PDA

Bekijk Volledige Versie : nog steeds niets



fotofrank
10/06/03, 13:24
Ik heb een probleem met een upload-script.
Dit schript is op werkdagen tussen 9.00 en 18.00 te benaderen via:
http://62.131.155.169/onlineprintservice.htm

Hieronder heb ik de codes geplaatst.

html-code voor uploading:

<form method="POST" enctype="multipart/form-data" action="/cgi-bin/uploader.pl">
<input type=hidden name="action" value="Upload">
<div align="center"><center>

<table width="500" bordercolor="#222222" border="0" cellpadding="1" cellspacing="1" bgcolor="#777777">
<tr>
<td bgcolor="#999999">
<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="********">
<tr>
<td bgcolor="********">
<table width="100%" border="0" cellpadding="8" cellspacing="4" bgcolor="********">
<tr>
<td colspan="3">
<center><font face="Comic Sans MS" size="2" color="#0000AA">Press the Browse Button and Choose a File to Upload.</font></center>
</td>
</tr>
<tr>
<td><font color="#800040" face="Arial Rounded MT Bold"><strong>File to Upload:</strong></font></td>
<td><input type=file name="upfile"></td>
<td><input type=submit value="Submit"></td>
</tr>
<tr>
<td colspan="3">
<p><font face="Comic Sans MS" size="1" color="#AD0000"><b>Notice:</b></font><font face="Comic Sans MS" size="1" color="#0000AA"> If you don't see a browse button, that means your browser is old and you need to type it in.</font></p>
</td>
</tr></table>
</td></tr></table>
</td></tr></table>

</center></div>
</form>
</td></tr></table>

<table width="460" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><form><input type="button" value="Back" OnClick="history.back()"></form>


Uploadscript: uploader.pl

#!/usr/bin/perl
# SPAds File Uploader v1.9 COPYRIGHT 1999 - 2001
################################################## ###############
# SPAds (c) Uploader.pl v1.9 written by: Vince Creazzo #
# vcreazzo@spads.com #
# COPYRIGHT NOTICE Smart Picture Ads (c) SPAds (c) #
# Copyright 1997 - 2001 All Rights Reserved. #
# SPAds (c) File Uploader (c) v1.9 #
# THIS SCRIPT IS NOT FREEWARE, IF YOU USE THIS SCRIPT, #
# YOU MUST PAY FOR THIS SCRIPT, CONTACT Vince Creazzo #
# VCREAZZO@SPADS.COM FOR CURRENT PRICING, OR SEND #
# SEND ALL INQUIRES TO: Current Price $29.95 #
# #
# SPAds (c) World Of Perl #
# 5500 SO. SIMMS PMB 210 #
# LITTLETON, COLORADO 80127 #
# (303) 697-4100 FAX (303) 697-4100 #
# #
# COPYRIGHT AND LICENSE AGREEMENT. #
# REDISTRIBUTION OF THIS SCRIPT OR ANY MODIFICATIONS #
# OF THIS SCRIPT IN ANY FORM IS STRICTLY PROHIBITED! #
# IF YOU REGISTER (PAY FOR) IT, YOU CAN MODIFY IT! #
# #
# THIS COPYRIGHT NOTICE AND THE ONES GENERATED BY THE #
# PROGRAM MUST NOT BE REMOVED FOR ANY REASON! #
# #
# There are no warranties expressed or implied of any #
# kind, and by using this code you agree to indemnify #
# Vincent Creazzo and SPADS & Company, from any and all #
# liability that might arise from it's use. Liability - #
# Where Applicable: In any and all cases, liability shall #
# be limited to, but not exceed the amount of purchase. #
# (c) 2001 Vince Creazzo #
# #
# * We vigorously protect our software from copyright abuse! * #
################################################## ###############
# flush the buffers
$|=1;

# Do not edit the above
################################################## ###############
# BELOW ARE VARIABLES, THAT YOU CHANGE TO SUIT YOUR SITE. #
################################################## ###############

# Upload directory use machine path here, Unix use forward / slashs
$imagedir = "C:\Program Files\Apache Group\Apache2\htdocs\uploads";

# home url or redirect url
$home = "http://www.fotoplus.tk/index.htm";

# http:// path to upload directory
$image_dir = "http://www.fotoplus.tk/uploads";

# mail link for error messages
$mail_link = '<a href=mailto:webmaster@fotoplusdigitaal.nl>Webmaster</a>';

# here you can set or add your background image, colors, text, etc.
#$body = "<body background=\"/images/1white.jpg\" bgcolor=\"********\" text=\"#0000AD\">";

