plugin/attach/AttachHandler.pm

   1 ############################################################
   2 #
   3 # ÅºÉÕ¥Õ¥¡¥¤¥ë¤Î¥¢¥¯¥·¥ç¥ó¥Ï¥ó¥É¥é¡£
   4 #
   5 ############################################################
   6 package plugin::attach::AttachHandler;
   7 use strict;
   8 use HTTP::Status;
   9 use plugin::attach::Files;
  10 #===========================================================
  11 # ¥³¥ó¥¹¥È¥é¥¯¥¿
  12 #===========================================================
  13 sub new {
  14         my $class = shift;
  15         my $self = {};
  16         return bless $self,$class;
  17 }
  18
  19 #===========================================================
  20 # ¥¢¥¯¥·¥ç¥ó¤Î¼Â¹Ô
  21 #===========================================================
  22 sub do_action {
  23         my $self = shift;
  24         my $wiki = shift;
  25         my $cgi = $wiki->get_CGI;
  26
  27         my $pagename = $cgi->param("page");
  28         if($pagename eq ""){
  29                 $pagename = $wiki->config("frontpage");
  30         }
  31
  32         $wiki->set_title("¥Õ¥¡¥¤¥ë¤ÎÅºÉÕ",1);
  33
  34         if($cgi->param("UPLOAD") ne "" || $cgi->param("CONFIRM") ne "" || $cgi->param("DELETE") ne ""){
  35                 unless($wiki->can_modify_page($pagename)){
  36                         return $wiki->error(RC_FORBIDDEN, "ÊÔ½¸¤Ï¶Ø»ß¤µ¤ì¤Æ¤¤¤Þ¤¹¡£");
  37                 }
  38         }
  39
  40         if($cgi->param("DELETE") ne ""){
  41                 unless(&plugin::attach::Files::can_attach_delete($wiki, $pagename)){
  42                         return $wiki->error(RC_FORBIDDEN, "¥Õ¥¡¥¤¥ë¤Îºï½ü¤Ïµö²Ä¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
  43                 }
  44         }
  45
  46         #-------------------------------------------------------
  47         # ¥¢¥Ã¥×¥í¡¼¥É¼Â¹Ô
  48         if($cgi->param("UPLOAD") ne ""){
  49                 my $filename = $cgi->param("file");
  50                 $filename =~ s/\\/\//g;
  51                 $filename = substr($filename,rindex($filename,"/")+1);
  52                 $filename =~ tr/";\x00-\x1f/': /;
  53                 &Jcode::convert(\$filename,'euc');
  54
  55                 if($filename eq ""){
  56                         return $wiki->error(RC_BAD_REQUEST, "¥Õ¥¡¥¤¥ë¤¬»ØÄê¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
  57                 }
  58
  59                 my $hundle = $cgi->upload("file");
  60                 unless($hundle){
  61                         return $wiki->error(RC_BAD_REQUEST, "¥Õ¥¡¥¤¥ë¤¬ÆÉ¤ß¹þ¤á¤Þ¤»¤ó¤Ç¤·¤¿¡£");
  62                 }
  63
  64                 my $uploadfile = $wiki->config('attach_dir')."/".&Util::url_encode($pagename).".".&Util::url_encode($filename);
  65                 if(-e $uploadfile && !&plugin::attach::Files::can_attach_update($wiki, $pagename)){
  66                         return $wiki->error(RC_FORBIDDEN, "¥Õ¥¡¥¤¥ë¤Î¾å½ñ¤¤Ïµö²Ä¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
  67                 }
  68
  69                 open(DATA,">$uploadfile") or die $!;
  70                 binmode(DATA);
  71                 while(read($hundle,$_,16384)){ print DATA $_; }
  72                 close(DATA);
  73
  74                 # attach¥×¥é¥°¥¤¥ó¤«¤éÅºÉÕ¤µ¤ì¤¿¾ì¹ç
  75                 if(defined($cgi->param("count"))){
  76                         my @lines = split(/\n/,$wiki->get_page($pagename));
  77                         my $flag = 0;
  78                         my $form_count = 1;
  79                         my $count=$cgi->param("count");
  80                         my $content = "";
  81                         foreach(@lines){
  82                                 if(index($_," ")==0||index($_,"\t")==0){
