468,512 Members | 1,474 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,512 developers. It's quick & easy.

Expanding a file upload script to handle 10 files instead of 1?

Hey there.

I've been trying to modify my file upload script so that it handles 10 files instead of one.

i was thinking the most straightforward way would be to add a FOR LOOP? placed strategically somewhere like just before the my variables get declared???

the POST input name is "fileup" so maybe i could call them fileup1, fileup2 etc.

This is the upld.pl script itself.

Expand|Select|Wrap|Line Numbers
  1. #!/usr/bin/perl -w
  2.  
  3. use CGI;
  4. use CGI::Carp "fatalsToBrowser";
  5. use strict;
  6. use DBI;
  7. use Data::Dumper;
  8. use Digest::MD5  qw(md5 md5_hex md5_base64);
  9.  
  10. require 'dbconfig.pl';
  11. require 'functions.pl';
  12. require 'server.pl';
  13. my %server = &getServer();
  14. my %config = &getDbConfig();
  15.  
  16. # Dump Post Data To File
  17. my $post_length;
  18. my $tmpfiledir = 'temp/';
  19. my $filedir = 'files/';
  20. my $query;
  21. my $tmpfilename;
  22. my $filename;
  23. my $line;
  24. my $f;
  25. my $readline;
  26. my $seperator;
  27. my $ender;
  28. my $fread;
  29. my $key;
  30. my $value;
  31. my $lenfilename;
  32. my %post;
  33. my $cookie;
  34. my $session;
  35. my $result;
  36. my $unique;
  37. my $session_expire;
  38. $post_length = $ENV{'CONTENT_LENGTH'};
  39.  
  40. binmode STDIN;
  41.  
  42. my $dbh;
  43. $dbh = DBI->connect('dbi:mysql:'.$config{'db_database'}.':'.$config{'db_server'},$config{'db_user'},$config{'db_password'})
  44.   or die ($dbh::errstr);
  45.  
  46. my %config = &getConfig($dbh);
  47.  
  48. my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
  49. $year += 1900;
  50. $mon++;
  51. $filedir .= sprintf('%02d%02d%02d',$year,$mon,$mday);
  52. mkdir $filedir;
  53. $query = $ENV{'QUERY_STRING'};
  54. if($query =~ /unique=([a-f0-9]{32})/){
  55.   $tmpfilename = $tmpfiledir . $1;
  56.   $unique = $1;
  57.   $filename = $filedir  . "/$unique";
  58. } else {
  59.   # Some error message here
  60.   print "Content-type: text/html\n\n";
  61.   print "Error";
  62.   exit;
  63. }
  64.  
  65. $lenfilename = $tmpfilename . '.size';
  66. open TEMPFILE, ">$lenfilename";
  67. print TEMPFILE $post_length;
  68. close TEMPFILE;
  69.  
  70. open TEMPFILE, ">$tmpfilename";
  71. binmode TEMPFILE;
  72. while (read STDIN, $f, 4096 && $post_length > 0){
  73.   print TEMPFILE $f;
  74.   $post_length -= length $f;
  75. }
  76. close TEMPFILE;
  77.  
  78. open TEMPFILE, "<$tmpfilename";
  79. binmode TEMPFILE;
  80. $seperator = <TEMPFILE>;
  81. $seperator =~ /(.+?)(\r?\n)/;
  82. $ender = "$1--$2";
  83. my $fsize = 0;
  84. while ($readline = <TEMPFILE>){
  85.  
  86.   if ($readline =~ /^Content-Disposition: form-data; name="fileup"; filename="(.+?)"/)
  87.   {
  88.     $post{'filename'} = $1;
  89.     open DFILE, ">$filename";
  90.     binmode DFILE;
  91.     $fread = <TEMPFILE>;
  92.     $post{'contenttype'} = '';
  93.     if($fread =~ /^Content-Type: ([a-zA-Z0-9\/-]+)/){
  94.       $post{'contenttype'} = $1;
  95.     }
  96.     $fread = <TEMPFILE>;
  97.     while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne $ender)){
  98.         $fsize += length $fread;
  99.       print DFILE $fread;
  100.     }
  101.     close DFILE;
  102.   }
  103.   else{
  104.   if ($readline =~ /^Content-Disposition: form-data; name="(.*?)"/){
  105.     $key = $1;
