svragv/sakisafe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Bug fix

Browse source
This commit is contained in:
(≧◡≦) 2023-02-12 13:29:44 +01:00
parent f52dcbb721
commit dcea6b2a24
No known key found for this signature in database
GPG key ID: B39C0BCEE94A4A89
1 changed files with 55 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

108
http/sakisafe.pl
View file

@ -4,12 +4,14 @@
use if $^O eq "openbsd", OpenBSD::Pledge, qw(pledge); use if $^O eq "openbsd", OpenBSD::Pledge, qw(pledge);
use Mojolicious::Lite -signatures; use Mojolicious::Lite -signatures;
use Mojolicious::Routes::Pattern; use Mojolicious::Routes::Pattern;
use List::MoreUtils qw(any uniq); use List::MoreUtils qw(uniq);
use Carp; use Carp;
use Term::ANSIColor; use Term::ANSIColor;
use English; use English;
use MIME::Types; use MIME::Types;
use warnings;
use experimental 'signatures'; use experimental 'signatures';
use feature 'say';
plugin 'RenderFile'; plugin 'RenderFile';
@ -17,14 +19,15 @@ plugin 'RenderFile';
my $openbsd = 0; my $openbsd = 0;
$openbsd = 1 if $^O eq "openbsd"; $openbsd = 1 if $^O eq "openbsd";
pledge("stdio cpath rpath wpath inet flock fattr") if $openbsd; pledge("stdio cpath rpath wpath inet flock fattr") if $openbsd;
use strict;
my $MAX_SIZE = 1024 * 1024 * 100; my $MAX_SIZE = 1024 * 1024 * 100;
my @BANNED = qw(); # Add banned IP addresses here my @BANNED = qw(); # Add banned IP addresses here
my $dirname; my $dirname;
my $host; my $host;
mkdir "f";
# Function to handle file uploads # Function to handle file uploads
sub logger ( $level, $address, $message ) { sub logger ( $level, $address, $message ) {
@ -38,17 +41,17 @@ sub handle_file {
my $filedata = $c->param("file"); my $filedata = $c->param("file");
if ( $filedata->size > $MAX_SIZE ) { if ( $filedata->size > $MAX_SIZE ) {
return $c->render( return $c->render(
text => "Max upload size: $MAX_SIZE", text => "Max upload size: $MAX_SIZE",
status => 400 status => 400
); );
} }
if ( any { /$c->tx->remote_address/ } uniq @BANNED ) { if ( List::MoreUtils::any { /$c->tx->remote_address/ } uniq @BANNED ) {
$c->render( $c->render(
text => text =>
"Hi! Seems like the server admin added your IP address to the banned IP array." . "Hi! Seems like the server admin added your IP address to the banned IP array." .
"As the developer of sakisafe, I can't do anything.", "As the developer of sakisafe, I can't do anything.",
status => 403 status => 403
); );
return; return;
} }
@ -63,11 +66,11 @@ sub handle_file {
$filedata->move_to( "f/" . $dirname . "/" . $filename ); $filedata->move_to( "f/" . $dirname . "/" . $filename );
my $host = $c->req->url->to_abs->host; my $host = $c->req->url->to_abs->host;
$c->res->headers->header( $c->res->headers->header(
'Location' => "http://$host/$dirname/" . $filename ); 'Location' => "http://$host/$dirname/" . $filename );
$c->render( $c->render(
text => "http://$host/f/$dirname/" . $filename, text => "http://$host/f/$dirname/" . $filename,
status => 201, status => 201,
); );
logger( "INFO", $c->tx->remote_address, $dirname . "/" . $filename ); logger( "INFO", $c->tx->remote_address, $dirname . "/" . $filename );
$dirname = ""; $dirname = "";
@ -80,17 +83,16 @@ post '/' => sub ($c) { handle_file($c) };
# Allow files to be downloaded. # Allow files to be downloaded.
get '/f/:dir/:name' => sub ($c) { get '/f/:dir/#name' => sub ($c) {
my $captures = $c->req->url; my $dir = $c->param("dir");
$captures =~ s/^.//; my $file = $c->param("name");
my $filerender = Mojolicious::Plugin::RenderFile->new; print $dir, $file . "\n";
my $ext = $captures; my $ext = $file;
$ext =~ s/.*\.//; $ext =~ s/.*\.//;
carp(color("bold yellow"), "sakisafe warning: could not get file: $ERRNO", color("reset")) unless $c->render_file( filepath => "f/".$dir . "/" . $file,
$c->render_file( filepath => $captures, format => 'jpg',
format => $ext, content_disposition => 'inline'
content_disposition => 'inline' );
);
}; };
app->max_request_size( 1024 * 1024 * 100 ); app->max_request_size( 1024 * 1024 * 100 );
@ -107,30 +109,30 @@ app->start;
__DATA__ __DATA__
@@ index.html.ep @@ index.html.ep
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<title>sakisafe</title> <title>sakisafe</title>
<link rel="stylesheet" type="text/css" href="index.css"/> <link rel="stylesheet" type="text/css" href="index.css"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
</head> </head>
<body> <body>
<center> <center>
<h1>sakisafe</h1> <h1>sakisafe</h1>
<h2>shitless file upload, pastebin and url shorter</h2> <h2>shitless file upload, pastebin and url shorter</h2>
<img src="saki.png"/> <img src="saki.png"/>
<h2>USAGE</h2> <h2>USAGE</h2>
<p>POST a file:</p> <p>POST a file:</p>
<code>curl -F 'file=@yourfile.png' https://<%= $c->req->url->to_abs->host; %></code> <code>curl -F 'file=@yourfile.png' https://<%= $c->req->url->to_abs->host; %></code>
<p>Post your text directly</p> <p>Post your text directly</p>
<code>curl -F 'file=@-' https://<%= $c->req->url->to_abs->host; %></code> <code>curl -F 'file=@-' https://<%= $c->req->url->to_abs->host; %></code>
</center> </center>
<div class="left"> <div class="left">
<h2>Or just upload a file here</h2> <h2>Or just upload a file here</h2>
<form ENCTYPE='multipart/form-data' method='post' action='/upload'> <form ENCTYPE='multipart/form-data' method='post' action='/upload'>
<input type='file' name='file' size='30'/> <input type='file' name='file' size='30'/>
<input type='submit' value='upload'/> <input type='submit' value='upload'/>
</form> </form>
</div> </div>
</body> </body>
</html> </html>