#!/usr/bin/perl -w

use strict;
use CGI;
use Fcntl;

use constant BUFFER_SIZE   => 16_384;       # Amount of upload file to read at one time
use constant MAX_FILE_SIZE => 1_048_576;    # This is the filesize upload limit
use constant UPLOAD_DIR    => "/data/www/inverse.org/html/muckraker/temp/";

$CGI::DISABLE_UPLOADS      = 0;             # Temporarily reenable uploads
$CGI::POST_MAX             = MAX_FILE_SIZE; # This will stop someone from uploading
                                            # a fifty meg file to your system
my $req      = CGI->new; 
my $theext   = "gif";
my $donepage = "up2.html";

my %upload_path = ('personal'   => 'temp_a/',
                   'impersonal' => 'temp_b/');

my $path = 'personal'; # my $path = $req->param('path');

if (! exists $upload_path{$path}) {
    # Oops!  It's not in our hash.  Someone was being naughty!
    print $req->redirect("some_error_page.html");
    exit;
}
$path = $upload_path{$path};

print "Content-type: text/html\n\n";

UPLOAD_FILE:
{
    for my $onnum (1..10) {
        my $file = $req->param("FILE$onnum") or next UPLOAD_FILE;
        if ($file) {
            my $buffer;
            my $file_handle = $req->upload( $file );
            my $format = $req->uploadInfo($file)->{'Content-Type'};
            print "format is '$format'\n";
        
            # In the following regex, we're getting the image type of the MIME type.
            # This is better than checking the extension because if they upload from
            # a system that doesn't use extensions - or if the user's redefined their
            # extensions, we'd have problems.
            $format    =~ s!^image/([a-zA-Z]+)$!$1!;
            if ($format !~ /$theext/o) {
                print "skipping to next\n";
                next UPLOAD_FILE;
            }
        
            my $fileName = "";
            
            # Create a random filename.  Keep running the loop if the filename exists,
            # or if $fileName is false.
            while (! $fileName or -e UPLOAD_DIR.$path.$fileName) {
                $fileName = "";
                my @myarray=('a'..'z','A'..'Z','1'..'9');
                for (1..8) {
                    $fileName .= $myarray[rand(@myarray)];
                }
                $fileName .= ".$theext";
            }
            
            print "creating new file '" . UPLOAD_DIR . " :: $path :: $fileName'\n";
            # This will create the new file
            sysopen OUTFILE, UPLOAD_DIR . $path . $fileName, O_CREAT or die "Can't open UPLOAD_DIR$path$fileName: $!";
            
            print "sysopen done\n";
#            print OUTFILE $file_handle;
            while ( read( $file_handle, $buffer, BUFFER_SIZE ) ) { 
                print "buffering... ";
                print OUTFILE $buffer; 
            }

            print "printing done\n";
            close (OUTFILE); 
            print "closing file\n";
        }
    }
}

print "program done\n";