#####################################################################
### ###
### F I L E U P L O A D ###
### Last Modified: 28 Jul 2000 ###
### ###
### Mod based on a script created by ###
### Jeff Carnahan jeffc@terminalp.com ###
### Adapted for use by DBMan by ###
### JPDeni deni@jpdeni.com ###
### Integration with DBMan script by ###
### Jim Kangosjärvi Jim.Kangosjarvi@Abc.se ###
### ###
#####################################################################
# #
# This modification will allow you to add file uploading capability #
# to your database. The most common use of the mod will probably be #
# to upload a graphic file to accompany a record. The mod is set up #
# to allow only one file per record. #
# #
# The mod changes the name of the uploaded file to match the key #
# value of the associated record. This prevents conflicts between #
# the names of files that users might upload. #
# #
# There are options within the mod where you can choose whether you #
# want to require the user to upload a file when he or she adds a #
# record. Please read the notes carefully and make sure you are #
# using the option you require. #
# #
# This script requires that the CGI.pm module is installed on your #
# system. It probably is, but if you run into problems, you might #
# ask your server admin if the CGI.pm module is installed. #
# #
# You will not be able to use the autogenerate feature of DBMan with#
# this mod. You must create your own html_record and #
# html_record_form subroutines. #
# #
#####################################################################
#####################################################################
# Create a directory in your public html directory -- the place #
# where you normally put web pages -- for the graphics to be #
# uploaded. On most systems, this should *not* be within the #
# cgi-bin. #
# #
# Set the permissions for this directory to 777. #
#####################################################################
#####################################################################
# IMPORTANT NOTE!!!!!! #
# When a file is uploaded, the contents of the Filename field will #
# be the path to the file on the computer from which it was uploaded#
# and not the path to the file on your server. Don't worry about it.#
# This mod includes code which displays the file as it is on your #
# server and *not* the contents of the Filename field. The reason #
# the field is there is merely to allow you to require all users to #
# upload a file. There must be something in the database for the #
# script to check. #
# #
# If the record is modified, and the user does not upload a new file#
# the field will be blank. This, too, is the way it's supposed to #
# work. I have taken all of this into consideration and the mod #
# works just as it's supposed to. #
#####################################################################
#####################################################################
# file: default.cfg #
# If you *DO NOT* want to require all users to upload a file when #
# they add a record, within your field definitions, #
# add the following #
#####################################################################
Filename => [10,'alpha',0,255,0,'','']
# (Change the field number to fit with your database definition.)
#####################################################################
# file: default.cfg #
# #
# After the Authorization Options section #
# add the following #
#####################################################################
# File upload parameters
# --------------------------------------------------------
#
# File uploads -- if you want to be able to upload files, set this to 1
$db_upload = 1;
# Full path to directory for uploaded files -- NOT A URL!!!! No trailing slash please.
$SAVE_DIRECTORY = "/home/username/public_html/uploads";
# Full URL to directory for uploaded files. No trailing slash please.
$SAVE_DIRECTORY_URL = "http://www.server.com/uploads";
# Defines the number of bytes that can be uploaded. Files that exceed
# this limit will not be saved on the server. Set this to zero in order to
# disable size checking.
$MAXIMUM_UPLOAD = 50000;
# List of allowable file extensions. If the file does not have one of the extensions
# listed, it will not be saved to the server. The format for the setting is
# \.[extension]$ If you want to allow more than one extension, separate the options by
# a | character.
$ALLOWED_EXT = '\.gif$|\.jpg$';
######################################################################
# file: db.cgi #
# after #
# $db_script_path = "."; #
# add the following #
######################################################################
use CGI;
$query = new CGI;
######################################################################
# file: db.cgi #
# sub parse_form #
# replace subroutine with the following #
######################################################################
sub parse_form {
# --------------------------------------------------------
my (%in);
my ($buffer, $pair, $name, $value);
PAIR: foreach $name ($query->param()) {
$value = $query->param("$name");
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s///g;
if ($value eq "---") { next PAIR; }
(exists $in{$name}) ?
($in{$name} .= "~~$value") :
($in{$name} = $value);
}
return %in;
}
######################################################################
# file: db.cgi #
# sub add_record #
# after #
# while ($status eq "duplicate key error" and $db_key_track) { #
# return "duplicate key error" if ($counter++ > 50); #
# $in{$db_key}++; #
# $status = &validate_record; #
# } #
# add #
######################################################################
if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture
######################################################################
# file: db.cgi #
# sub modify_record #
# before #
# $status = &validate_record; #
# add #
######################################################################
$db_not_null{'Filename'} = 0;
# Note: this line is so that, if you require users to upload a file,
# they will not be forced to upload when they modify their records.
######################################################################
# file: db.cgi #
# sub modify_record #
# after #
# $status = &validate_record; #
# add #
######################################################################
if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture
######################################################################
# file: db.cgi #
# sub validate_upload #
# new subroutine #
######################################################################
sub validate_upload {
# --------------------------------------------------------
my ($filekey,$filename,$newfilename,$extlength,$filehandle,$totalbytes,$buffer,$bytes,@extensions,@ext);
$| = 1;
$filekey = $query->param("Filename");
$newfilename = $in{$db_key};
if (!(-e $SAVE_DIRECTORY)) {
return "The directory doesn't exist. Make sure that this directory is a complete path name,
not a URL or something similar. It should look similar to
/home/username/public_html/uploads";
}
if (!(-W $SAVE_DIRECTORY)) {
return "The directory isn't writable. Make sure that this directory is writable by all users.
