# Good
$CGI::DISABLE_UPLOADS = 0;
my $q = CGI->new;
# Bad
my $q = CGI->new;
$CGI::DISABLE_UPLOADS = 0;
####
{
no strict 'refs';
while (<$file>) {
$length += length($_);
}
}
####
#!D:/perl/bin/perl.exe -wT
use CGI qw/ :standard /;
use Fcntl;
use strict;
$|++;
$CGI::DISABLE_UPLOADS = 0;
use constant BUFFER_SIZE => 16384;
use constant UPLOAD_FILE => 'file_upload';
use constant FILESHARE_DIR => 'xi_fileshare.dir';
print header,
start_html('file upload'),
h1('file upload');
my $dir;
if ( param('file_upload') ) {
$dir = print_results();
print a( { href => "xi_fileshare.cgi?directory=$dir"}, "Back to file listing" );
exit;
} else {
print_form();
}
print end_html;
exit;
sub print_form {
open FILE, ">".FILESHARE_DIR or graceful_exit("Can't write to directory file: $!");
my $directory = param( 'directory' );
print FILE $directory;
close FILE;
print br,
start_multipart_form(),
filefield(-name=>UPLOAD_FILE,-size=>60),
br,
submit(-label=>'Upload File'),
end_form;
}
sub print_results {
my $file = param( UPLOAD_FILE );
if ( ! $file ) {
graceful_exit("No File!");
}
my $content_type = uploadInfo($file)->{'Content-Type'};
my $file_handle = upload( UPLOAD_FILE );
my $testfilename="whatever.xls";
open FILE, "<".FILESHARE_DIR or graceful_exit("Can't file directory file: $!");
chomp( my $directory = );
sysopen (OUTFILE, "$directory/$testfilename", O_WRONLY | O_CREAT) or graceful_exit("Can't create file: $!!");
my $length = 0;
while ( read( $file_handle, my $buffer, BUFFER_SIZE ) ) {
print pre( $buffer );
print OUTFILE $buffer or graceful_exit( "Can't print to $directory/$testfilename: $!" );
$length += length $buffer;
}
print p( "$directory/$testfilename" ),
br,
p( "Dir: $directory" ),
h2('File name'),
p( $file ),
h2('File Mime Type'),
p( $content_type ),
h2('File Length'),
p( $length );
close (OUTFILE);
}
sub graceful_exit {
my $err = shift;
print h3("Sorry, but an error in your input has occured! If you can figure it out, this is it: $err"),
p( "Use your browser's BACK button and try again with changed input" ),
br,
end_html;
exit;
}