nicht angemeldet
index.php
---------
<?
$url=preg_replace("/\s*|[^a-z0-9%?&=\/._-]+/i","",$url);
if (!$url) { $url="cops/index.htm"; }
#Sonderausgabe fuer Downloads:
if (preg_match("/cops\/get_download.php/",$url))
{
$file=preg_replace("/^(.*file=)([^&]*)(.*?)$/","$2",$url);
$file_tail=preg_replace("%^(.*?/)([^/]*)$%","$2",$file);
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$file_tail\"");
}
$output=popen("/srv/www/htdocs/cops/copsweb.pl $url 2>&1", 'r');
while(!feof($output))
{
echo $line=fgets($output);
}
pclose($output);
?>
copsweb.pl:
-----------
#!/usr/bin/perl
use strict;
use lib ("/opt/vpn/CoCA/");
use FEX;
my $url=$ARGV[0];
$url=~s/\s*\r*\n*//g;
$url=~s/\.\.//g;
$url=~s/^([a-z]+:[\/]+)*(\d+\.\d+\.\d+\.\d+)*\///g;
$url=~s/[^a-z0-9%?&=\/._-]+//gi;
my $logfile; my $debug;
my $sequence=&get_cops_web($url,"user","password",$logfile,$debug);
#print $size;
open(FH,"<","/opt/vpn/CoCA/TEMP/copsweb_".$sequence) or die ("could not open /opt/vpn/CoCA/TEMP/copsweb_".$sequence."\n".$!."\n");
if ($url=~/\.(php[345]?|html?)(\?|$)/i && $url!~/get_download\.php\?file=/i)
{
my $line;
while ($line=<FH>)
{
#Parsing Frameset-URLs
if ($line=~/^(.*<\s*frame\s([^>]+\s)?src\s*=\s*)("([^">]+)"|'([^'>]+)'|([^"'>]+))(.*)$/i)
{
my $url1=$1; my $url2=$3; my $url3=$7;
$url2=~s/["']*//g;
$line=$url1."\"index.php?url=cops/".$url2."\"".$url3;
}
#Parsing Anchor-Tags
if ($line=~/^(.*<\s*a\s([^>]+\s)?href\s*=\s*)("([^">]+)"|'([^'>]+)'|([^"'>]+))(.*)$/i)
{
my $url1=$1; my $url2=$3; my $url3=$7;
$url2=~s/["']*//g;
$line=$url1."\"index.php?url=cops/".$url2."\"".$url3;
}
#Parsing JavaScript-URLs:
if ($line=~/^(.*window\.open\(["'])([^"']+)(.*)$/i)
{
$line=$1."index.php?url=cops/".$2.$3;
}
print $line;
}
close (FH);
}
else
{
my $size=-s '/opt/vpn/CoCA/TEMP/copsweb_'.$sequence;
my $file='';
binmode(FH);
my $return=read(FH,$file,$size);
close (FH);
print $file;
}
Struppi