# when back button is pressed, -1 back to upload form -2 before form
$back = (-2); # options -1 or -2

# allow all files for upload or images only
$images_only = "Yes"; # options Yes or No

# File types allowed to be uploaded # add or delete, 'htm', 'html', 'txt', 'zip'
@file_types = ('jpg');

# Maximum file size (kilo bytes) Allowed to be uploaded, if yes to above
# or '5.5' would be 5632 bytes
$mybytes = '1024'; # kilo bytes 25 kb

####################### End of Config Section #######################
# find out the OS
if ($^O eq 'MSWin32' || $ENV{'OS'} eq 'Windows_NT') {
# this one for windows
$windows = 'Yes';
$slash = '\\';
}else{
$windows = 'No';
$slash = '/';
}

eval {
use CGI qw(:standard);
$query = new CGI;
};
if ($@) { &error("Can't Find Required CGI\.pm Perl 5.005 libaray file!<br>$@ <br>$! <br>Contact your ISP for more information!"); }

# Do not edit the above
################################################## ###################
# !!!!!!!! DO NOT EDIT ANYTHING BELOW THIS POINT. !!!!!!!! #
# EDITING ANYTHING BELOW THIS LINE IS AN INFRINGEMENT OF, #
# THE COPYRIGHT AND LICENSE AGREEMENT. #
################################################## ###################
# Begin Main #
################################################## ###################
binmode(STDIN); # we need these for DOS-based systems
binmode(STDOUT); # and they shouldn't hurt anything else
binmode(STDERR);

MAIN: {

$action = $query->param('action');

if ($action eq "Upload") {

# check to see if image directory is vaild and premissions are ok
if ( !(-e $imagedir) || !(-W $imagedir) || !(-d $imagedir) ) {
&error("Bad Directory Name or you need to set it's permissions to ( rwx ).<BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");
exit(0);
}
# check for file upload
if (!($query->param('upfile'))) {
&error("You forgot to select a file to upload!");
}
if ($query->param('upfile') =~ /([^\/\\]+)$/) {
$file_name = $1;
$file_name =~ s/^\.+//;
$file_name =~ s/\s/_/g;
$file_handle = $query->param('upfile');
binmode($file_handle);
}else {
$file_problem = $query->param('upfile');
&error("Bad File Name: $file_problem, File name can't have a slash in it!\n Rename it and try again!<BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");
exit(0);
}

# lets check the file types allowed to be uploaded
foreach $type (@file_types) {
# lets gather up the valid file types for the error msg
push (@good_type, "\.$type");

# now lets check to see if the upload file is allowed
if($file_name =~ /^.+(\.$type)$/i) {
# set the flag we have a match
$type_file = 1;
last;
}
}

# see if the flag was set
if ($type_file != 1) {
# send user error message
&error("The file: <b>$file_name</b> you tried to upload, is not a valid<br> (<b> @good_type </b>) file type, approved for this server.<br>Please Check the file and try again!<BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");
}
$byte_numb = (1024 * $mybytes);
$up_file = $file_name;

unless (open(OUTFILE, ">$imagedir$slash$up_file")) {
&error("There was an error opening the Output File\n, Check directory premissions!\n $!<BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");
exit(0);
}
binmode(OUTFILE);
undef $BytesRead;
undef $Buffer;

while ($Bytes = read($file_handle,$Buffer,1024)) {
$BytesRead += $Bytes;
print OUTFILE $Buffer;
}

$confirm{$file_handle} = $BytesRead;

close($file_handle);
close(OUTFILE);

if ($confirm{$file_handle} <= 0) {
# delete temp uploaded file
unlink ("$imagedir$slash$up_file");
&error("<b>Upload File Is Empty!</b><br><br>The Uploaded File:<font color=blue> $file_name</font> is &nbsp; <font color=red>$confirm{$file_handle} \< </font> Bytes!<br><br>Check Your File <b>$up_file</b> for errors, then try again!<br><br><b>The File, <font color=red>$up_file</font> Has Been <font color=red>Deleted</font>!</b><br>");
}
# clean up temp file
@temp_file = <CGItemp*>;
foreach $tmp_file (@temp_file){
unlink ("$tmp_file");
}
if ($confirm{$file_handle} > $byte_numb) {
unlink ("$imagedir$slash$file_name");
&error("Upload File Is Too Large!<br><br>The Uploaded File:<font color=blue> $file_name</font> is <font color=red>$confirm{$file_handle}</font> Bytes!<br><br>The Maximum Upload File Size Allowed is <font color=red>$byte_numb</font> Bytes!<br><br>File Size must be <font color=red>$byte_numb</font> bytes or less, to upload Successfully!<BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");
}

if ($windows ne 'Yes') {
chmod (0777, "$imagedir$slash$up_file");
}

# send the user acknolgement
&success($up_file);
}else {
&error("There was an error!\n, Wrong or missing form 'action' field!\n $! <BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>");

