Upload Script Problem!!!

seanknighton · #1 (**permalink**) 03-21-04, 10:54 PM

HELP!! I'm trying to figure out how to make this script capable of Upload AND form submission. The upload part of this script works great, but I can't figure out how to allow the user to enter in a description/email about the file they are uploading. I've tried an array of different things but the script errors out when I try and write commands for allowing such submissions. My ultimate goal is to allow people to upload these files but to also allow them to send comments about the upload and let them enter in their email so they can recieve a copy of the administrators email notification.

Thanks,
Sean

# CONFIGURE VARIABLES

$Data = "/nfs/cust/2/2222228/web/uploads";
# On your server, create a directory where this program will write the files
# to. Make sure you CHMOD this directory to 777. If you do NOT specify a $Data
# directory, the program will attempt to write to the web root directory.
# NOTE: YOU SHOULD ALWAYS SPECIFY A DIRECTORY TO STORE THE UPLOAD

@good_extensions = ();
# If you want to limit the types of extension that can be uploaded, specify them
# here by adding them to the array. For example, if you wanted to permit only
# the upload of gif's, jpg's and png's, then you would set the above array to
# look like this:
# @good_extensions = ('gif', 'jpg', 'jpeg', 'png');
#

@bad_extensions = ();
# If you want to permit the upload of all file types with only certain exceptions,
# then specify those extensins in the bad_extensions array. This means that if set
# this array to contain .exe, .pl, .cgi files, then the program will only store a
# file if the extension of that file is NOT found in this array.
# To set the array to exclude these sample extensions, you would set it like this:
# @bad_extensions = ('exe', 'cgi', 'pl');
#

# NOTE: If you specify both @good_extensions and @bad_extensions, then
# the settings in @bad_extensions will be ignored and the program will
# use @good_extensions as it's refrence.

$redirect = "";
# When the upload of files is complete, the program must print someting out on the
# browser screen. Set the $redirect variable to the full URL (don't forget the http://)
# that you want the person taken to once the program is finished. If you don't specify
# a URL here, the program will print out a simple upload summary page.

$max_size = 0;
# Set the maximum size of each file that is permitted. For example, if you only want
# files to be uploaded that are under 50Kb in size, set the value to:
# $max_size = 50;
# If you set the value to zero, remove it or comment it out, then the size of the
# uploaded file will NOT be checked.

$max_num_files = 5;
# You must specify the maximum number of files that can be uploaded at one time. You
# can set this to any number you want but be realistic. The limit before the server
# times out will depend on the maximum size of the upload. I have tested this program
# with ASCII files up to 8MB in size successfully but that was on a particularly
# robust server. I recommend that you set this no higher than 5 if you are going to
# be using this for larger binary files such as images or executables or word docs, etc.
# If you remove, comment out or set this value to zero, the program will default the
# value to 1 file.

$auto_rename = 1;
# This variable tells the program whether or not to over-write or reject like
# named files. Therefore, if you upload a file with a name that already exists
# on the server, set this value for the appropriate following results:
# 0 => Overwrite the existing file
# 1 => Leave existing file in place, serialize the name of the new
# new file (i.e. some_book.doc, some_book1.doc, some_book2.doc, etc)
# 2 => Reject the new file. Leaves the original file in place and rejects
# the new file so that it is not saved.
# The default setting of this var is 0.

$my_email = 'admin@....com';

$mailprog = '/usr/lib/sendmail -t';

$mail = 1;

$date_command = "/usr/bin/date";
$date = `$date_command +"%B %d, %Y"`; chop($date);

#
################################################## #####################################
#
# DO NOT EDIT ANYTHING BELOW THIS LINE
# UNLESS YOU KNOW WHAT YOU ARE DOING
#

