##################################################################### ### ### ### F I L E U P L O A D F R O M T E X T F I L E ### ### Last Modified: 13 Oct 2005 ### ### ### ### Mod based on a script created by ### ### Jeff Carnahan jeffc@terminalp.com ### ### Adapted for use by DBMan by ### ### JPDeni deni@jpdeni.com ### ### Integration with DBMan script by ### ### Jim Kangosjärvi Jim.Kangosjarvi@Abc.se ### ### Hacked for use by Watts (with a lot of help from JPDeni) ### ##################################################################### # # # This modification will allow you to add file uploading capability # # to your database. The most common use of the mod will be to add a # # record with variable values pre-populated from a text-delimited # # flat file. (See example text file at end of this mod.) # # # # The mod changes the name of the uploaded file to match the "uid" # # or session value of the associated user. This prevents conflicts # # when multiple users are logged in with the same user name. # # # # This script requires that the CGI.pm module is installed on your # # system. It probably is, but if you run into problems, you might # # ask your server admin if the CGI.pm module is installed. # # # # You will not be able to use the autogenerate feature of DBMan with# # this mod. You must create your own html_record and # # html_record_form subroutines. # # # ##################################################################### ##################################################################### # Create a directory in your public html directory -- the place # # where you normally put web pages -- for the graphics to be # # uploaded. On most systems, this should *not* be within the # # cgi-bin. # # # # Set the permissions for this directory to 777. # # Note: you may want to try different permission settings on this # # folder (such as rwx-rwx-rw). # ##################################################################### ##################################################################### # NOTE: Some of these steps can probably be left off but it doesn't # # hurt to add them all in anyway. # ##################################################################### ##################################################################### ##################################################################### # file: default.cfg # # Within your field definitions, add the following # ##################################################################### Filename => [10,'alpha',0,255,0,'',''] # (Change the field number to fit with your database definition.) ##################################################################### # file: default.cfg # # # # After the Authorization Options section # # add the following # ##################################################################### # File upload parameters # -------------------------------------------------------- # Full path to directory for uploaded files -- NOT A URL!!!! No trailing slash please. # examples: "/mnt/guide/www/uploads" or "../../uploads" $SAVE_DIRECTORY = "/home/username/public_html/uploads"; # Full URL to directory for uploaded files. No trailing slash please. $SAVE_DIRECTORY_URL = "http://www.server.com/uploads"; # Defines the number of bytes that can be uploaded. Files that exceed # this limit will not be saved on the server. Set this to zero in order to # disable size checking. $MAXIMUM_UPLOAD = 50000; # List of allowable file extensions. If the file does not have one of the extensions # listed, it will not be saved to the server. The format for the setting is # \.[extension]$ If you want to allow more than one extension, separate the options by # a | character. (see note under the section for html_record_form regarding what # extension to use.) $ALLOWED_EXT = '\.txt$|\.csv$'; ###################################################################### # file: db.cgi # # after # # $db_script_path = "."; # # add the following # ###################################################################### use CGI; $query = new CGI; ###################################################################### # file: db.cgi # # In sub Main add the following line in with all of the other # # similar "elsif" statements # ###################################################################### elsif ($in{'validate_upload'}) {if ($per_add) {&validate_upload_main;} else {&html_unauth;}} ###################################################################### # file: db.cgi # # sub parse_form # # replace subroutine with the following # ###################################################################### sub parse_form { # -------------------------------------------------------- my (%in); my ($buffer, $pair, $name, $value); PAIR: foreach $name ($query->param()) { $value = $query->param("$name"); $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s///g; if ($value eq "---") { next PAIR; } (exists $in{$name}) ? ($in{$name} .= "~~$value") : ($in{$name} = $value); } return %in; } ###################################################################### # file: db.cgi # # sub add_record # # after # # while ($status eq "duplicate key error" and $db_key_track) { # # return "duplicate key error" if ($counter++ > 50); # # $in{$db_key}++; # # $status = &validate_record; # # } # # add # ###################################################################### if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture ###################################################################### # file: db.cgi # # sub modify_record # # before # # $status = &validate_record; # # add # ###################################################################### $db_not_null{'Filename'} = 0; # Note: this line is so that, if you require users to upload a file, # they will not be forced to upload when they modify their records. ###################################################################### # file: db.cgi # # sub modify_record # # after # # $status = &validate_record; # # add # ###################################################################### if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture ###################################################################### # file: db.cgi # # sub validate_upload # # new subroutine # ###################################################################### sub validate_upload { # -------------------------------------------------------- my ($filekey,$filename,$newfilename,$extlength,$filehandle,$totalbytes,$buffer,$bytes,@extensions,@ext); $| = 1; $filekey = $query->param("Filename"); $newfilename = $in{'uid'}; if (!(-e $SAVE_DIRECTORY)) { return "The directory doesn't exist. Make sure that this directory is a complete path name,
not a URL or something similar. It should look similar to
/home/username/public_html/uploads"; } if (!(-W $SAVE_DIRECTORY)) { return "The directory isn't writable. Make sure that this directory is writable by all users.
