LIFE: Referer Error<\/TITLE><SCRIPT LANGUAGE = \"Javascript\">alert(\"Referer Error.\\nThis script can only be executed from the appropriate server.\\nReferer: $ENV{'HTTP_REFERER'}\")\;history.back()\ ;<\/SCRIPT>\n<\/HEAD><\/HTML>"; exit; } $buffer = shift; if (!$buffer) { die "No Parameters Specified.\n"; } ($config,$dl) = split(/,/,$buffer); if(!$config) { die "No Config File Specified.\n"; } if (!$dl) { die "No Filename Specified.\n"; } if ($config !~ m{^/}) { $config = "/home/roden/public_html/atesk/etc/$config"; } $dldir = ""; $logfile = ""; open(MIF, "<$config") or die "Can't open $config - $!\n"; while (<MIF>) { chomp; if ($_ =~ m{^dldir=(.*)}) { $dldir = $1; } elsif ($_ =~ m{^logfile=(.*)}) { $logfile = $1; } } if (!$dldir) { die "Invalid parameter dldir $dldir - $!\n"; } chdir($dldir) or die "Can't change to $dldir - $!\n"; $size = -s $dl; # OR $size = (stat $dl)[7]; select STDOUT; $| = 1; $dn = $dl; if ($dl =~ /\.al$/) { $dn =~ s/\.al$/\.mp3/; } print "Content-Type: application\/force-download\nContent-Disposition: attachment\; filename=$dn\nContent-Length: $size\nContent-Description: Larry\'s File Downloader\n\n"; open(FILEIN, $dl) or die "Can't open $dl - $!\n"; binmode FILEIN if (-B $dl); $blksize = (stat FILEIN)[11] or 16384; while ($len = sysread FILEIN, $buf, $blksize) { if (!defined $len) { next if $! =~ /^Interrupted/; #&js_alert("System read error - $!",1,"exit"); die "System read error - $!\n"; } $offset = 0; while ($len) { $written = syswrite STDOUT, $buf, $len, $offset; if (!defined($written)) { #&js_alert("System write error - $!",1,"exit"); die "System write error - $!\n"; } $len -= $written; $offset += $written; } } if ($logfile) { $date = `date`; chomp($date); $user = "User: $ENV{'REMOTE_USER'}"; $host_ip = "Host: $ENV{REMOTE_HOST}, IP_Addr: $ENV{REMOTE_ADDR}"; $log_entry = "$date - $dl was downloaded by:\n$host_ip\n\n"; open LOG, "+>>$logfile" or die "Can't open $logfile - $!\n"; print LOG $log_entry; close LOG; } #----------------------------------------------------------------------------- sub check_referer { my(@referers) = @_; if ($ENV{'HTTP_REFERER'}) { foreach my $ref (@referers) { if ($ENV{'HTTP_REFERER'} =~ m{^(\w+://)?$ref}i) { return 1; } } } else { return 1; } return 0; } #----------------------------------------------------------------------------- sub js_alert { my($str,$pages_back,$exit) = @_; my($html_hdr) = "Content-type: text/html\n\n<HTML>\n"; my($html_body) = "<BODY BGCOLOR=#FF0000 TEXT=#FFFFFF>"; my($html_ftr) = "\n</BODY></HTML>"; my($js_hdr) = "<SCRIPT LANGUAGE=Javascript>\n"; my($js_body) = ""; my($js_ftr) = "\n</SCRIPT>"; if ($str) { $js_body = "alert(\"$str\")\;"; } else { $js_body = "alert(\"No Message Supplied\")\;"; } my($out) = ""; if ($pages_back =~ m{^\d+$} and $pages_back > 0) { $pages_back = $pages_back * -1; $js_body .= "history.go($pages_back)\;"; $out = $html_hdr.$html_body.$js_hdr.$js_body.$js_ftr.$html_ftr; } else { $out = $js_hdr.$js_body.$js_ftr; } select (STDOUT); $| = 1; print $out; $| = 0; exit 1 if ($exit =~ /^exit$/i); } #-------------------------------------------------------------------------------