  106.     $fread = <TEMPFILE>;
  107.     $value = '';
  108.     while (($fread = <TEMPFILE>) && ($fread ne $seperator) && ($fread ne $ender)){
  109.       $value .= $fread;
  110.     }
  111.     $value =~ s/^(.*)\r\n$/$1/;
  112.     $post{$key} = $value;
  113.   }
  114.   }  
  115. }
  116.  
  117. if($fsize > $config{'upload_max_size'}){
  118.   print "Content-type: text/html\n\n";
  119.   print "<html><head><title>File Uploaded</title></head><body onload=\"parent.location.href='".$config{'site_basedir'}."/filetoobig/'\">";
  120.   print "File Too Big";
  121.   print "</body></html>";
  122.   die();
  123. }
  124.  
  125. my $extension = '';
  126. if($post{filename} =~ /\.([^\.]+)$/){
  127.   $extension = $1;
  128. }
  129.  
  130. if ($config{upload_blocked_extensions} =~ /\b$extension\b/){
  131.   $post{filename} .= '.renamethis';
  132. }
  133.  
  134. close TEMPFILE;
  135.  
  136. $session_expire = $config{'user_session_expire'};
  137.  
  138. print "Content-type: text/html\n\n";
  139.  
  140. $cookie = $ENV{'HTTP_COOKIE'};
  141. if($cookie =~ /session=([a-f0-9]{32})/){ 
  142.   $session = $dbh->quote($1);
  143. } else {
  144.   $session = "''";
  145. }
  146. my $userip = $ENV{REMOTE_ADDR};
  147.  
  148. $query = "SELECT `session_user_index` FROM `sessions` WHERE `session_unique`= $session AND `session_time`>(UNIX_TIMESTAMP() - $session_expire) LIMIT 0,1;";
  149.  
  150. $result = $dbh->prepare($query);
  151. $result->execute()
  152.   or die $result::errst;
  153.  
  154. my $userindex;
  155. $userindex = $result->fetchrow();
  156. if ($userindex){
  157.   #user is logged in
  158. } else {
  159.   # user is not logged in
  160.   $userindex = -1;
  161. }
  162.  
  163. if($post{'filename'} =~ /\/([^\/])$/){
  164.     $post{'filename'} = $1;
  165. }
  166.  
  167. $query = "INSERT INTO `files` (`file_server_index`,`file_unique`,`file_disk_location`,`file_name`,`file_mime`,`file_size`,`file_user_index`,`file_description`,`file_upload_ip`,`file_upload_time`,`file_hits`,`file_downloads`,file_last_download_time) VALUES (".
  168.   $dbh->quote($server{'server_index'}).','.
  169.   $dbh->quote($unique).','.
  170.   $dbh->quote($filename).','.
  171.   $dbh->quote($post{'filename'}).','.
  172.   $dbh->quote($post{'contenttype'}).','.
  173.   $dbh->quote($fsize).','.
  174.   $dbh->quote($userindex).','.
  175.   $dbh->quote($post{'description'}).','.
  176.   $dbh->quote($userip).','.
  177.   $dbh->quote(time).','.
  178.   '0,0,UNIX_TIMESTAMP()'.  
  179.   ");";
  180.  
  181. $result = $dbh->prepare($query);
  182. #print $query;
  183. $result->execute
  184.   or die $result::errstr;
  185.  
  186. print "<html><head><title>File Uploaded</title></head><body onload=\"parent.location.href='".$config{'site_basedir'}."/fileuploaded/$unique'\">";
  187. print "File uploaded sucessfully";
  188. print "</body></html>";
  189.  
  190. #################################
Anyone know if i can simply wrap it in a for loop? and if so where & would references would i need to change? I assume only the "fileup" texts?
Dec 10 '06 #1
1 1611
GunnarH
83
I suggest that you use the CGI::UploadEasy module. Check out the example script for a starting point.
Dec 10 '06 #2

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

7 posts views Thread by ljuljacka | last post: by
6 posts views Thread by Vic Spainhower | last post: by
3 posts views Thread by dreamznatcher | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.