At your UNIX command prompt, type chmod 777 $SAVE_DIRECTORY"; } if (!(-d $SAVE_DIRECTORY)) { return "The directory you specified isn't really a directory.
Make sure that this is indeed a directory and not a file."; } if ($filekey =~ /([^\/\\]+)$/) { $filename = $1; $extlength = length($filename) - index($filename,"."); $filename = $newfilename . lc(substr($filename,-$extlength,$extlength)); unless ($filename =~ /$ALLOWED_EXT/) { $ALLOWED_EXT =~ s/\\//g; $ALLOWED_EXT =~ s/\$//g; @ext = split (/\Q|\E/o,$ALLOWED_EXT); $ALLOWED_EXT = join(" or ",@ext); return "Only files with the following extension(s) are allowed: $ALLOWED_EXT"; } } else { return "You attempted to upload $filekey that isn't properly formatted. Please rename the file on your computer, and attempt to upload it again. Files may not have forward or backward slashes in their names. Also, they may not be prefixed with one (or more) periods."; } opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!"); @files = readdir(GRAPHIC); closedir (GRAPHIC); $file_test = $in{'uid'} . "."; foreach $file (@files) { if ($file =~ /^$file_test/) { unlink ("$SAVE_DIRECTORY/$file"); } } if (!open(OUTFILE, ">$SAVE_DIRECTORY\/$filename")) { return "There was an error opening '$SAVE_DIRECTORY\/$filename' for Writing.\n"; } binmode(OUTFILE); # This is needed to work on Windows/NT platforms. while ($bytes = read($filekey,$buffer,1024)) { $totalbytes += $bytes; print OUTFILE $buffer; } close($filekey); close(OUTFILE); chmod (0666, "$SAVE_DIRECTORY\/$filename"); if ($totalbytes > $MAXIMUM_UPLOAD && $MAXIMUM_UPLOAD > 0) { unlink "$SAVE_DIRECTORY\/$filename"; return "Filename
You have reached your upload limit.
Your file contains $BytesRead $totalbytes bytes.
This exceeds the maximum limit of $MAXIMUM_UPLOAD bytes.
Your file was not saved.
Please try again."; } return "ok"; } ###################################################################### # file: db.cgi # # sub validate_upload_main # # new subroutine # ###################################################################### sub validate_upload_main { #---------------------------------------------------------- my $status; $status = &validate_upload; if ($status eq "ok") {&html_upload_success;} else {&html_upload_failure($status);} } ########################################################################### # file: html.pl # # sub html_record_form # # add the following *after* this line # # my $font = 'Font face="Verdana, Arial, Helvetica" Size=2 Color=#003399';# ########################################################################### # only run this section if using the upload option if ($in{'type'} eq "upload") { %PTNO = (); # clears the variable # Note - for now uploaded file must end with ".txt" as the extension # (change the last part of the line below to ".csv" or whatever format you are using) $ptNameFile = $in{'uid'} . ".txt"; # read file and assign it to variables open(PTFILE, "<$SAVE_DIRECTORY/$ptNameFile") or warn "Cannot find $auditFileIs - no such file or invalid path\n"; while () { $Line = $_; chomp($Line); $Line =~ s/\r//g; #strips off hard returns ($LineNo, $LineValue) = split(/\|/,$Line); #splits pair by using delimiter of pipe (|) $PTNO{$LineNo} = $LineValue; } close(PTFILE); unlink("$SAVE_DIRECTORY/$ptNameFile") or die; #deletes file once page is loaded # Determine which lines get imported # use javascript to assign variables to variables print qq| |; } # end upload section ###################################################################### # file: html.pl # # sub html_home # # add the following *before* this line # # |; &html_footer; print qq| # ######################################################################
Browse Picture:
###################################################################### # file: html.pl # # sub html_add_form # # replace these two lines # # # #
# ###################################################################### ###################################################################### # file: html.pl # # Add the following two new subroutines # # sub html_upload_success # # sub html_upload_failure # ###################################################################### sub html_upload_success { # -------------------------------------------------------- # This page let's the user know that the file successfully uploaded my $message = shift; &html_print_headers; print qq|
Uploading file... please wait.
|; } sub html_upload_failure { # -------------------------------------------------------- # This page let's the user know that the file did not upload my ($errstr) = $_[0]; &html_print_headers; print qq|
Error uploading file...
|; } ###################################################################### # file: html.pl # # sub html_add_form # # add # # right at the beginning of the subroutines # ###################################################################### $form_upload = 1; ########################################################################## # Test Text File: whatever.txt # # Create a text file and paste in the following lines to use for # # testing your upload script. Not all lines will get imported. Only # # the ones you specify in the JavaScript section of html_record_form sub # ########################################################################## 1|Bob's Home Page 2|http://www.bobspage.com 3|blah 4|foo 6|de profundus clamo ad te domine 7|something else 8|amo, amas, amat, amamus, amatis, amant ############################## E N D #############################