  83                                         $content .= $_."\n";
  84                                         next;
  85                                 }
  86                                 if(index($_,"{{attach}}")!=-1 && $flag==0){
  87                                         if($form_count==$count){
  88                                                 $content = $content."{{ref ".$filename."}}\n";
  89                                                 $flag = 1;
  90                                         } else {
  91                                                 $form_count++;
  92                                         }
  93                                 }
  94                                 $content = $content.$_."\n";
  95                         }
  96                         if($flag==1){
  97                                 $wiki->save_page($pagename,$content);
  98                         }
  99                 }
 100
 101                 # ¥í¥°¤ÎµÏ¿
 102                 &write_log($wiki,"UPLOAD",$pagename,$filename);
 103
 104                 $wiki->redirect($pagename);
 105
 106         #-------------------------------------------------------
 107         # ºï½ü³ÎÇ§
 108         } elsif($cgi->param("CONFIRM") ne ""){
 109                 my $file = $cgi->param("file");
 110                 if($file eq ""){
 111                         return $wiki->error(RC_BAD_REQUEST, "¥Õ¥¡¥¤¥ë¤¬»ØÄê¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
 112                 }
 113
 114                 my $buf = "";
 115
 116                 $buf .= "<a href=\"".$wiki->create_page_url($pagename)."\">".
 117                         Util::escapeHTML($pagename)."</a>¤«¤é".Util::escapeHTML($file)."¤òºï½ü¤·¤Æ¤è¤í¤·¤¤¤Ç¤¹¤«¡©\n".
 118                         "<form action=\"".$wiki->create_url()."\" method=\"POST\">\n".
 119                         "  <input type=\"submit\" name=\"DELETE\" value=\"ºï ½ü\">".
 120                         "  <input type=\"hidden\" name=\"action\" value=\"ATTACH\">".
 121                         "  <input type=\"hidden\" name=\"page\" value=\"".Util::escapeHTML($pagename)."\">".
 122                         "  <input type=\"hidden\" name=\"file\" value=\"".Util::escapeHTML($file)."\">".
 123                         "</form>";
 124                 return $buf;
 125
 126         #-------------------------------------------------------
 127         # ºï½ü¼Â¹Ô
 128         } elsif($cgi->param("DELETE") ne ""){
 129                 my $file = $cgi->param("file");
 130                 if($file eq ""){
 131                         return $wiki->error(RC_BAD_REQUEST, "¥Õ¥¡¥¤¥ë¤¬»ØÄê¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
 132                 }
 133
 134                 # ¥í¥°¤ÎµÏ¿
 135                 &write_log($wiki,"DELETE",$pagename,$file);
 136
 137                 unlink($wiki->config('attach_dir')."/".&Util::url_encode($pagename).".".&Util::url_encode($file));
 138                 $wiki->redirect($pagename);
 139
 140         #-------------------------------------------------------
 141         # ¥À¥¦¥ó¥í¡¼¥É
 142         } else {
 143                 my $file = $cgi->param("file");
 144                 if($file eq ""){
 145                         return $wiki->error(RC_BAD_REQUEST, "¥Õ¥¡¥¤¥ë¤¬»ØÄê¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£");
 146                 }
 147                 unless($wiki->page_exists($pagename)){
 148                         return $wiki->error(RC_NOT_FOUND ,"¥Ú¡¼¥¸¤¬Â¸ºß¤·¤Þ¤»¤ó¡£");
 149                 }
 150                 unless($wiki->can_show($pagename)){
 151                         return $wiki->error(RC_FORBIDDEN, "¥Ú¡¼¥¸¤Î»²¾È¸¢¸Â¤¬¤¢¤ê¤Þ¤»¤ó¡£");
 152                 }
