HEX
Server: Apache/2.4.61 (Ubuntu)
System: Linux hosting106 7.0.12-1-pve #1 SMP PREEMPT_DYNAMIC PMX 7.0.12-1 (2026-06-09T21:07Z) x86_64
User: clinicadentalargarate.com (1193)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: //usr/share/webmin/servers/link.cgi
#!/usr/bin/perl
# link.cgi
# Forward the URL from path_info on to another webmin server

if ($ENV{'PATH_INFO'} =~ /^\/(\d+)\/([a-zA-Z0-9\-\/]+)\.(jar|class|gif|png)$/) {
	# Allow fetches of Java classes and images without a referer header,
	# as Java sometimes doesn't provide these
	$trust_unknown_referers = 1;
	}
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
require './servers-lib.pl';
our (%text, %gconfig, %access, $module_name, %tconfig);
$ENV{'PATH_INFO'} =~ /^\/(\d+)(.*)$/ ||
	&error("Bad PATH_INFO : $ENV{'PATH_INFO'}");
my $id = $1;
my $path = $2 ? &urlize("$2") : '/';
$path =~ s/^%2F/\//;
if ($ENV{'QUERY_STRING'}) {
	$path .= '?'.$ENV{'QUERY_STRING'};
	}
elsif (@ARGV) {
	$path .= '?'.join('+', @ARGV);
	}
my $s = &get_server($id);
&can_use_server($s) || &error($text{'link_ecannot'});
$access{'links'} || &error($text{'link_ecannot'});
my $url = "@{[&get_webprefix()]}/$module_name/link.cgi/$s->{'id'}";
$| = 1;
my $meth = $ENV{'REQUEST_METHOD'};
my %miniserv;
&get_miniserv_config(\%miniserv);

my ($user, $pass);
if ($s->{'autouser'}) {
	# Login is variable .. check if we have it yet
	if ($ENV{'HTTP_COOKIE'} =~ /$id=(\S+)/) {
		# Yes - set the login and password to use
		($user, $pass) = split(/:/, &decode_base64("$1"));
		}
	else {
		# No - need to display a login form
		&ui_print_header(undef, $text{'login_title'}, "");

		print &text('login_desc', "<tt>$s->{'host'}</tt>"),"<p>\n";

		print &ui_form_start(
			"@{[&get_webprefix()]}/$module_name/login.cgi", "post");
		print &ui_hidden("id", $id);

		print &ui_table_start($text{'login_header'}, undef, 2);
		print &ui_table_row($text{'login_user'},
			&ui_textbox("user", undef, 20));
		print &ui_table_row($text{'login_pass'},
			&ui_password("pass", undef, 20));
		print &ui_table_end();

		print &ui_form_end([ [ undef, $text{'login_login'} ] ]);

		&ui_print_footer("", $text{'index_return'});
		exit;
		}
	}
elsif ($s->{'sameuser'}) {
	# Login comes from this server
	$user = $main::remote_user;
	defined($main::remote_pass) || &error($text{'login_esame'});
	$pass = $main::remote_pass;
	}
else {
	# Login is fixed
	$user = $s->{'user'};
	$pass = $s->{'pass'};
	}

# Connect to the server
my $con = &make_http_connection($s->{'ip'} || $s->{'host'}, $s->{'port'},
			        $s->{'ssl'}, $meth, $path, undef, undef,
				{ 'host' => $s->{'host'},
				  'nocheckhost' => !$s->{'checkssl'} });
&error($con) if (!ref($con));

# Send request headers
&write_http_connection($con, "Host: $s->{'host'}\r\n");
&write_http_connection($con, "User-agent: Webmin\r\n");
my $auth = &encode_base64("$user:$pass");
$auth =~ s/\n//g;
&write_http_connection($con, "Authorization: basic $auth\r\n");
my ($http_host, $http_port);
if ($ENV{'HTTP_HOST'} =~ /^(\S+):(\d+)$/) {
	# Browser supplies port
	$http_host = $1;
	$http_port = $2;
	}
elsif ($ENV{'HTTP_HOST'}) {
	# Browser only supplies host
	$http_host = $ENV{'HTTP_HOST'};
	$http_port = $ENV{'SERVER_PORT'} || $miniserv{'port'} || 80;
	}
else {
	# Web server supplies host and port
	$http_host = $ENV{'SERVER_NAME'};
	$http_port = $ENV{'SERVER_PORT'};
	}
my $http_prot = $ENV{'HTTPS'} eq "ON" ? "https" : "http";
&write_http_connection($con, sprintf(
			"Webmin-servers: %s://%s:%d%s/%s\n",
			$http_prot, $http_host, $http_port,
			@{[&get_webprefix()]},
			$tconfig{'inframe'} ? "" : "$module_name/"));
&write_http_connection($con, sprintf(
			"Webmin-path: %s://%s:%d%s/%s/link.cgi%s\n",
			$http_prot, $http_host, $http_port,
			@{[&get_webprefix()]}, $module_name,
			$ENV{'PATH_INFO'}));
if ($ENV{'HTTP_WEBMIN_PATH'}) {
	&write_http_connection($con, sprintf(
			"Complete-webmin-path: %s%s\n",
			$ENV{'HTTP_WEBMIN_PATH'}));
	}
else {
	&write_http_connection($con, sprintf(
			"Complete-webmin-path: %s://%s:%d%s/%s/link.cgi%s\n",
			$http_prot, $http_host, $http_port,
			@{[&get_webprefix()]}, $module_name,
			$ENV{'PATH_INFO'}));
	}
my $cl = $ENV{'CONTENT_LENGTH'};
&write_http_connection($con, "Content-length: $cl\r\n") if ($cl);
&write_http_connection($con, "Content-type: $ENV{'CONTENT_TYPE'}\r\n")
	if ($ENV{'CONTENT_TYPE'});
my $ref = $ENV{'HTTP_REFERER'};
if ($ref && $ref =~ /^.*\Q$url\E(.*)/) {
	my $rurl = ($s->{'ssl'} ? 'https' : 'http').'://'.$s->{'host'}.
		   ':'.$s->{'port'}.$1;
	&write_http_connection($con, "Referer: $rurl\r\n");
	}
&write_http_connection($con, "\r\n");
my $post;
if ($cl) {
	&read_fully(\*STDIN, \$post, $cl);
	&write_http_connection($con, $post);
	}

