Filed under:

uu_upload.pl page when uploading with phpmotion




If you're getting this page when uploading with phpmotion

 
#**********************************************************************************************************************************
# ATTENTION: THIS FILE HEADER MUST REMAIN INTACT. DO NOT DELETE OR MODIFY THIS FILE HEADER.
#
# Name: uu_upload.pl
# Link: http://uber-uploader.sourceforge.net/
# Revision: 5.0
# Date: 17/03/2007 6:25PM
# Initial Developer: Peter Schmandra
# Description: Upload files to a temp dir based on Session-id, transfer files to upload dir and output results or redirect.
#
# Credits:
# I would like to thank the following people who helped create
# and improve Uber-Uploader by providing code, ideas, insperation,
# bug fixes and valuable feedback. If you feel you should be included
# in this list, please post a message in the 'Open Discussion'
# forum of the Uber-Uploader project page requesting a contributor credit.
#
# Contributor: Art Bogdanov www.sibsoft.net/xupload.html
# Contributor: Bill www.rebootconcepts.com
# Contributor: Cedric www.fsharp.fr
# Contributor: Detlev Richter
# Contributor: Erik Guilfoyle
# Contributor: Feyyaz Oezdemir
# Contributor: Jeroen Soeters
# Contributor: Kim Steinhaug
# Contributor: Klaus Karcher
# Contributor: Nico Hawley-Weld
# Contributor: Raditha Dissanyake www.raditha.com/megaupload/
# Contributor: Tolriq
# Contributor: Tore B. Krudtaa
#
# Licence:
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
#**********************************************************************************************************************************
my $THIS_VERSION = "5.0"; # Version of this driver 
my $start_time = time(); # Timestamp of the start of the upload

# Makes %ENV safer
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

use strict;
use lib qw(.); # Add current directory to list of valid paths
#use CGI::Carp 'fatalsToBrowser'; # Dump fatal errors to screen
use CGI qw(:cgi); # Load the CGI.pm module
use uu_lib; # Load the uu_lib.pm module

  
###############################################################
# The following possible query string formats are assumed
#
# 1. ?tmp_sid=some_sid_number&config_file=some_config_file_name
# 2 ?tmp_sid=some_sid_number
# 3. ?cmd=about
# 4. ?cmd=debug&config_file=some_config_file_name
# 5. ?cmd=debug
###############################################################
my %query_string = parse_query_string($ENV{'QUERY_STRING'});

# Check for tainted sid
if(exists($query_string{'tmp_sid'})){
  if($query_string{'tmp_sid'} !~ m/(\w{32})/){ &kak("ERROR<\/font>: Invalid session-id
\n", 1, __LINE__); }
  else{ $query_string{'tmp_sid'} = $1; }
}

# Check for tainted config file name
if(exists($query_string{'config_file'})){
  if($query_string{'config_file'} !~ m/(\w{5,32})/){ &kak("ERROR<\/font>: Invalid config file name
\n", 1, __LINE__); }
  else{ $query_string{'config_file'} = $1; }
}

# Check for tainted command
if(exists($query_string{'cmd'})){
  if($query_string{'cmd'} ne 'about' && $query_string{'cmd'} ne 'debug'){ &kak("ERROR<\/font>: Invalid command
\n", 1, __LINE__); }
}

# Make sure cmd or tmp_sid was passed but not both
if(!exists($query_string{'cmd'}) && !exists($query_string{'tmp_sid'})){ &kak("ERROR<\/font>: Invalid parameters
\n", 1, __LINE__); }
if(exists($query_string{'cmd'}) && exists($query_string{'tmp_sid'})){ &kak("ERROR<\/font>: Conflicting parameters
\n", 1, __LINE__); }


#######################################################################################################
# Attempt to load the config file that was passed to the script if multi configs is enabled. If no
# config file name was passed to the script, load the default config file 'uu_default_config.pm'
#######################################################################################################
if(exists($query_string{'config_file'}) && $MULTI_CONFIGS_ENABLED){
  my $config_file = $query_string{'config_file'};
  
  unless(eval "use $config_file"){
  if($@){ &kak("ERROR<\/font>: Failed to load config file $config_file.pm
\n", 1, __LINE__); }
  }
}
elsif(exists($query_string{'config_file'}) && !$MULTI_CONFIGS_ENABLED){
  &kak("ERROR<\/font>: Multi Config files disabled
\n", 1, __LINE__);
}
else{
  unless(eval "use uu_default_config"){
  if($@){ &kak("ERROR<\/font>: Failed to load config file uu_default_config.pm
\n", 1, __LINE__); }
  }
}

# Process 'about' or 'debug' command
if(exists($query_string{'cmd'}) && $query_string{'cmd'} eq 'about'){ &kak("UBER UPLOADER VERSION<\/u>
 UBER UPLOADER VERSION = " . $UBER_VERSION . "<\/b>
 UU_UPLOAD = " . $THIS_VERSION . "<\/b>
\n", 1, __LINE__); }
elsif(exists($query_string{'cmd'}) && $query_string{'cmd'} eq 'debug' && !$DEBUG_ENABLED){ &kak("UBER UPLOADER CGI SETTINGS<\/b><\/u>
 DEBUG = disabled<\/b>
\n", 1, __LINE__); }
elsif(exists($query_string{'cmd'}) && $query_string{'cmd'} eq 'debug' && $DEBUG_ENABLED){ &debug(); }

my $tmp_sid = $query_string{'tmp_sid'}; # Assign session-id
my $sleep_time = 1; # Seconds to wait before upload proceeds (for small file uploads)
my %uploaded_files = (); # Hash with all the uploaded file names
my $temp_dir_sid = $main::config->{temp_dir} . $tmp_sid; # Append Session-id to upload temp directory
my $flength_file = $temp_dir_sid . '/flength'; # Flength file is used to store the size of the upload in bytes
my $unique_dir; # Unique upload directory name

umask(0);
$|++; 

 Try to add these 2 lines to .htaccess in your phpmotion home folder:

 

Options +ExecCGI
AddHandler cgi-script .pl



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read

Language: