2 problems uploading files - Image::Size and $CGI::POST_MAX

[ibjdt]

problem1
i use the script below to allow image upload through my site. although i restrict the file size to 20Kb with

$CGI:OST_MAX = 1024 * 20;

i am able to upload any file size.

use File::Basename;
		$CGI::POST_MAX = 1024 * 20;
		$safe_filename_characters = "a-zA-Z0-9_.-";
		@images = qw (image1 image2 image3 image4);
		@types = qw (.jpeg .jpg .gif .bmp .png .art);
		foreach $image(@images) {
			if ($input{$image}) {
				$filename = "$input{$image}";
				if ( !$filename ) { $uploadError++; $ERROR_MSG .= "<img src=/graphics/icons/info.gif> <font color=red>Please check image file size (20Kb max): $input{$image}</font><br>"; }
				( $name, $path, $extension ) = fileparse ( $filename, '\..*' );
				$filename =~ s/[^$safe_filename_characters]//g;
				$ERROR_MSG .= "<img src=/graphics/icons/info.gif> <font color=red>Image filename contains invalid characters: $input{$image}</font><br>" unless ( $filename =~ /^([$safe_filename_characters]+)$/ );
				$uploadError++ unless ( $filename =~ /^([$safe_filename_characters]+)$/ );
				$extOK = '';
				foreach $type(@types) { if ($extension eq $type) { $extOK++; last; } }
				$ERROR_MSG .= "<img src=/graphics/icons/info.gif> <font color=red>Invalid image file type: $input{$image}</font><br>" if (!$extOK);
				$uploadError++ if (!$extOK);
			}
		}

problem2
when the uploaded images are viewed on screen, i want them restricted to width=100 so i tried

use Image::Size;
						if ($image1) { ($width,$height) = imgsize($image1); $w="100" if ($width > 100); $IMAGE = "<a href=/ad_photos/$image1 target=_blank><img src=/ad_photos/$image1 width=$w border=0></a><p>"; }

but the resulting code is

<a href=/ad_photos/photoname.jpg target=_blank><img src=/ad_photos/photoname.jpg width= border=0></a><p>

does use Image::Size have to be in the script hdr? right now i have it just above the part of the script where it's used (as shown above).

thanks for the help.

 

[ibjdt]

...i found the problem with Image::Size

i forgot to include the path to the image

($width,$height) = imgsize("/home/.../ad_photos/$image1");

i still have the issue with the file size.

thanks.

 

[travs69]

I don't even see where you are using CGI to upload the images..

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Travis - Those who say it cannot be done are usually interrupted by someone else doing it; Give the wrong symptoms, get the wrong solutions;

 

[Kirsle]

if ($image1) { ($width,$height) = imgsize($image1); [red]$w[/red]="100" if ([blue]$width[/blue] > 100); $IMAGE = "<a href=/ad_photos/$image1 target=_blank><img src=/ad_photos/$image1 width=[red]$w[/red] border=0></a><p>"; }

According to this code, $w, an undefined variable, is set to 100 only if $width is > 100. What if $width is <= 100? $w is never defined /at all/. Then you use $w as the "width=" attribute of the img tag. If $width is <= 100, $w is undefined, so no width is imposed on the img tag at all. Maybe you want "$width = 100 if $width < 100;" and "<img .. width=$width"?

Your first block of code about the upload makes no sense at all and nowhere is CGI's upload code ever used.

Kirsle.net | My personal homepage

perl -e '$|=$i=1;print" oo\n<|>\n_|_";x:sleep$|;print"\b",$i++%2?"/":"_";goto x;'

 

[ibjdt]

in the image width code - i only alot 100 pixels for image width so i restrict image width to 100 if it's actually > 100. if width < 100 i allow the width to be whatever it actually is.

i could use $w = $width; $w = 100 if ($width > 100);
then always include width = $w in the img tag.

==========================================================

i got ahead of myself in the first block of code.
you're right - that block doesn't do the uploading.

i found this code

http://articles.sitepoint.com/article/uploading-files-cgi-perl/2

then modified it to first check for images that aren't allowed (file size, illegal characters, illegal extensions.

i then use the code again to upload if it meets my requirements.

i'm sure there is a better way.
i have 4 upload boxes (image 1, 2, 3, 4) and want to loop through to check each for the following:

1. image size (20 kb max)
2. unsafe characters
3. accepted image type / extension (.jpeg .jpg .gif .bmp .png .art)

if any image violates the rules $ERROR_MSG will have a value and i return the form with the error message. otherwise, i continue to upload the images.

i appreciate all suggestions