 153                 my $filepath = $wiki->config('attach_dir')."/".&Util::url_encode($pagename).".".&Util::url_encode($file);
 154                 unless(-e $filepath){
 155                         return $wiki->error(RC_NOT_FOUND, "¥Õ¥¡¥¤¥ë¤¬¤ß¤Ä¤«¤ê¤Þ¤»¤ó¡£");
 156                 }
 157
 158                 my $contenttype = &get_mime_type($wiki,$file);
 159                 my $ua = $ENV{"HTTP_USER_AGENT"};
 160                 my $disposition = ($contenttype =~ /^image\// && $ua !~ /MSIE/ ? "inline" : "attachment");
 161
 162                 open(DATA, $filepath) or die $!;
 163                 print "Content-Type: $contenttype\n";
 164                 print Util::make_content_disposition($file, $disposition);
 165                 binmode(DATA);
 166                 while(read(DATA,$_,16384)){ print $_; }
 167                 close(DATA);
 168
 169                 # ¥í¥°¤ÎµÏ¿
 170                 &write_log($wiki,"DOWNLOAD",$pagename,$file);
 171                 &count_up($wiki,$pagename,$file);
 172
 173                 exit();
 174         }
 175 }
 176
 177 #===========================================================
 178 # ¥À¥¦¥ó¥í¡¼¥É¥«¥¦¥ó¥È¤ò¥¤¥ó¥¯¥ê¥á¥ó¥È
 179 #===========================================================
 180 sub count_up {
 181         my $wiki = shift;
 182         my $page = shift;
 183         my $file = shift;
 184
 185         Util::sync_update_config(undef,$wiki->config('log_dir')."/".$wiki->config('download_count_file'),
 186         sub {
 187                 my $hash = shift;
 188                 unless(defined($hash->{$page."::".$file})){
 189                         $hash->{$page."::".$file} = 1;
 190                 } else {
 191                         $hash->{$page."::".$file}++;
 192                 }
 193                 return $hash;
 194         }
 195         );
 196 }
 197
 198 #===========================================================
 199 # ÅºÉÕ¥Õ¥¡¥¤¥ë¤Î¥í¥°
 200 #===========================================================
 201 sub write_log(){
 202         my $wiki = shift;
 203         my $mode = shift;
 204         my $page = shift;
 205         my $file = shift;
 206         if($wiki->config('log_dir') eq "" || $wiki->config('attach_log_file') eq ""){
 207                 return;
 208         }
 209         my $ip  = $ENV{"REMOTE_ADDR"};
 210         my $ref = $ENV{"HTTP_REFERER"};
 211         my $ua  = $ENV{"HTTP_USER_AGENT"};
 212         if($ip  eq ""){ $ip  = "-"; }
 213         if($ref eq ""){ $ref = "-"; }
 214         if($ua  eq ""){ $ua  = "-"; }
 215         my ($sec, $min, $hour, $mday, $mon, $year) = localtime(time());
 216         my $date = sprintf("%04d/%02d/%02d %02d:%02d:%02d",$year+1900,$mon+1,$mday,$hour,$min,$sec);
 217
 218         my $logfile = $wiki->config('log_dir')."/".$wiki->config('attach_log_file');
 219         Util::file_lock($logfile);
 220         open(LOG,">>$logfile") or die $!;
 221         binmode(LOG);
 222         print LOG $mode." ".&Util::url_encode($page)." ".&Util::url_encode($file)." ".
 223                   $date." ".$ip." ".$ref." ".$ua."\n";
 224         close(LOG);
 225         Util::file_unlock($logfile);
 226 }
 227
 228 #===========================================================
 229 # MIME¥¿¥¤¥×¤ò¼èÆÀ¤·¤Þ¤¹
 230 #===========================================================
 231 sub get_mime_type {
 232         my $wiki = shift;
 233         my $file = shift;
 234         my $type = lc(substr($file,rindex($file,".")+1));
 235
 236         my $hash  = &Util::load_config_hash($wiki,$wiki->config('mime_file'));
 237         my $ctype = $hash->{$type};
 238
 239         if($ctype eq "" ){
 240                 $ctype = "application/octet-stream";
 241         }
 242
 243         return $ctype;
 244 }
 245
 246 1;