}

} # end of Main
################### SUBROUTINES START HERE ###################
# HTML Header
sub html_header {
my ($msg_title) = @_;

print "content-type: text/html\n\n"; # Print the header

print <<"__END_HTML__";

<HTML><HEAD><TITLE>$msg_title</TITLE></HEAD>
$body
<center><font size=7>SPADS - World of Perl</font></center>
<HR width="80%">
<CENTER>
<table width="482" bordercolor="#222222" border="1" cellpadding="1" cellspacing="2" bgcolor="#777777">
<tr><td bgcolor="#999999">
<table width="480" border="0" cellpadding="8" cellspacing="4" bgcolor="********">
<tr><td bgcolor="#333388" width="100%" height="30"><center><font size="3" color="********"><b>$msg_title</b></font></center></td></tr>
<tr><td bgcolor="********" align="center"><font face="Comic Sans MS" size="2"><p>

__END_HTML__

}
sub html_footer {

print <<"__END_HTML__";
</FONT>
</td></tr>
<tr><td align="center">
<TABLE width="70%" border=0 cellpadding=2 cellspacing=0><TR>
<TH><FORM><INPUT TYPE="button" VALUE="BACK" onClick="history.back($back); return false;"></FORM></TH>
<TH><FORM ACTION="$home" Method="GET"><INPUT TYPE="submit" VALUE="HOME"></FORM></TH>
</TR></TABLE>
</td></tr></table></td></tr></table>
<HR width="80%">
<p><b><font face="Arial, Helvetica" size="1">&copy; copyright 1999 / 2001, <a href="http://www.spads.com">SPAds &copy;</a> File <i>Uploader</i> &copy; v1.9</font></b>
</center>
</BODY></HTML>

__END_HTML__

}# end of sub
# Error message
sub error {
my ($errormsg) = @_;

&html_header("ERROR!");
print "<p>\n";
print "There was an error processing your request.<p>\n";
print "The Error: $errormsg <br><p>\n";
print "If you require assistance. Please contact the $mail_link.<p><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font><p>\n";
&html_footer;
exit(0);
}# end of sub
# Success message
sub success {
my ($up_file) = @_;
if ($images_only eq "Yes") {
$new_file = "<img src=\"$image_dir/$up_file\">";
}else {
$new_file = "View Uploaded File: <a href=\"$image_dir/$up_file\">$up_file</a>";
}
&html_header("SUCCESS!");
print "<p>\n";
print "Your file was uploaded successfully!<p>\n";
print "Your File: <b>$up_file</b> at $confirm{$file_handle} bytes <p>$new_file<p>\n";
print "Thank You!<br><BR><font size=1 color=red>Un-Registered!</font><font size=1> <a href=\"http://www.spads.com\">File Uploader</a> &copy; v1.9</font>\n";
&html_footer;

exit(0);
} # end of sub

__END__

Ahead-IT
10/06/03, 17:32
welke fout geeft die?

fotofrank
10/06/03, 17:41
Deze foutmelding krijg ik:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@fotoplusdigitaal.nl and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


--------------------------------------------------------------------------------

Apache/2.0.45 (Win32) Server at 62.131.155.169 Port 80

eXite
10/06/03, 17:43
Ja... en nu de error log? :)

Ahead-IT
10/06/03, 17:45
Origineel geplaatst door fotofrank
--------------------------------------------------------------------------------

Apache/2.0.45 (Win32) Server at 62.131.155.169 Port 80


Perl staat toch degelijk geinstalleerd?

fotofrank
10/06/03, 17:51
Als het goed is wel.
Ik heb Perl gewoon geïnstalleerd zoals het installatieprogramma zei.

Maar ik heb ff dieper gekeken: er wordt verwezen naar een usr-directory.
Deze staat niet op mijn server.
Wel staat Perl in mijn PATH.

fotofrank
10/06/03, 17:53
Dit is het error.log bestand:

[Tue Jun 10 16:50:49 2003] [error] [client 62.131.155.169] (OS 3)Het systeem kan het opgegeven pad niet vinden. : couldn't create child process: 720003: uploader.pl, referer: http://62.131.155.169/onlineprintservice.htm
[Tue Jun 10 16:50:50 2003] [error] [client 62.131.155.169] (OS 3)Het systeem kan het opgegeven pad niet vinden. : couldn't spawn child process: C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/uploader.pl, referer: http://62.131.155.169/onlineprintservice.htm

Ahead-IT
10/06/03, 18:02
C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/uploader.pl

bestaat dit bestand?

