Roxen.git / server / modules / filesystems / incoming.pike

version» Context lines:

Roxen.git/server/modules/filesystems/incoming.pike:1:   // This is a roxen module. Copyright © 1997 - 2009, Roxen IS.      #include <module.h>   inherit "modules/filesystems/filesystem";    - constant cvs_version= "$Id: incoming.pike,v 1.20 2009/05/07 14:15:54 mast Exp $"; + constant cvs_version= "$Id$";      //<locale-token project="mod_incoming">_</locale-token>   #define _(X,Y) _DEF_LOCALE("mod_incoming",X,Y)   // end of the locale related stuff      LocaleString module_name = _(1,"File systems: Incoming filesystem");   LocaleString module_doc =   _(2,"This file system is used only for uploads, the files that are uploaded\n"   "can either not be downloaded, or they will be scrambled during the download.\n"   "This is considered a nice way to treat people who try to "
Roxen.git/server/modules/filesystems/incoming.pike:122:   {    id->misc->moreheads = (id->misc->moreheads||([]))|(["Allow":"PUT"]);    return http_low_answer (    405, "<h1>" + id->method + " method not allowed in incoming filesystem.</h1>\n");   }         #define FILE_SIZE(X) (stat_cache?_file_size((X),id):Stdio.file_size(X))       - protected mixed lose_file( string f, object id ) + protected mixed lose_file( string norm_f, object id )   {    object o; -  int size = FILE_SIZE( f = path + f ); +  int size = FILE_SIZE( norm_f );    if(size < 0)    return (size==-2? -1:0);    -  o = open( f, "r" ); +  o = open( norm_f, "r" );       if(!o)    return 0;    -  id->realfile = f; +  id->realfile = norm_f;    accesses++;       return decaying_file( o, query("bitrot_header"), 100/query("bitrot_percent") );   }      mixed find_file( string f, object id )   { -  +  string norm_f = real_path(f, id); +  +  if (!norm_f) { +  return Roxen.http_status(403, "Access forbidden by user"); +  } +     switch(id->method) {    case "GET":    case "HEAD":    case "POST":    if(query("bitrot") && query("bitrot_percent")>0) -  return lose_file( f, id ); +  return lose_file( norm_f, id );    else    return not_allowed( id );       case "PUT": -  if(FILE_SIZE( path + f ) >= 0) { +  if(FILE_SIZE( norm_f ) >= 0) {    id->misc->error_code = 409;    return 0;    }    return ::find_file( f, id );       case "DELETE":    default:    return not_allowed( id );    }       report_error("Not reached..\n");    return 0;   }