Training, Open Source computer languages
PerlPHPPythonMySQLApache / TomcatTclRubyJavaC and C++LinuxCSS 
Search for:
Home Accessibility Courses Diary The Mouth Forum Resources Site Map About Us Contact
 
For 2023 (and 2024 ...) - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
Modifying a perl file upload script to handle 10 f

Posted by fatjoez (fatjoez), 10 December 2006
Hey there.

I've been trying to modify my file upload script so that it handles 10 files instead of one.

i was thinking the most straightforward way would be to add a FOR LOOP? placed strategically somewhere like just before the my variables get declared

the POST input name is "fileup" so maybe i could call them fileup1, fileup2 etc.

This is the upld.pl script itself.

Anyone know if i can simply wrap it in a for loop? and if so where & would references would i need to change? I assume only the "fileup" texts?

Code:
#!/usr/bin/perl -w

use CGI;
use CGI::Carp "fatalsToBrowser";
use strict;
use DBI;
use Data::Dumper;
use Digest::MD5  qw(md5 md5_hex md5_base64);

require 'dbconfig.pl';
require 'functions.pl';
require 'server.pl';
my %server = &getServer();
my %config = &getDbConfig();

# Dump Post Data To File
my $post_length;
my $tmpfiledir = 'temp/';
my $filedir = 'files/';
my $query;
my $tmpfilename;
my $filename;
my $line;
my $f;
my $readline;
my $seperator;
my $ender;
my $fread;
my $key;
my $value;
my $lenfilename;
my %post;
my $cookie;
my $session;
my $result;
my $unique;
my $session_expire;
$post_length = $ENV{'CONTENT_LENGTH'};

binmode STDIN;

my $dbh;
$dbh = DBI->connect('dbi:mysql:'.$config{'db_database'}.':'.$config{'db_server'},$config{'db_user'},$config{'db_password'})
 or die ($dbh::errstr);
 
my %config = &getConfig($dbh);

my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
$year += 1900;
$mon++;
$filedir .= sprintf('%02d%02d%02d',$year,$mon,$mday);
mkdir $filedir;
$query = $ENV{'QUERY_STRING'};
if($query =~ /unique=([a-f0-9]{32})/){
 $tmpfilename = $tmpfiledir . $1;
 $unique = $1;
 $filename = $filedir  . "/$unique";
} else {
 # Some error message here
 print "Content-type: text/html\n\n";
 print "Error";
 exit;
}

$lenfilename = $tmpfilename . '.size';
open TEMPFILE, ">$lenfilename";
print TEMPFILE $post_length;
close TEMPFILE;

open TEMPFILE, ">$tmpfilename";
binmode TEMPFILE;
while (read STDIN, $f, 4096 && $post_length > 0){
 print TEMPFILE $f;
 $post_length -= length $f;
}
close TEMPFILE;

open TEMPFILE, "<$tmpfilename";
binmode TEMPFILE;
$seperator = <TEMPFILE>;
$seperator =~ /(.+?)(\r?\n)/;
$ender = "$1--$2";
my $fsize = 0;
while ($readline = <TEMPFILE>){

 if ($readline =~ /^Content-Disposition: form-data; name="fileup"; filename="(.+?)"/)
 {
   $post{'filename'} = $1;
   open DFILE, ">$filename";
   binmode DFILE;
   $fread = <TEMPFILE>;
   $post{'contenttype'} = '';
   if($fread =~ /^Content-Type: ([a-zA-Z0-9\/-]+)/){
     $post{'contenttype'} = $1;
   }
   $fread = <TEMPFILE>;
   while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne $ender)){
         $fsize += length $fread;
     print DFILE $fread;
   }
   close DFILE;
 }
 else{
 if ($readline =~ /^Content-Disposition: form-data; name="(.*?)"/){
   $key = $1;
   $fread = <TEMPFILE>;
   $value = '';
   while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne $ender)){
     $value .= $fread;
   }
   $value =~ s/^(.*)\r\n$/$1/;
   $post{$key} = $value;
 }
 }  
}

if($fsize > $config{'upload_max_size'}){
 print "Content-type: text/html\n\n";
 print "<html><head><title>File Uploaded</title></head><body onload=\"parent.location.href='".$config{'site_basedir'}."/filetoobig/'\">";
 print "File Too Big";
 print "</body></html>";
 die();
}

my $extension = '';
if($post{filename} =~ /\.([^\.]+)$/){
 $extension = $1;
}

if ($config{upload_blocked_extensions} =~ /\b$extension\b/){
 $post{filename} .= '.renamethis';
}

close TEMPFILE;

$session_expire = $config{'user_session_expire'};

print "Content-type: text/html\n\n";

$cookie = $ENV{'HTTP_COOKIE'};
if($cookie =~ /session=([a-f0-9]{32})/){
 $session = $dbh->quote($1);
} else {
 $session = "''";
}
my $userip = $ENV{REMOTE_ADDR};

$query = "SELECT `session_user_index` FROM `sessions` WHERE `session_unique`= $session AND `session_time`>(UNIX_TIMESTAMP() - $session_expire) LIMIT 0,1;";

$result = $dbh->prepare($query);
$result->execute()
 or die $result::errst;

my $userindex;
$userindex = $result->fetchrow();
if ($userindex){
 #user is logged in
} else {
 # user is not logged in
 $userindex = -1;
}

if($post{'filename'} =~ /\/([^\/])$/){
     $post{'filename'} = $1;
}

$query = "INSERT INTO `files` (`file_server_index`,`file_unique`,`file_disk_location`,`file_name`,`file_mime`,`file_size`,`file_user_index`,`file_description`,`file_upload_ip`,`file_upload_time`,`file_hits`,`file_downloads`,file_last_download_time) VALUES (".
 $dbh->quote($server{'server_index'}).','.
 $dbh->quote($unique).','.
 $dbh->quote($filename).','.
 $dbh->quote($post{'filename'}).','.
 $dbh->quote($post{'contenttype'}).','.
 $dbh->quote($fsize).','.
 $dbh->quote($userindex).','.
 $dbh->quote($post{'description'}).','.
 $dbh->quote($userip).','.
 $dbh->quote(time).','.
 '0,0,UNIX_TIMESTAMP()'.  
 ");";
 
$result = $dbh->prepare($query);
#print $query;
$result->execute
 or die $result::errstr;
 
print "<html><head><title>File Uploaded</title></head><body onload=\"parent.location.href='".$config{'site_basedir'}."/fileuploaded/$unique'\">";
print "File uploaded sucessfully";
print "</body></html>";

#################################


Posted by admin (Graham Ellis), 10 December 2006
That's a long piece of code - I would suggest you cut it down to a simple upload script - perhaps 20 or 30 lines - and experiment with that.

Yes, you should be able to do it in a loop - but you will need the form to have 10 file buttons on it and to select each individually and I'm guessing that might not be what you want to do?

Posted by fatjoez (fatjoez), 10 December 2006
yeah preferably don't want to press 10 submit buttons.

But thats what I was thinking a cheap way to do it I thought would be to post 10 forms to iframes.... So yeah 10 buttons & 10 uploads

Watcha think

Posted by admin (Graham Ellis), 10 December 2006
You'll need 10 file buttons, but only one submit.  I don't think you'll be able to have the web page / javascript increment the file name or anything like that, since - were such a facility available - it would provide unscripulous website owners with a way of grabbing files when the user didn't want them to.  So it's not allowed for security reasons!



This page is a thread posted to the opentalk forum at www.opentalk.org.uk and archived here for reference. To jump to the archive index please follow this link.

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2024: Well House Manor • 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho