Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

File Uploading

Status
Not open for further replies.
JohnStep

JohnStep

Programmer
Apr 19, 2000
190
0
0
US
I need for users to U/L on to my web site via their browser. The code I used to accomplish this is as follows:

## Your path to where you want your files uploaded.
## Note: NO trailing slash
$basedir = "/files";

## Do you wish to allow all file types? yes/no (no capital letters)
$allowall = "no";

## If the above = "no"; then which is the only extention to allow?
## Remember to have the LAST 4 characters i.e. .ext
$theext = ".jpg";

## The page you wish it to forward to when done:
## I.E. $donepage = "


use CGI;
$onnum = 1;

while ($onnum != 11) {
my $req = new CGI;
my $file = $req->param("FILE$onnum");
if ($file ne "") {
my $fileName = $file;
$fileName =~ s!^.*(\\|\/)!!;
$newmain = $fileName;
if ($allowall ne "yes") {
if (lc(substr($newmain,length($newmain) - 4,4)) ne $theext){
$filenotgood = "yes";
}
}
if ($filenotgood ne "yes") {
open (OUTFILE, ">$basedir/$fileName");
print &quot;$basedir/$fileName<br>&quot;;
while (my $bytesread = read($file, my $buffer, 1024)) {
print OUTFILE $buffer;
}
close (OUTFILE);
}
}
$onnum++;
}

print &quot;Content-type: text/html\n&quot;;
print &quot;Location:$donepage\n\n&quot;;

But everytime I test it with Windows NT on a local server I keep getting a error 405 - Method not allowed.

I as well have activeperl installed. Does anyone know where I am going wrong? I am using Apache web server and it works cause I have successfully used other perl scripts. Or does anyone know of another way I can use uploading via a browser.

Thanks in advance,

John Stephens
[sig][/sig]
 
Sort by date Sort by votes
Hi John,

I'm afraid I can't give you an answer why the script isn't working for you.

I tried it myself as I have been looking for something to upload files from the browser through CGI aswell.

I don't get errors when running the script (although I changed some parts as some how 'use CGI;' never works on my server) but it doesn't save the file into the location $basedir!

I tried to print $file and $filename to the browser which were both empty so it seems the file doesn't get through to the script although it seems it is uploaded after click submit from the form as it is sending data. And I wonder what the function of $onnum exactly is.

Hopefully somebody can explain a bit more how this script works and what's going wrong!?

Jett,

Ps. another solution might be AspUpload (but I would like to keep it within Perl) [sig][/sig]
 
Upvote 0 Downvote
The code below is a trimmed down version of what I use reguarly. If the $fileID var is null, it produces a very simple input page. If $fileID is populated, it attempts to upload the file. Sorry, I don't have time right now to try your code. If you are still flailing, I might be able to get back to it late today or tomorrow. Hopefully, the code below will give some hints.

Code: 
#!/usr/local/bin/perl
use CGI;

$query = new CGI;
$thisCGI = $query->url();
print $query->header,$query->start_html(-title=>&quot;UPLOAD THIS&quot;);
print $query ->start_multipart_form('POST',&quot;$thisCGI&quot;);

my $fileID = $query->param('fileID');
@pathName = split(/\\/,$fileID);
# if $fileID is null, give input page
if (!($fileID))
        {
        print &quot;Enter or Browse to the file you would like to upload.<BR>\n&quot;;
        print $query->filefield(-name=>'fileID', -size=>50, -maxlength=>80);
        }

# if $fileID is not null, read file from remote machine and write locally.
if ($fileID)
        {
        $newFile = '/path/to/where/you/want/to/put/newFile/';
        $newFile .= pop(@pathName);

        # open a handle to the file you will write
        open(OPF,&quot;>$newFile&quot;) || &showError(&quot;Failed to open OPF, $!&quot;);

        # while you read from the remote machine, write to the output file.
        while ($bytesread=read($fileID,$buffer,1024)) { print OPF &quot;$buffer&quot;; }
        close OPF;

        # check to make sure the uploaded file is safe to keep
        $type = $query->uploadInfo($fileID)->{'Content-Type'};
        unless ($type =~ /text\/html/i) 
                {
                unlink $newFile;
                &showError(&quot;Dangerous file type.<BR>Deleted file.&quot;);
                }
        # un-comment this portion if you want to see output in your browser
        # print &quot;<BR>Upload of $newFile of type $type Successful<BR>\n&quot;;
        # open(IPF,&quot;<$newFile&quot;) or &showError(&quot;Failed to open uploaded file.&quot;);
        # while (<IPF>) { print &quot;$_&quot;; }
        # close IPF;
        }

print '<BR>',$query->submit('doWhat','uploadMe');
print $query->end_form;

print $query->end_html;

sub showError
{
# a generic complaint generator 
my @error = @_;
print &quot;<CENTER><font color=\&quot;\#ff4500\&quot;>Fatal ERROR - @error</font><BR>\n&quot;;
print &quot;Submission aborted - your data was not saved!!<BR>\n&quot;;
print &quot;Please use the BACK button to return to the previous page<BR>\n&quot;;
print &quot;and correct the error.<BR></CENTER>\n&quot;;
print $query->end_form,$query->end_html;
exit;
}

I hope this helps..... [sig]<p> <br><a href=mailto: > </a><br><a href= > </a><br> keep the rudder amid ship and beware the odd typo[/sig]
 
Upvote 0 Downvote
Thanks goBoating!

Initially I received a warning for 'Dangerous File' and uploading was cancelled. This happended twice with a *.gif file and a *.txt file. I commented the 'unless' part of the script and after this it did upload the file to the indicated folder. Any idea why both files were interpreted as being dangerous? And which other files are intepreted as being dangerous?

Anyway thanks again for the help and John, I hope the script works for you as well....

Regards,

Jett [sig][/sig]
 
Upvote 0 Downvote
Good Morning Jett,
When a file is uploaded via a browser, the browser sends its best guess (Content-Type) as to the type of the file (eg. exe or bat or html or txt, etc...). I had that block in my code to protect against people uploading anything other than a harmless text/html file. It helps prevent (does not totally prevent) people uploading potentially harmful files. You can use it or loose it ...up to you.....;^)

I do not know how the browser is making its guess as to the file type. Maybe according to the file extension, maybe be the permissions on a UNIX box, ??? I don't know. Consequently, I don't know how reliable that is as a danger filter.

' hope this helps. [sig]<p> <br><a href=mailto: > </a><br><a href= > </a><br> keep the rudder amid ship and beware the odd typo[/sig]
 
Upvote 0 Downvote

Go Boating and Jett,

Thanks for the information guys. Being a VB and VC developer I am fairly new to Perl. Now trying to figure out exactly Where to place the code without causing a 500 error. I do appreciate all the help

Take Care,
John Stephens [sig][/sig]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rob54321
  • Question
Perl how to read line from file with interpolation 1
Replies
6
Views
173
rob54321
rob54321
newbie1238585
  • Locked
  • Question
Perl how to read string in csv file * as wildcard operator
Replies
2
Views
110
mikrom
mikrom
Limbomusic
  • Locked
  • Question
Perl files getting accessed directly
Replies
0
Views
66
Limbomusic
Limbomusic
Tester_V
  • Locked
  • Question
Last match from a file
Replies
6
Views
121
mikrom
mikrom
Tester_V
  • Locked
  • Question
Need to sum all numbers in in all files (separately) in a directory 1
Replies
2
Views
73
Tester_V
Tester_V

Part and Inventory Search

Sponsor

Back
Top