Ahead-IT
10/06/03, 18:03
Origineel geplaatst door polyp
C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/uploader.pl

bestaat dit bestand?

als het bestaat, pas dit eens aan :

<form method="POST" enctype="multipart/form-data" action="/cgi-bin/uploader.pl">
<input type=hidden name="action" value="Upload">
<div align="center"><center>

naar

<form method="POST" enctype="multipart/form-data" action="C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/uploader.pl>
<input type=hidden name="action" value="Upload">
<div align="center"><center>

fotofrank
10/06/03, 18:19
als ik hem rechtstreeks naar uploader.pl op de harde schijf laat verwijzen, dan gebeurt er helemaal niets.
Ik heb inmiddels de extensie .pl naar .cgi gezet.
Ook in de html-files

Echter, ook nu krijg ik de foutmelding.

Zou ik dan toch perl verkeerd hebben geïnstalleers?
Ik heb nl helemaal geen map: /usr/bin/perl in mijn /htdocs staan.

Ahead-IT
10/06/03, 18:21
Origineel geplaatst door fotofrank
als ik hem rechtstreeks naar uploader.pl op de harde schijf laat verwijzen, dan gebeurt er helemaal niets.
Ik heb inmiddels de extensie .pl naar .cgi gezet.
Ook in de html-files

Echter, ook nu krijg ik de foutmelding.

Zou ik dan toch perl verkeerd hebben geïnstalleers?
Ik heb nl helemaal geen map: /usr/bin/perl in mijn /htdocs staan.

Das voor Linux :)

Heeft dit script wel Windows support?

fotofrank
10/06/03, 18:50
Ik ben er donderdag om 10.00 weer!

fotofrank
12/06/03, 10:39
Het lukt me nog steeds niet om het script aan de praat te krijgen.

StarInternet
12/06/03, 11:28
klopt, perl path moet goed verwezen staan
De #!/usr/bin/perl

zie ff de howto van perl voor windows!

fotofrank
12/06/03, 12:54
Ik heb in mijn htdocs helemaal geen /urs/bin/perl map staan
Maar volgens mij geldt dat alleen voor Unix/linux servers.
Ik draai onder windows 2000 met een apache server.

Maar waar kan ik anders die howto vinden.
(ben een webserver-maagd)

fotofrank
12/06/03, 17:35
Er wordt nu naar de juiste Perl-map gewezen.

Nu krijg ik echter de volgende melding in mijn Log-bestand:

[Thu Jun 12 16:30:35 2003] [error] [client 62.131.155.169] (OS 5)Toegang geweigerd. : couldn't create child process: 720005: uploader.cgi, referer: http://62.131.155.169/onlineprintservice.htm
[Thu Jun 12 16:30:35 2003] [error] [client 62.131.155.169] (OS 5)Toegang geweigerd. : couldn't spawn child process: C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/uploader.cgi, referer: http://62.131.155.169/onlineprintservice.htm
[Thu Jun 12 16:30:51 2003] [error] [client 62.131.155.169] (OS 5)Toegang geweigerd. : couldn't create child process: 720005: upload.cgi, referer: http://62.131.155.169/demo.html
[Thu Jun 12 16:30:51 2003] [error] [client 62.131.155.169] (OS 5)Toegang geweigerd. : couldn't spawn child process: C:/Program Files/Apache Group/Apache2/htdocs/cgi-bin/upload.cgi, referer: http://62.131.155.169/demo.html

StarInternet
12/06/03, 18:39
Apache user write rechten geven op die map
ja ook voor windows 2000 en xp!

fotofrank
13/06/03, 09:47
Hoe doe ik dat?

Staat zoiets niet al in mijn config? (die bovenaan post)

StarInternet
13/06/03, 11:51
Origineel geplaatst door fotofrank
Hoe doe ik dat?

Staat zoiets niet al in mijn config? (die bovenaan post)
Welke Windows versie heb je?

fotofrank
13/06/03, 12:18
2000 professional

StarInternet
13/06/03, 12:38
Origineel geplaatst door fotofrank
2000 professional
Moet ik zo even kijken hoe het werkt zie anders contact info in me profiel.

Cougar
13/06/03, 12:48
rechtsklikken op de map --> eigenschappen --> beveiliging en daar kun je de user rechten instellen.

Draait apache onder een aparte gebruiker pas je die gebruiker aan anders kijk je onder welke gebruiker apache loopt en pas je die aan.

Cougar
13/06/03, 12:49
Oh en patch apache, want er is een veiligheidslek voor apache onder windows waardoor je windows gehackt kan worden...