# read back the headers
my $dummy = &read_http_connection($con);
my ($header, $headers, $bad) = &read_http_headers($con);
if ($bad) {
	# Normalized and truncated
	$bad =~ s/[\x00-\x1f\x7f]+/ /g;
	$bad =~ s/\s+/ /g;
	$bad =~ s/^\s+|\s+$//g;
	$bad = substr($bad, 0, 200).(length($bad) > 200 ? "..." : "");
	&error("Bad header : ".&html_escape($bad));
	}

my $defport = $s->{'ssl'} ? 443 : 80;
if ($header->{'location'} &&
    ($header->{'location'} =~ /^(http|https):\/\/$s->{'host'}:$s->{'port'}(.*)$/||
     $header->{'location'} =~ /^(http|https):\/\/$s->{'host'}(.*)/ &&
     $s->{'port'} == $defport)) {
	# fix a redirect
	local $gconfig{'webprefixnoredir'} = 1;		# We've already added
							# webprefix, so no need
							# to add it again
	&redirect("$url$2");
	exit;
	}
elsif ($header->{'www-authenticate'}) {
	# Invalid login
	my $detail = &get_http_auth_reason($header);
	if ($s->{'autouser'}) {
		print "Set-Cookie: $id=; path=/\n";
		my $msg = &text('link_eautologin', $s->{'host'},
		     "@{[&get_webprefix()]}/$module_name/link.cgi/$id/");
		$msg .= "<br>".&html_escape($detail) if ($detail);
		&error($msg);
		}
	else {
		my $msg = &text('link_elogin', $s->{'host'}, $user);
		$msg .= " : ".&html_escape($detail) if ($detail);
		&error($msg);
		}
	}
else {
	# just output the headers
	print $headers,"\n";
	}

# read back the rest of the page
if ($header->{'content-type'} &&
    $header->{'content-type'} =~ /text\/html/ &&
    !$header->{'x-no-links'}) {
	# Fix up HTML
	while($_ = &read_http_connection($con)) {
		s/src='(\/[^']*)'/src='$url$1'/gi;
		s/src="(\/[^"]*)"/src="$url$1"/gi;
		s/src=(\/[^ "'>]*)/src=$url$1/gi;
		s/href='(\/[^']*)'/href='$url$1'/gi;
		s/href="(\/[^"]*)"/href="$url$1"/gi;
		s/href=(\/[^ >"']*)/href=$url$1/gi;
		s/action='(\/[^']*)'/action='$url$1'/gi;
		s/action="(\/[^"]*)"/action="$url$1"/gi;
		s/action=(\/[^ "'>]*)/action=$url$1/gi;
		s/\.location\s*=\s*'(\/[^']*)'/.location='$url$1'/gi;
		s/\.location\s*=\s*"(\/[^']*)"/.location="$url$1"/gi;
		s/window.open\("(\/[^"]*)"/window.open\("$url$1"/gi;
		s/name=return\s+value="(\/[^"]*)"/name=return value="$url$1"/gi;
		s/param\s+name=config\s+value='(\/[^']*)'/param name=config value='$url$1'/gi;
		s/param\s+name=config\s+value="(\/[^']*)"/param name=config value="$url$1"/gi;
		s/param\s+name=config\s+value=(\/[^']*)/param name=config value=$url$1/gi;
		print;
		if (/<applet.*archive=file.jar.*>/) {
			# Remote webmin file manager applet - give it the 
			# session ID on *this* system
			print "<param name=session value=\"$main::session_id\">\n";
			}
		}
	}
elsif ($header->{'content-type'} &&
       $header->{'content-type'} =~ /text\/css/ &&
       !$header->{'x-no-links'}) {
	# Fix up CSS
	while($_ = &read_http_connection($con)) {
		s/url\("(\/[^"]*)"\)/url\("$url$1"\)/gi;
		print;
		}
	}
else {
	# Just pass through
	my $bs = &get_buffer_size();
	while(my $buf = &read_http_connection($con, $bs)) {
		print $buf;
		}
	}
&close_http_connection($con);