Jemand zu Hause?![[twitter]](/battie/theme/default/icons/twitter.gif){kind=icon}
Leser: 1
 |
|< 1 2 >| |  |
20 Einträge, 2 Seiten |
![[default_avatar]](/battie/theme/default/default_avatar.gif){kind=avatar}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
use CGI qw/:standard/; my $UploadDir = $TEMP_DIR; $CGI::POST_MAX=1024 * $MaxSize; my ($filename) = param('attachment') || "undefined"; my $serverFile = $UploadDir . "/" . (split(/[\\\/]/, param('attachment')))[-1]; # Datei umbenennen mit Zufallszahl $RandomID = sprintf("%d%d",time,rand(999999)); $serverFile =~ s-(.*?)\.(.*?)-$RandomID.Ū-g; my $tempfile = "$UploadDir/$serverFile"; # Testen ob die Extension erlaubt ist. $Extensions = '.gif .GIF .jpg .JPG .pdf .PDF .png .PNG .zip .ZIP'; # In der folgenden Zeile steckt wohl der Fehler... if (grep($serverFile,$Extensions,(split/\./,$_))) {&program_error("The extension of the file is not valid.");} if (-e $tempfile) {&program_error("File is already existing. $!");} else { my $buffer; open (FILE,">$tempfile"); #binmode(FILE); # Windows OS hack #binmode $filename; # Windows OS hack while (my $bytesread=read($filename,$buffer,1024)) {print FILE $buffer;} close (FILE); } chmod (0744, "$tempfile"); # Nur zum Test print "Content-type:text/html "; print "Upload succeed. "; exit;
Schrift
Blog
Einstellungen![[feed]](/battie/theme/default/icons/feed.png){kind=icon}
if (grep($serverFile,$Extensions,(split/\./,$_))) {&program_error("The extension of the file is not valid.");}if($serverFile !~ /^[a-z\.\-_]+?\.([a-z]{3})$/) {&bla;}
![[Homepage]](/battie/theme/default/homepage.gif)
if (grep($serverFile,$Extensions,(split/\./,$_)))
1
2
3
4
5
# Testen ob die Extension erlaubt ist.
my @Extensions = ('gif', 'jpg', 'pdf', 'png', 'zip');
my $ext = (split /\./, $serverFile)[1];
program_error("The extension of the file is not valid.") unless grep /$ext/i, @Extensions;
|
|< 1 2 >| | |
20 Einträge, 2 Seiten |
![[Powered by Battie]](/battie/img/powered.png)