#!/usr/local/bin/perl use CGI::Carp qw(fatalsToBrowser); #Author: Larry Benton #download a file to a client browser (ignoring plugins and helper apps) #5 Mar 2006 added akronchorus.org @referers = ('www.atesk.org','atesk.org','www.atesk.com','atesk.com','www.atesk.net','atesk.net','atesk.davidroden.com'); if (!&check_referer(@referers)) { select STDOUT; $| = 1; print "Content-type: text\/html\n\nLIFE: Referer Error<\/TITLE><SCRIPT LANGUAGE = \"Javascript\">alert(\"Referer Error.\\nThis script can only be executed from the appropriate server.\\nReferer: $ENV{'HTTP_REFERER'}\")\;history.back()\ ;<\/SCRIPT>\n<\/HEAD><\/HTML>"; exit; } $buffer = shift; if (!$buffer) { die "No Parameters Specified.\n"; } ($config,$dl) = split(/,/,$buffer); if(!$config) { die "No Config File Specified.\n"; } if (!$dl) { die "No Filename Specified.\n"; } if ($config !~ m{^/}) { $config = "/home/roden/public_html/atesk/etc/$config"; } $dldir = ""; $logfile = ""; open(MIF, "<$config") or die "Can't open $config - $!\n"; while (<MIF>) { chomp; if ($_ =~ m{^dldir=(.*)}) { $dldir = $1; } elsif ($_ =~ m{^logfile=(.*)}) { $logfile = $1; } } if (!$dldir) { die "Invalid parameter dldir $dldir - $!\n"; } chdir($dldir) or die "Can't change to $dldir - $!\n"; $size = -s $dl; # OR $size = (stat $dl)[7]; select STDOUT; $| = 1; $dn = $dl; if ($dl =~ /\.al$/) { $dn =~ s/\.al$/\.mp3/; } print "Content-Type: application\/force-download\nContent-Disposition: attachment\; filename=$dn\nContent-Length: $size\nContent-Description: Larry\'s File Downloader\n\n"; open(FILEIN, $dl) or die "Can't open $dl - $!\n"; binmode FILEIN if (-B $dl); $blksize = (stat FILEIN)[11] or 16384; while ($len = sysread FILEIN, $buf, $blksize) { if (!defined $len) { next if $! =~ /^Interrupted/; #&js_alert("System read error - $!",1,"exit"); die "System read error - $!\n"; } $offset = 0; while ($len) { $written = syswrite STDOUT, $buf, $len, $offset; if (!defined($written)) { #&js_alert("System write error - $!",1,"exit"); die "System write error - $!\n"; } $len -= $written; $offset += $written; } } if ($logfile) { $date = `date`; chomp($date); $user = "User: $ENV{'REMOTE_USER'}"; $host_ip = "Host: $ENV{REMOTE_HOST}, IP_Addr: $ENV{REMOTE_ADDR}"; $log_entry = "$date - $dl was downloaded by:\n$host_ip\n\n"; open LOG, "+>>$logfile" or die "Can't open $logfile - $!\n"; print LOG $log_entry; close LOG; } #----------------------------------------------------------------------------- sub check_referer { my(@referers) = @_; if ($ENV{'HTTP_REFERER'}) { foreach my $ref (@referers) { if ($ENV{'HTTP_REFERER'} =~ m{^(\w+://)?$ref}i) { return 1; } } } else { return 1; } return 0; } #----------------------------------------------------------------------------- sub js_alert { my($str,$pages_back,$exit) = @_; my($html_hdr) = "Content-type: text/html\n\n<HTML>\n"; my($html_body) = "<BODY BGCOLOR=#FF0000 TEXT=#FFFFFF>"; my($html_ftr) = "\n</BODY></HTML>"; my($js_hdr) = "<SCRIPT LANGUAGE=Javascript>\n"; my($js_body) = ""; my($js_ftr) = "\n</SCRIPT>"; if ($str) { $js_body = "alert(\"$str\")\;"; } else { $js_body = "alert(\"No Message Supplied\")\;"; } my($out) = ""; if ($pages_back =~ m{^\d+$} and $pages_back > 0) { $pages_back = $pages_back * -1; $js_body .= "history.go($pages_back)\;"; $out = $html_hdr.$html_body.$js_hdr.$js_body.$js_ftr.$html_ftr; } else { $out = $js_hdr.$js_body.$js_ftr; } select (STDOUT); $| = 1; print $out; $| = 0; exit 1 if ($exit =~ /^exit$/i); } #-------------------------------------------------------------------------------