if(($ENV{'QUERY_STRING'} =~ /^debug/) && !$no_debug) {
print "Pragma: no-cache\nContent-type: text/html\n\n";
print "<TITLE>PSUpload Demonstration Upload Program - Debug Mode</TITLE></HEAD><BODY BGCOLOR=\"#ffffff\" TEXT=\"#330066\" LINK=\"#336666\" ALINK=\"#336666\" VLINK=\"#336666\" BGCOLOR=\"#FFFFFF\"><FONT SIZE=\"2\" FACE=\"verdana, arial, helvetica\">\n";
print "<CENTER><B><H2>Charity Ware's PSUpload Program</H2></B><BR><BR><TABLE BORDER=0><TR><TD COLSPAN=2><FONT SIZE=\"2\" FACE=\"verdana, arial, helvetica\">\n";
print "<DL><DT><B>Your web root directory appears to be located at:</B><DD>$ENV{'DOCUMENT_ROOT'}<BR><BR><DT><B>You specified directory for storing the uploads is:</B><DD>$Data<BR><BR><DT><B>Your specified directory...</B><DD>\n";
if(-d $Data) {
print "...appears to be a valid directory.<BR><BR>Make sure this \$Data directory is CHMOD 777.\n";
} else {
print "...does not appear to be a valid directory.<BR><BR>\n";
unless($Data =~ /^$ENV{'DOCUMENT_ROOT'}/) {
print "The value you specified in the \$Data variable is incorrect. Please<BR>correct your \$Data variable and run debug again.<BR><BR>\n";
}
}
if($Data =~ /\/$/) {
print "<FONT COLOR=\"#FF0000\">NOTE: Your variable \$Data ends with a trailing slash. Please<BR>remove this trailing slash, upload the program again<BR>and run debug once more to see if you have a valid directory.</FONT><BR><BR>\n";
}
print "</DL><BR><BR></FONT></TD></TR><TR><TD WIDTH=\"50%\" VALIGN=\"TOP\"><FONT SIZE=\"2\" FACE=\"verdana, arial, helvetica\"><B>OS:</B><BR>$^O<BR><BR><B>Perl:</B><BR>$]</FONT></TD><TD VALIGN=\"TOP\"><FONT SIZE=\"2\" FACE=\"verdana, arial, helvetica\"><B>Installed:</B><BR>"; my @inst = split(/\//, $ENV{'SERVER_SOFTWARE'}); print join("<BR>", @inst); print"</FONT></TD></TR></TABLE><BR><BR><BR><BR><A HREF=\"http://www.charityware.ws/\">© 2001, Jim Melanson</A></CENTER><BR><BR></FONT></BODY></HTML>\n";
} else {
use CGI;
$max_num_files ||= 1;
$Data ||= $ENV{'DOCUMENT_ROOT'};
undef @bad_extensions if @good_extensions;
for(my $a = 1; $a <= $max_num_files; $a++) {
my $req = new CGI;
if($req->param("FILE$a")) {
my $file = $req->param("FILE$a");
my $filename = $file;
$filename =~ s/^.*(\\|\/)//;
$filename =~ s/ +/\_/g;
#For IE
$filename =~ s/ +/\_/g;
#For Opera
$filename =~ s/\"//g;
my $proceed_type = 0;
if(@good_extensions) {
foreach(@good_extensions) {
my $ext = $_;
$ext =~ s/\.//g;
if($filename =~ /\.$ext$/) {
$proceed_type = 1;
last;
}
}
unless($proceed_type) {
push(@was_not_good_type, $filename);
}
}
elsif(@bad_extensions) {
$proceed_type = 1;
foreach(@bad_extensions) {
my $ext = $_;
$ext =~ s/\.//g;
if($filename =~ /\.$ext$/) {
$proceed_type = 0;
last;
}
}
unless($proceed_type) {
push(@was_a_bad_type, $filename);
}
} else {
$proceed_type = 1;
}
if(($auto_rename == 2) && (-e "$Data/$filename")) {
$proceed_type = 0;
push(@rejected, $filename);
}
if($proceed_type) {
if((-e "$Data/$filename") && ($auto_rename == 1)) {
my $pick_new_name = 1;
my $fore_num = 1;
$filename =~ /^(.+)\.([^\.]+)$/;
my $front = $1;
my $ext = $2;
while($pick_new_name) {
my $test_name = $front . $fore_num . '.' . $ext;
unless(-e "$Data/$test_name") {
$pick_new_name = 0;
$filename = $test_name;
}
$fore_num++;
}
}
elsif((-e "$Data/$filename") && ($auto_rename == 2)) {
next;
}
if(open(OUTFILE, ">$Data/$filename")) {
while (my $bytesread = read($file, my $buffer, 1024)) {
print OUTFILE $buffer;
}
close (OUTFILE);
if($max_size) {
if((-s "$Data/$filename") > ($max_size * 1024)) {
push(@was_too_big, $filename);
unlink("$Data/$filename");
} else {
push(@file_did_save, $filename);
}
} else {
push(@file_did_save, $filename);
}
} else {
push(@did_not_save, $filename);
}
}
}
}
print "Pragma: no-cache\n";
if($redirect && ($redirect =~ /^http\:\/\//)) {
print "Location: $redirect\n\n";
} else {
print "Content-type: text/html\n\n";
print <<EOM;
<html>
<head>
<BASE HREF="http://www.searchyourplanet.com/">
<title>SearchYourPlanet.com - Upload Results</title>
<link rel=stylesheet HREF="css/all.css" TYPE="text/css">
<style type="text/css">
A:link { color:#0000A0; text-decoration:none; }, A:visited { color:#0000A0; text-decoration:none; }, A:active { color:#0000A0; text-decoration:none; }, a:hover { color:CC0000; text-decoration:underline; }
</style>
</head>

