camel

����򸫤Ƥ������ޤ�ʤ��ʤä��Τǡ�

����Ϥ��ä��������Ȥ����ȡ�

�������Ǥߤ����ʤ�ΤǤ���nms-cgi�ˤ�ե����륢�åץ����������ʤ��ä��ΤǺ��ޤ���������¾�Ρ֤褯�Ȥ�CGI�פʤɤ⡢���������ˤߤ�ʤ�ź�路�Ƥ�������ۡ��Ȥ������ˤ���Ф����ΤǤϤʤ����Ȥ���äƺ�����������Ǥ���

�ʲ���������ߤ��Ƥ��ޤ���

  1. ���ʴ��뷿�Υ�����ץȤǤ��뤳��

    �̤θ������򤹤�ȡ�Core Module������ư�����ȡ�Perl Version �Ǥ�����Unicode�ޤ�꤬�������ư��5.8.1�ʾ�����ꤷ�Ƥ��ޤ���

    HTML�ʤɹ��ߤǤ�����ĤΥե������ɬ�פ����Ƥ����äƤ���Τ����Ǥ���

  2. CGI�Ȥ��Ƥ����ǤϤʤ���mod_perl��registry�Ǥ⤭�����ư������

    ��������__DATA__���Ȥ��ʤ��Τ������ǡ���ξ����Ȥ߹�碌��Ȥ����äƾ��Ԥۤɤ��Ĥ����ǤϤ���ޤ���������Ͼ��꤬������

  3. Taint Mode�Ǥ�ư������

    mod_perl�Ǥ⤽�Τޤ�ư�������Ȥ��θ���ơ�#!��-T���ʤ����֤�Release�������Ƥ��ޤ������Ĥ��Ƥ⤭�����ư���Τ���Ǥ���

  4. �����Ǥ��뤳��

    ��ξ����������¤ꡢ�ʤ�٤���

����Ǹ����ȡ��ְ��ߤ��֤��������ɲߤ�ߤ�ʤǤ������褦�ס��Ȥ������ȤǤ���

Perl��­��ʤ��Ȼפ���� - Perl���������ץ륳���ɤˤ��Perl�����
Perl�Ȥ������줬�񤷤��ΤǤϤʤ��ơ�Perl��ؽ�����Τ��񤷤���

�Ȥ����ո����Τ�Τ˻�ϻ����ǤϤ���ޤ��󤬡�����Ǥ�򺣤ΤϤƥ֤򸫤�ȡ���Ǥ����֥�����ͤǤʤ��ȻȤ����ʤ��ʤ��Τ�Perl�ϡפȤ������Фˤ������ꤽ���ˤʤ�ޤ������Υץ��������ȤϤ������������⤳��Ƥ��ޤ���

��ľ�����ȡ�CGI�Ȥ����ΤϽ鿴�Ԥˤϴ�����ޤ��󡣡֤Ȥꤢ����ư���פ�Τϴ�ñ�˺��Ƥ⡢�֤������ư���פ�ΤȤʤ�Ȥ��ʤ��񤷤��������餳��������Ȥ������㤬��ä��ߤ����ΤǤ���

So join us and help us!

Dan the Starter

http://svn.coderepos.org/share/lang/perl/tnek-cgi/trunk/upload.cgi 
#!/usr/bin/perl
use strict;
use warnings;

=encoding utf8

=head1 NAME

upload.cgi - �ե�����Υ��åץ�����

=head1 VERSION

$Id: upload.cgi,v 0.2 2009/04/03 01:07:17 dankogai Exp dankogai $

=head1 INSTALL

  ������̾:                                            your.example.org
  CGI��URI:                  http://your.example.org/cgi-bin/upload.cgi
  CGI�����֥ѥ�:                           /home/www/cgi-bin/upload.cgi
  ���åץ����ɥե������ѤΥǥ��쥯�ȥ�:        /home/www/htdocs/uploads
  ���åץ����ɥե������URI:   http://your.example.org/uploads/file.txt

�����ꤷ����硢�ʲ��ΤȤ���Ǥ���

=over 2

=item 1.

�ܥե������

  /home/www/cgi-bin/upload.cgi    

����¸��ʸ�������ɤ�UTF-8�ǡ�

=item 2.

�ʲ���$Dir �� $URI_Dir �򥫥����ޥ���

=cut

our $Dir = '/home/www/htdocs/uploads';    # �ºݤΥǥ��쥯�ȥ�
our $URI_Dir = '/uploads';    # uri��ɽ�������ǥ��쥯�ȥ�

=pod

=item 3.

�ܥե������¹Բ�ǽ�ˡ�

  % chmod 0755 /home/www/cgi-bin/upload.cgi

=item 4.

���åץ����ɥǥ��쥯�ȥ�κ���

  % mkdir /home/www/htdocs/uploads
  % chdir 1777 /home/www/htdocs/uploads

=item 5.

