filepath => "f/".$dir . "/" . $file, + format => 'jpg', + content_disposition => 'inline' + ); }; app->max_request_size( 1024 * 1024 * 100 ); @@ -107,30 +109,30 @@ app->start; __DATA__ @@ index.html.ep - - - - sakisafe - - - - -
-

sakisafe

-

shitless file upload, pastebin and url shorter

- -

USAGE

-

POST a file:

- curl -F 'file=@yourfile.png' https://<%= $c->req->url->to_abs->host; %> -

Post your text directly

- curl -F 'file=@-' https://<%= $c->req->url->to_abs->host; %> -
-
-

Or just upload a file here

-
- - -
-
- - + + + + sakisafe + + + + +
+

sakisafe

+

shitless file upload, pastebin and url shorter

+ +

USAGE

+

POST a file:

+ curl -F 'file=@yourfile.png' https://<%= $c->req->url->to_abs->host; %> +

Post your text directly

+ curl -F 'file=@-' https://<%= $c->req->url->to_abs->host; %> +
+
+

Or just upload a file here

+
+ + +
+
+ +