At your UNIX command prompt, type chmod 777 $SAVE_DIRECTORY";
}
if (!(-d $SAVE_DIRECTORY)) {
return "The directory you specified isn't really a directory.
Make sure that this is indeed a directory and not a file.";
}
if ($filekey =~ /([^\/\\]+)$/) {
$filename = $1;
$extlength = length($filename) - index($filename,".");
$filename = $newfilename . lc(substr($filename,-$extlength,$extlength));
unless ($filename =~ /$ALLOWED_EXT/) {
$ALLOWED_EXT =~ s/\\//g;
$ALLOWED_EXT =~ s/\$//g;
@ext = split (/\Q|\E/o,$ALLOWED_EXT);
$ALLOWED_EXT = join(" or ",@ext);
return "Only files with the following extension(s) are allowed: $ALLOWED_EXT";
}
}
else {
return "You attempted to upload $filekey that isn't properly formatted. Please rename the file
on your computer, and attempt to upload it again. Files may not have forward or backward slashes in
their names. Also, they may not be prefixed with one (or more) periods.";
}
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $in{$db_key} . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
unlink ("$SAVE_DIRECTORY/$file");
}
}
if (!open(OUTFILE, ">$SAVE_DIRECTORY\/$filename")) {
return "There was an error opening '$SAVE_DIRECTORY\/$filename' for Writing.\n";
}
binmode(OUTFILE); # This is needed to work on Windows/NT platforms.
while ($bytes = read($filekey,$buffer,1024)) {
$totalbytes += $bytes;
print OUTFILE $buffer;
}
close($filekey);
close(OUTFILE);
chmod (0666, "$SAVE_DIRECTORY\/$filename");
if ($totalbytes > $MAXIMUM_UPLOAD && $MAXIMUM_UPLOAD > 0) {
unlink "$SAVE_DIRECTORY\/$filename";
return "Filename
You have reached your upload limit.
Your file contains $BytesRead $totalbytes bytes.
This exceeds the maximum limit of $MAXIMUM_UPLOAD bytes.
Your file was not saved.
Please try again.";
}
return "ok";
}
######################################################################
# file: db.cgi #
# sub delete_records #
# #
# if you want to delete the associated file when a record is deleted,#
# change #
# #
# $delete_list{$data[$db_key_pos]} ? #
# ($delete_list{$data[$db_key_pos]} = 0) : #
# ($output .= $line . "\n"); #
# #
# to the following: #
# #
######################################################################
if ($delete_list{$data[$db_key_pos]}) { # if this id is one we want to delete
$delete_list{$data[$db_key_pos]} = 0; # then mark it deleted and don't print it to the new database.
if ($db_upload) {
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $data[$db_key_pos];
foreach $file (@files) {
if ($file =~ /^$file_test\./) {
unlink ("$SAVE_DIRECTORY/$file");
}
}
}
}
else { $output .= $line . "\n"; }
######################################################################
# file: html.pl #
# sub html_record #
# #
# after #
# my (%rec) = @_; #
# #
# add #
# #
######################################################################
$rec{$db_key} =~ s/<.?B>//g;
### Wherever you want your graphic to print out, use the following:
|; # to close off a previous print qq| statement
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $rec{$db_key};
foreach $file (@files) {
if ($file =~ /^$file_test\./) {
print qq||;
$graphic_found=1;
}
}
print qq|
#####################################################################
# If you are using the long/short display mod, you will need to make
# the same changes in sub html_record_long that you made in
# sub html_record.
#####################################################################
######################################################################
# file: html.pl #
# sub html_record_form #
# probably near the bottom of the form, but before the closing #
# tag #
# #
# add #
# #
######################################################################
|;
if ($form_upload) {
print qq|
Browse Picture:
|;
}
print qq|
######################################################################
# file: html.pl #
# sub html_add_form #
# sub html_add_failure #
# sub html_modify_form_record #
# sub html_modify_failure #
# add #
# right at the beginning of the subroutines #
######################################################################
$form_upload = 1;
######################################################################
# file: html.pl #
# sub html_add_form #
# sub html_add_failure #
# sub html_modify_form_record #
# sub html_modify_failure #
# change #
#