svragv/sakisafe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added filename randomizing code

Browse source
This commit is contained in:
getimiskon 2023-02-13 22:40:21 +02:00
parent 728c983f58
commit ec59ea0613
1 changed files with 15 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
http/sakisafe.pl
View file

@ -9,23 +9,23 @@ use Carp;
use Term::ANSIColor; use Term::ANSIColor;
use English; use English;
use MIME::Types; use MIME::Types;
use File::Basename;
use warnings; use warnings;
use experimental 'signatures'; use experimental 'signatures';
use feature 'say'; use feature 'say';
use Encode qw(decode encode);
plugin 'RenderFile'; plugin 'RenderFile';
my $openbsd = 0; my $openbsd = 0;
$openbsd = 1 if $^O eq "openbsd"; $openbsd = 1 if $^O eq "openbsd";
pledge("stdio cpath rpath wpath inet flock fattr") if $openbsd; pledge("stdio cpath rpath wpath inet flock fattr") if $openbsd;
my $MAX_SIZE = 1024 * 1024 * 100; my $MAX_SIZE = 1024 * 1024 * 100;
my @BANNED = qw(); # Add banned IP addresses here my @BANNED = qw(); # Add banned IP addresses here
my $RANDOMIZE_FILENAME = 0; my $RANDOMIZE_FILENAME = 1; # Enable/Disable filename randomization
my $dirname; my $dirname;
my $filename = "";
my $host; my $host;
mkdir "f"; mkdir "f";
@ -50,8 +50,8 @@ sub handle_file {
if ( List::MoreUtils::any { /$c->tx->remote_address/ } uniq @BANNED ) { if ( List::MoreUtils::any { /$c->tx->remote_address/ } uniq @BANNED ) {
$c->render( $c->render(
text => text =>
"Hi! Seems like the server admin added your IP address to the banned IP array." . "Error: Your IP is banned." .
"As the developer of sakisafe, I can't do anything.", "To resolve this issue, contact the server's administrator.",
status => 403 status => 403
); );
return; return;
@ -60,11 +60,16 @@ sub handle_file {
# Generate random string for the directory # Generate random string for the directory
my @chars = ( '0' .. '9', 'a' .. 'Z' ); my @chars = ( '0' .. '9', 'a' .. 'Z' );
$dirname .= $chars[ rand @chars ] for 1 .. 5; $dirname .= $chars[ rand @chars ] for 1 .. 5;
if ( $RANDOMIZE_FILENAME eq 1 ) { my $filename;
$filename = $filedata->filename;
my $enc = encode( "UTF-8", $filename );
$filename = $enc;
if ( $RANDOMIZE_FILENAME = 1 ) {
my $extension = $filename;
$extension =~ s/.*\.//;
$filename = "";
$filename .= $chars[ rand @chars ] for 1 .. 5; $filename .= $chars[ rand @chars ] for 1 .. 5;
# TODO: add extension at the end of the filename, fix the multiplication of the chars every time the code runs $filename = $filename . "." . $extension;
} else {
$filename = $filedata->filename;
} }
carp(color("bold yellow"), "sakisafe warning: could not create directory: $ERRNO", color("reset")) unless carp(color("bold yellow"), "sakisafe warning: could not create directory: $ERRNO", color("reset")) unless
mkdir( "f/" . $dirname ); mkdir( "f/" . $dirname );
@ -141,11 +146,10 @@ __DATA__
<p>Running sakisafe 2.4.0</p> <p>Running sakisafe 2.4.0</p>
<div class="left"> <div class="left">
<h2>Or just upload a file here</h2> <h2>Or just upload a file here</h2>
<form ENCTYPE='multipart/form-data' method='post' action='/upload'> <form ENCTYPE='multipart/form-data' charset='utf-8' method='post' action='/upload'>
<input type='file' name='file' size='30'/> <input type='file' name='file' size='30'/>
<input type='submit' value='upload'/> <input type='submit' value='upload'/>
</form> </form>
</div> </div>
</body> </body>
</html> </html>