Re: Upload dir permissions

Fri, 19 Nov 2004 10:10:33 -0800 

On Fri, 19 Nov 2004 11:50:41 -0600, Ed Pigg <[EMAIL PROTECTED]> wrote:
> Hi all,
> 
> I'm trying to setup a system where users can upload images to a
> designated uploads dir. Once the file is successfully uploaded I want

Keep account creation and uploads separate functions.

> Do I need to make the webuser part of a group that will have write
> access to the dir's? What are the best practices for this type of
> thing.

Yes; here is soemthing to get you started -- change server/directpry
references as approppriate:

#!/usr/bin/perl

use CGI;

# Set to YOUR correct upload area -- must be WWW accessible.
$upload_dir = "/home/insecuri/public_html/forsaken";
# For this example, see http://forsaken.insecurity.org/

$query             = new CGI;
$filename          = $query->param("photo");
$upload_filehandle = $query->upload("photo");

# SiteID directory path MUST already exist!
$SiteID            = $query->param("SiteID");

# Clean it up...
$filename          =~ s/.*[\/\\](.*)/$1/;

open UPLOADFILE, ">$upload_dir/$SiteID/$filename";

while ( <$upload_filehandle> )
{
  print UPLOADFILE;
}

close UPLOADFILE;

print $query->header ( );
print <<END_HTML;

<HTML>
<HEAD>
<TITLE>Thanks!</TITLE>
</HEAD>

<BODY>

<P>Thanks for uploading your photo!</P>
<P>Your SiteID: $SiteID</P>
<P>Your photo:</P>
<img src="http://forsaken.insecurity.org/$SiteID/$filename"; border="0">

<hr noshade><pre>Debug:

$filename
$SiteID
$upload_filehandle
$upload_dir

</pre>
</BODY>
</HTML>

END_HTML

__END__

The HTML portion:


<HTML>
 <HEAD>UpLoader Test</HEAD>
 <BODY>
 <FORM ACTION="/cgi-bin/uploadFile.cgi" METHOD="post"
ENCTYPE="multipart/form-data">
 Photo to Upload: <INPUT TYPE="file" NAME="photo">
 <br><br>
 Enter a SiteID* (or leave blank for main site): <INPUT TYPE="text"
NAME="SiteID">
 <br><br>
 <INPUT TYPE="submit" NAME="Submit" VALUE="Submit Form">
 </FORM>
 
 <hr noshade>
<PRE> SiteID must have been previously defined by Site webmaster, to
include correct directory creation.
</PRE>
 </BODY>
</HTML>


Enjoy.

-- 
WC -Sx- Jones
http://insecurity.org/

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>

Reply via email to