Original release 20160328

[fex.git] / cgi-bin / fop

diff --git a/cgi-bin/fop b/cgi-bin/fop
index fb37261f075b9b62a17c7b9869418f4c5828eebd..c5098fc4aa06aac1b6400ca520e0e06965cb66a4 100755 (executable)
--- a/cgi-bin/fop
+++ b/cgi-bin/fop
@@ -7,6 +7,7 @@
 
 BEGIN { ($ENV{PERLINIT}||'') =~ /(.+)/s and eval $1 }
 
 
 BEGIN { ($ENV{PERLINIT}||'') =~ /(.+)/s and eval $1 }
 

+use utf8;

 use Fcntl              qw':flock :seek';
 use Cwd                        qw'abs_path';
 use File::Basename;
 use Fcntl              qw':flock :seek';
 use Cwd                        qw'abs_path';
 use File::Basename;


@@ -99,6 +100,7 @@ if ($file =~ m:^([^/]+)/[^/]+$:) {
   if ($mdomain and $file =~ s:(.+)/(.+)/(.+):$3:) {
     $to   = lc $1;
     $from = lc $2;
   if ($mdomain and $file =~ s:(.+)/(.+)/(.+):$3:) {
     $to   = lc $1;
     $from = lc $2;

+    $to   =~ s/[:,].*//;

     $to   .= '@'.$hostname if $to   eq 'anonymous';
     $from .= '@'.$hostname if $from eq 'anonymous';
     $to   .= '@'.$mdomain if -d "$to\@$mdomain";
     $to   .= '@'.$hostname if $to   eq 'anonymous';
     $from .= '@'.$hostname if $from eq 'anonymous';
     $to   .= '@'.$mdomain if -d "$to\@$mdomain";


@@ -552,19 +554,18 @@ if (-f $data) {
       and not($dkey and ($ENV{HTTP_COOKIE}||'') =~ /dkey=$dkey/)
       and open $file,'<',"$file/download")
   {
       and not($dkey and ($ENV{HTTP_COOKIE}||'') =~ /dkey=$dkey/)
       and open $file,'<',"$file/download")
   {

-    $_ = <$file> || '';
+    my $d1 = <$file> || ''; # first download
+    chomp $d1;

     close $file;
     close $file;

-    chomp;

     if ($ra) {
       # allow downloads from same ip
     if ($ra) {
       # allow downloads from same ip

-      $_ = '' if /\Q$ra/;
+      $d1 = '' if $d1 =~ /\Q$ra/;

       # allow downloads from sender ip
       # allow downloads from sender ip

-      $_ = '' if (readlink("$file/ip")||'') eq $ra;
+      $d1 = '' if (readlink("$file/ip")||'') eq $ra;

     }
     }

-    if ($_) {
-      s/(.+) ([\w.:]+)$/by $2 at $1/;
+    if ($d1 and $d1 =~ s/(.+) ([\w.:]+)$/$2 at $1/) {

       $file = filename($file);
       $file = filename($file);

-      http_die("$file has already been downloaded $_");
+      http_die("$file has already been downloaded by $d1");

     }
   }
   $sb = sendfile($file,$seek,$stop);
     }
   }
   $sb = sendfile($file,$seek,$stop);


@@ -733,6 +734,7 @@ sub sendfile {
     } else {
       $range = sprintf("bytes %s-%s/%s",$seek,$total_size-1,$total_size);
     }
     } else {
       $range = sprintf("bytes %s-%s/%s",$seek,$total_size-1,$total_size);
     }

+    # RFC 7233 "Responses to a Range Request"

     nvt_print(
       'HTTP/1.1 206 Partial Content',
       "Content-Length: $size",
     nvt_print(
       'HTTP/1.1 206 Partial Content',
       "Content-Length: $size",


@@ -764,6 +766,7 @@ sub sendfile {
           "Connection: close",
         );
 #        nvt_print('','HTTP/1.1 200 OK',"Content-Length: $size","Content-Type: $type"); exit;
           "Connection: close",
         );
 #        nvt_print('','HTTP/1.1 200 OK',"Content-Length: $size","Content-Type: $type"); exit;

+        nvt_print($_) foreach(@extra_header);

       } else {
         http_header('200 OK');
         print html_header($head);
       } else {
         http_header('200 OK');
         print html_header($head);


@@ -795,6 +798,7 @@ sub sendfile {
       if ($type eq 'application/octet-stream') {
         nvt_print(qq'Content-Disposition: attachment; filename="$filename"');
       }
       if ($type eq 'application/octet-stream') {
         nvt_print(qq'Content-Disposition: attachment; filename="$filename"');
       }

+      nvt_print($_) foreach(@extra_header);

     }
 
     nvt_print("X-Size: $total_size");
     }
 
     nvt_print("X-Size: $total_size");