<body bgcolor=#FFFFFF TEXT=#000000 LINK=#0000A0 VLINK=#0000A0 ALINK=#0000A0>


<table width="570" border=0 cellspacing=0 cellpadding=0 align=center>
<tr><td valign=bottom rowspan=2 align=center width="133">
</td>
<tr>
<td valign=bottom width=83%><img src=pics/logo.jpg>



<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="bottom">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td rowspan="2" bgcolor="#cccccc"><img src="pics/nav/spacer.gif" width="1"></td>
<td colspan="2" height="1" valign="top" bgcolor="#cccccc"><img src="pics/nav/spacer.gif"></td>
<td background="pics/nav/baroff.jpg" rowspan="2" valign="top" align="right"><img src="pics/nav/taboff.gif" align="top"></td>
</tr>
<tr>
<td bgcolor="#E5E5E5">*</td>
<td align="center" bgcolor="#E5E5E5"><img src="pics/nav/spacer.gif" vspace="2"><br><b><font class="tab" style="width:5em;"><a href="">Web</a></font></b><br><img src="pics/nav/spacer.gif" vspace="1"><br></td>
</tr>
</table>
</td>
<td><img src="pics/nav/spacer.gif" hspace="1"></td>
<td valign="bottom">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td rowspan="2" bgcolor="#cccccc"><img src="pics/nav/spacer.gif" width="1"></td>
<td colspan="2" height="1" valign="top" bgcolor="#cccccc"><img src="pics/nav/spacer.gif"></td>
<td background="pics/nav/baroff.jpg" rowspan="2" valign="top" align="right"><img src="pics/nav/taboff.gif" align="top"></td>
</tr>
<tr>
<td bgcolor="#E5E5E5">*</td>
<td align="center" bgcolor="#E5E5E5"><img src="pics/nav/spacer.gif" vspace="2" border="0"><br><b><font class="tab" style="width:5em;"><a href="auctions/">Auctions</a></b></font><br><img src="pics/nav/spacer.gif" vspace="1" border="0"></td>
</tr>
</table>
</td>
<td><img src="pics/nav/spacer.gif" hspace="1"></td>
<td valign="bottom">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td rowspan="2" bgcolor="#cccccc"><img src="pics/nav/spacer.gif" width="1"></td>
<td colspan="2" height="1" valign="top" bgcolor="#cccccc"><img src="pics/nav/spacer.gif"></td>
<td background="pics/nav/baroff.jpg" rowspan="2" valign="top" align="right"><img src="pics/nav/taboff.gif" align="top"></td>
</tr>
<tr>
<td bgcolor="#E5E5E5">*</td>
<td align="center" bgcolor="#E5E5E5"><img src="pics/nav/spacer.gif" vspace="2" border="0"><br><b><font class="tab" style="width:5em;"><a href="shop/">Shopping</a></font></b><br><img src="pics/nav/spacer.gif" vspace="1" border="0"></td>
</tr>
</table>
</td>
<td><img src="pics/nav/spacer.gif" hspace="1"></td>
<td valign="bottom">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td rowspan="2" bgcolor="#cccccc"><img src="pics/nav/spacer.gif" width="1"></td>
<td colspan="2" height="1" valign="top" bgcolor="#cccccc"><img src="pics/nav/spacer.gif"></td>
<td background="pics/nav/baroff.jpg" rowspan="2" valign="top" align="right"><img src="pics/nav/taboff.gif" align="top"></td>
</tr>
<tr>
<td bgcolor="#E5E5E5">*</td>
<td align="center" bgcolor="#E5E5E5"><img src="pics/nav/spacer.gif" vspace="2" border="0"><br><b><font class="tab" style="width:5em;"><a href="news/">News</a></font></b><br><img src="pics/nav/spacer.gif" vspace="1" border="0"></td>
</tr>
</table>
</td>
<td><img src="pics/nav/spacer.gif" hspace="1"></td>
<td valign="bottom">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td rowspan="2" bgcolor="#cccccc"><img src="pics/nav/spacer.gif" width="1"></td>
<td colspan="2" height="1" valign="top" bgcolor="#cccccc"><img src="pics/nav/spacer.gif"></td>
<td background="pics/nav/baroff.jpg" rowspan="2" valign="top" align="right"><img src="pics/nav/taboff.gif" align="top"></td>
</tr>
<tr>
<td bgcolor="#E5E5E5">*</td>
<td align="center" bgcolor="#E5E5E5"><img src="pics/nav/spacer.gif" vspace="2" border="0"><br><b><font class="tab" style="width:5em;"><a href="misc/">Miscellaneous</a></font></b><br><img src="pics/nav/spacer.gif" vspace="1" border="0"></td>
</tr>
</table>
</td>