�ʤ�٤�ǧ�ڤ򤫤���

  # .htaccess ����; ����ȥ�ͥåȤΤߵ���
  <Limit GET POST>
    Order allow,deny
    Allow from 127.0.0.1 10.0.0/8 172.16.0.0/12 192.168.0.0/16
    Deny from all
  </Limit>
  <LimitExcept GET POST>
    Order deny,allow
    Deny from all
   </LimitExcept>

���̸�������ȸ�����뱩�ܤˤʤ�Ǥ��礦��

=back

=cut

our $VERSION = 0.01;
use CGI;

# use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;

=head2 $Regexp_Fn

�ե�����̾�򸡾ڤ�������ɽ���Ǥ���

=cut

our $Regexp_Fn = qr/\A([0-9A-Za-z_][0-9A-Za-z_\-\+\.]+)\z/;

{    # main
    my $q = CGI->new;
    check_sanity($q);
    if ( $q->param('del') ) {    # �ե�����õ�⡼��
        for my $fn ( $q->param('fn') ) {
            $fn =~ $Regexp_Fn or next;
            unlink "$Dir/$1";
        }
        redirect_self($q);
    }
    elsif ( my $fn = $q->param('fn') )
    {                            # �ե����륢�åץ����ɥ⡼��
        $fn =~ $Regexp_Fn or filename_error( $q, $fn );
        $fn = $1;                # untaint
                                 # ���åץ����ɽ���
        open my $wfh, '>', "$Dir/$fn" or die "$Dir/$fn:$!";
        my $rfh = $q->upload('fn');
        my $content = do { local $/; <$rfh> };
        print $wfh $content;
        close $wfh;
        redirect_self($q);
    }
    else {
        show_form($q);
    }
}

sub check_sanity {
    return if -d $Dir and -w $Dir;
    my $q = shift;
    print $q->header( -charset => 'UTF-8', -status => 500 ), error_html(
        qq{
        �ǥ��쥯�ȥ� "$Dir" �����������ꤵ��Ƥޤ���
        �ʲ��Υ��ޥ�ɤ򤪻Ȥ�����������

        mkdir $Dir; chmod 1777 $Dir
    ��  }
    );
    exit;
}

sub redirect_self {
    my $q = shift;
    print $q->redirect( -uri => $ENV{SCRIPT_NAME} );
    exit;
}

sub filename_error {
    my ( $q, $fn ) = @_;
    print $q->header( -charset => 'UTF-8', -status => 500 ),
      error_html(qq{�ե�����̾"$fn"�������Ǥ���});
    exit;
}

sub show_form {
    my $q = shift;
    my %mtime;
    opendir my $dh, $Dir or die "$Dir:$!";
    for my $fn ( grep !/\A\./, sort readdir($dh) ) {
        -f "$Dir/$fn" or next;
        $mtime{$fn} = ( stat(_) )[9];
    }
    closedir $dh;
    my @tr;
    for my $fn ( sort { $mtime{$b} <=> $mtime{$a} } keys %mtime ) {
        my $link = "$URI_Dir/$fn";
        push @tr,
            qq(<td>)
          . qq(<input type="checkbox" name="fn" value="$fn">)
          . qq(</td>)
          . qq(<td><a href="$link">$fn</a></td>)
          . qq(<td>)
          . localtime( $mtime{$fn} )
          . qq(</td>);
    }
    my $dirlist = join "\n", map { qq(<tr>$_</tr>) } @tr;
    print $q->header( -charset => 'UTF-8' ), form_html($dirlist);
    exit;
}

=head2 form_html

  return <<"END_OF_HTML";
  ...
  END_OF_HTML

�δ֤�HTML��

=cut

sub form_html {
    my $title   = $ENV{SCRIPT_NAME};
    my $action  = $ENV{SCRIPT_NAME};
    my $dirlist = shift;
    return <<"END_OF_HTML";
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>$title</title>
</head>
<body>
<h1>$title</h1>
<form method="post" action="$action" enctype="multipart/form-data">
���åץ����ɤ���ե�����:<input type="file" name="fn">
<input type="submit">
<h2>���åץ����ɺѤߤΥե�����:</h2>
<table border="1">
<thead>
<tr>
<td><input type="submit" name="del" value="�õ�"></td>
<td>�ե�����̾:</td>
<td>����:</td>
</tr>
</thead>
<tbody>$dirlist</tbody>
</table>
</form>
</body>
</html>
END_OF_HTML
}

=head2 error_html

   return <<"END_OF_HTML";
   ...
   END_OF_HTML

�δ֤�HTML��

=cut

sub error_html {
    my $msg   = shift;
    my $title = $ENV{SCRIPT_NAME} . ":error";
    return <<"END_OF_HTML";
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>$title</title>
</head>
<body>
<h1>$title</h1>
$msg
<table border="1">
</body>
</html>
END_OF_HTML
}