Just a few nosy comments --
<html>
<head>
<title>Untitled Page</title>
</head>
<body>
<a href="javascript:window.location='cgi-bin/download.cgi?picname=Upload- Background.gif'">picture link</a>
Not sure why you want to bother with javascript in there. ICBW, but I don't think it buys you anything. And some of your family may decide to turn javascript in their browsers off.
</body> </html>
-------------------------------------------------------------
#!/usr/bin/perl -w
use strict; use CGI ':standard';
I didn't notice that you had used anything from CGI in the script. Might as well comment it out.
my $filename = param('picname');
Did you follow what was said about ../../ someodd with /etc at the end?
It's a good way to dump all sorts of things about your machine into someone else's browser, including user names and ids, the entire httpd.conf file, and so forth.
That's why I don't usually accept filenames in scripts. But if you do, you need to check for / at the top or ../ anywhere, and balk if you get those. It can get kind of tricky, since \/ is /.
my $path = "/images/$filename";
For instance, somebody puts this in their browser:
http://your.domain.com/cgi-bin/download.cgi?picname=../etc/httpd/ httpd.conf
binmode STDOUT; print "Content-Disposition: attachment;filename=$filename\n"; print "Content-Type: application/octet-stream\n\n";
If you _had_ been using CGI, the above two lines could have created some subtle conflicts.
open (FILE, "> $path") || die("Can't open($filename): $!");
This is why you got the attempted download that stalled, of course. That die statement won't do much useful. Well, if it were going out STDOUT, it might have shown up as your downloaded file.
You'll want to look into using a logging file or the http version of carp.
my $data = <FILE>; close (FILE);
print $data;
exit;
-- Joel Rees Nothing to say today so I'll say nothing: Nothing.