</table>



</td>
<td align=right valign=bottom>
<div class=xs style="padding:3px;"><nobr><b class=xs style="color=#003366"><a style="text-decoration:none;" href="contact/">Contact Us<br></a></b>
</nobr></div>

</td>

</tr></table>


<table width="570" align=center border=0 cellspacing=0 cellpadding=0 bgcolor="#93B2DD">
<tr><td height=18 ><br></td></tr>
<tr><td ><table border=0 cellspacing=0 cellpadding=2><tr><td width="16"><FORM METHOD="POST" action="perl/search.pl" name="searchform"></td><td>

<input name="query" size="40" maxlength="800" value="" style="width:440px"></td><td>  
<input type="submit" value="Search" style="width:5em;">

</td>
</tr>
</table>



<table width="570" border=0 cellspacing=0 cellpadding=3 bgcolor="#93B2DD">
<tr><td height=3 colspan=3></td></tr>
<tr><td>   </td><td class=xs valign=top>Search Engine:  </td>
<td class=xs valign=top width=100%>
<INPUT TYPE=radio NAME="engine" VALUE="google" checked><a href="http://www.google.com/" style="text-decoration:none;">Google</a>  
<INPUT TYPE=radio NAME="engine" VALUE="msn"><a href="http://www.msn.com" style="text-decoration:none;">MSN</a>  
<INPUT TYPE=radio NAME="engine" VALUE="searchcom"><a href="http://www.search.com/" style="text-decoration:none;">Search.com</a>  
<INPUT TYPE=radio NAME="engine" VALUE="yahoo"><a href="http://www.yahoo.com/" style="text-decoration:none;">Yahoo</a>  
</td><td align=right valign=top></td>
</tr><tr><td height=3 colspan=3></td></tr></table>
</table></form>


EOM

if(@rejected) {print "<B>The following files were not stored as they<BR>were already on the server:<BR><BR>\n"; print join("<BR>", @rejected); print "<BR><BR>\n"}

#here is where we print the links to the file:
$DataURL = qq~http://www.com/uploads~;
print qq~<center><B><font size=5>The following files were successfully uploaded:</B></center></font><TABLE align=center><TR><TD nowrap class=s><font size=4 face=verdana,arial,helvetica,sans-serif>\n~;
foreach(@file_did_save) {
print qq~<LI><A HREF="$DataURL/$_">$_</A>\n~;
}
print qq~</font></TD></TR></TABLE><br><font color=#A50021 class=footer><center>An upload confirmation has been sent<br>to the administrator of SearchYourPlanet.com~;

if(@was_not_good_type) {print "<B>The following file(s) were not stored as their file extension<BR>did not match any of the valid extensions specified in the program:<BR><BR>\n"; print join("<BR>", @was_not_good_type); print "<BR><BR>\n"}
if(@was_a_bad_type) {print "<B>The following files were not stored as their file extension<BR>are on the list of extensions not permitted for upload:<BR><BR>\n"; print join("<BR>", @was_a_bad_type); print "<BR><BR>\n"}
if(@was_too_big) {print "<B>The following files were not stored as their file size<BR>exceeded the maximum file size of $max_size Kb.:<BR><BR>\n"; print join("<BR>", @was_too_big); print "<BR><BR>\n"}
if(@did_not_save) {print "<B>The following files were not stored because the<BR>program could not open their destination file:<BR><BR>\n"; print join("<BR>", @did_not_save);print "<BR><BR>\n";
if(!@file_did_save) {print "<FONT COLOR=\"RED\"><B>NOTE: Check to ensure that the \$Data variable reflects the correct<BR>absolute path to the directory these files should be store in.</B></FONT><BR><BR>"}
}
print "<HR WIDTH=\"45%\"></font><font color=#8F8F8F class=\"xs\">Copyright &copy 1999-2004 - SeachYourPlanet.com</font></center></BODY></HTML>\n";
}

}

$DataURL = qq~http://www.searchyourplanet.com/uploads~;
################################################## ###############################
if(@file_did_save) {
open (MAIL, "|$mailprog -t") || die "Can't open $mailprog!\n";

print MAIL "To: $my_email(SearchYourPlanet)\n";
print MAIL "From: $my_email(SearchYourPlanet - Uploads)\n";
print MAIL "Subject: New Upload...\n\n";

print MAIL "The following files were uploaded to SearchYourPlanet.com on $date:\n";

if(@file_did_save) {
print MAIL qq~\n~;
foreach(@file_did_save) {
print MAIL qq~$DataURL/$_\n~;
}
}
print MAIL "\n";
print MAIL "----------------------------------------------------\n";
print MAIL "IP Address: $ENV{'REMOTE_ADDR'}\n";
print MAIL "$ENV{'HTTP_USER_AGENT'}\n";
print MAIL "\n";
close (MAIL);
}