You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by fatjoez <fa...@gmail.com> on 2006/12/10 11:55:14 UTC
Modifying perl upload script to handle 10 files instead of 1?

Hey there.

I've been trying to modify my file upload script so that it handles 10 files
instead of one.

i was thinking the most straightforward way would be to add a FOR LOOP?
placed strategically somewhere like just before the my variables get
declared???

the POST input name is "fileup" so maybe i could call them fileup1, fileup2
etc.

This is the upld.pl script itself.

[code]#!/usr/bin/perl -w

use CGI;
use CGI::Carp "fatalsToBrowser";
use strict;
use DBI;
use Data::Dumper;
use Digest::MD5  qw(md5 md5_hex md5_base64);

require 'dbconfig.pl';
require 'functions.pl';
require 'server.pl';
my %server = &getServer();
my %config = &getDbConfig();

# Dump Post Data To File
my $post_length;
my $tmpfiledir = 'temp/';
my $filedir = 'files/';
my $query;
my $tmpfilename;
my $filename;
my $line;
my $f;
my $readline;
my $seperator;
my $ender;
my $fread;
my $key;
my $value;
my $lenfilename;
my %post;
my $cookie;
my $session;
my $result;
my $unique;
my $session_expire;
$post_length = $ENV{'CONTENT_LENGTH'};

binmode STDIN;

my $dbh;
$dbh =
DBI->connect('dbi:mysql:'.$config{'db_database'}.':'.$config{'db_server'},$config{'db_user'},$config{'db_password'})
  or die ($dbh::errstr);
  
my %config = &getConfig($dbh);

my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
$year += 1900;
$mon++;
$filedir .= sprintf('%02d%02d%02d',$year,$mon,$mday);
mkdir $filedir;
$query = $ENV{'QUERY_STRING'};
if($query =~ /unique=([a-f0-9]{32})/){
  $tmpfilename = $tmpfiledir . $1;
  $unique = $1;
  $filename = $filedir  . "/$unique";
} else {
  # Some error message here
  print "Content-type: text/html\n\n";
  print "Error";
  exit;
}

$lenfilename = $tmpfilename . '.size';
open TEMPFILE, ">$lenfilename";
print TEMPFILE $post_length;
close TEMPFILE;

open TEMPFILE, ">$tmpfilename";
binmode TEMPFILE;
while (read STDIN, $f, 4096 && $post_length > 0){
  print TEMPFILE $f;
  $post_length -= length $f;
}
close TEMPFILE;

open TEMPFILE, "<$tmpfilename";
binmode TEMPFILE;
$seperator = <TEMPFILE>;
$seperator =~ /(.+?)(\r?\n)/;
$ender = "$1--$2";
my $fsize = 0;
while ($readline = <TEMPFILE>){

  if ($readline =~ /^Content-Disposition: form-data; name="fileup";
filename="(.+?)"/)
  {
    $post{'filename'} = $1;
    open DFILE, ">$filename";
    binmode DFILE;
    $fread = <TEMPFILE>;
    $post{'contenttype'} = '';
    if($fread =~ /^Content-Type: ([a-zA-Z0-9\/-]+)/){
      $post{'contenttype'} = $1;
    }
    $fread = <TEMPFILE>;
    while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne
$ender)){
    	$fsize += length $fread;
      print DFILE $fread;
    }
    close DFILE;
  }
  else{
  if ($readline =~ /^Content-Disposition: form-data; name="(.*?)"/){
    $key = $1;
    $fread = <TEMPFILE>;
    $value = '';
    while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne
$ender)){
      $value .= $fread;
    }
    $value =~ s/^(.*)\r\n$/$1/;
    $post{$key} = $value;
  }
  }  
}

if($fsize > $config{'upload_max_size'}){
  print "Content-type: text/html\n\n";
  print "<html><head><title>File Uploaded</title></head><body
onload=\"parent.location.href='".$config{'site_basedir'}."/filetoobig/'\">";
  print "File Too Big";
  print "</body></html>";
  die();
}

my $extension = '';
if($post{filename} =~ /\.([^\.]+)$/){
  $extension = $1;
}

if ($config{upload_blocked_extensions} =~ /\b$extension\b/){
  $post{filename} .= '.renamethis';
}

close TEMPFILE;

$session_expire = $config{'user_session_expire'};

print "Content-type: text/html\n\n";

$cookie = $ENV{'HTTP_COOKIE'};
if($cookie =~ /session=([a-f0-9]{32})/){ 
  $session = $dbh->quote($1);
} else {
  $session = "''";
}
my $userip = $ENV{REMOTE_ADDR};

$query = "SELECT `session_user_index` FROM `sessions` WHERE
`session_unique`= $session AND `session_time`>(UNIX_TIMESTAMP() -
$session_expire) LIMIT 0,1;";

$result = $dbh->prepare($query);
$result->execute()
  or die $result::errst;

my $userindex;
$userindex = $result->fetchrow();
if ($userindex){
  #user is logged in
} else {
  # user is not logged in
  $userindex = -1;
}

if($post{'filename'} =~ /\/([^\/])$/){
	$post{'filename'} = $1;
}

$query = "INSERT INTO `files`
(`file_server_index`,`file_unique`,`file_disk_location`,`file_name`,`file_mime`,`file_size`,`file_user_index`,`file_description`,`file_upload_ip`,`file_upload_time`,`file_hits`,`file_downloads`,file_last_download_time)
VALUES (".
  $dbh->quote($server{'server_index'}).','.
  $dbh->quote($unique).','.
  $dbh->quote($filename).','.
  $dbh->quote($post{'filename'}).','.
  $dbh->quote($post{'contenttype'}).','.
  $dbh->quote($fsize).','.
  $dbh->quote($userindex).','.
  $dbh->quote($post{'description'}).','.
  $dbh->quote($userip).','.
  $dbh->quote(time).','.
  '0,0,UNIX_TIMESTAMP()'.  
  ");";
  
$result = $dbh->prepare($query);
#print $query;
$result->execute
  or die $result::errstr;
  
print "<html><head><title>File Uploaded</title></head><body
onload=\"parent.location.href='".$config{'site_basedir'}."/fileuploaded/$unique'\">";
print "File uploaded sucessfully";
print "</body></html>";

#################################[/code]

Anyone know if i can simply wrap it in a for loop? and if so where & would
references would i need to change? I assume only the "fileup" texts?
-- 
View this message in context: http://www.nabble.com/Modifying-perl-upload-script-to-handle-10-files-instead-of-1--tf2788786.html#a7780799
Sent from the mod_perl - General mailing list archive at Nabble.com.