Gossamer Forum
Home : Gossamer Threads Inc. : Custom Modification Jobs :

file upload in modify.cgi

Quote Reply
file upload in modify.cgi
Hello,

There is/was a mod for add.cgi which would allow file upload and this was written by Phoenix with help from Alex. I am using this mod to allow people to upload files. All files are saved in a sepeate folder starting with the ID of the record and then the filename. However, once people upload the files they no longer can modify them later from modify.cgi

I am looking for someone to adopt the same code in modify.cgi so people can change their image/upload anytime. It is not very complicated - the problem I am having is that when they go to modify.cgi and add a new upload, it should look for and delete the existing file first and then upload the new one in its place. So, if someone uploaded 1023-graphic.gif then it should delete that file first.

Code:
if ($attach_field_required) {
if (!$in{$attach_file_field}) {
if (!$in{'FILE_CONTENT'}) {
&site_html_add_failure ("You must either attach a file or enter data in the $attach_file_field field.");
return;
}
}
}

# Save any attachments
if ($in{'FILE_CONTENT'}) {
if ($in{$attach_file_field}) {
&site_html_add_failure("Please do not enter both a URL and a file. If you choose to upload a file, a URL will be automatically attached.");
return;
}
if (length($in{'FILE_CONTENT'}) > ($attach_file_size * 1000)) {
&site_html_add_failure("Maximum attachment size is $attach_file_size KB. Please reduce the size of your image or email it as an attachment to $db_admin_email.");
return;
}
my $filename = $in{'FILE_NAME'};
($filename =~ m,[/\\]([^/\\]+)$,) and ($filename = $1);
if ($filename !~ /^[\w\d\.\/\\]+$/) {
&site_html_add_failure ("Invalid characters in filename '$filename'. Please use letters, numbers and dashes only.");
return;
}
if ($filename =~ /\.\./) {
&site_html_add_failure ("Invalid characters in filename '$filename'. Please use letters, numbers and dashes only.");
return;
}
if ($filename !~ /$attach_ext/) {
$attach_ext =~ s/\\//g;
$attach_ext =~ s/\$//g;
@ext = split (/\Q|\E/o,$attach_ext);
$attach_ext = join(" or ",@ext);
&site_html_add_failure ("Only files with the following extension(s) are allowed: $attach_ext");
return;
}
open (FILE, ">$build_attach_path/$in{$db_key}-$filename") or &cgierr ("Can't save attach: $build_attach_path/$in{$db_key}-$filename. Reason: $!");
print FILE $in{'FILE_CONTENT'};
close FILE;
$in{$attach_file_field} = "$build_attach_url/$in{$db_key}-$filename";
}


So, in the last loop before creating a new file, it should delete the existing file - I think that's all that needs to be done but I am not sure.

Last edited by:

socrates: Sep 24, 2002, 1:47 PM