in reply to Get vs. POST in CGI.pm
So you were trying to figure out how to get a look at the filename, in order to validate it? And that got you into wanting to use GET where you could 'see' the parameters. Which got everybody concerned because everybody _knows_ file uploads require POST. But then again maybe you were wanting to know _how_ to know if anything really got uploaded to your site.
Well I hadn't yet played with file uploads and need to soon, so I put together the test program following. I used the docs for the CGI module to do this. Using this code you can test out some of your assumptions or ideas.
#!/usr/bin/perl -w use strict; use warnings; use CGI qw/:standard/; my $q = new CGI; my $cgi_error = $q->cgi_error(); if( $cgi_error ) { print $q->header( -status => $cgi_error ), $q->start_html('Problems'), $q->h2('Request not processed'), $q->strong($cgi_error), $q->end_html(); exit(0); } my( $latest_fullpath, $latest_filepath, $latest_filename ); my( $latest_status, $latest_length, $latest_content_type ); if( $q->param() ) { $q->param('latest_fullpath', '' ); $q->param('latest_filepath', '' ); $q->param('latest_filename', '' ); $q->param('latest_length', '' ); $q->param('latest_status', '' ); $q->param('latest_content', '' ); $latest_fullpath = $q->param('filename'); $q->param('latest_fullpath', $latest_fullpath ); my( $filepath, $filename ) = ($latest_fullpath =~ /^( (?: .* [:\\\/] )? ) (.*) $/x) +; $q->param('latest_filepath', $filepath ); $q->param('latest_filename', $filename ); my $rhhdrs = $q->uploadInfo($latest_fullpath); $latest_content_type = $rhhdrs->{'Content-Type'}; $q->param('latest_content', $latest_content_type ); my $uploadfh = $q->upload('filename'); if( $uploadfh ) { while( <$uploadfh> ) { $latest_length += length $_; } # $latest_length += 42; $q->param('latest_length', $latest_length ); } elsif( $q->cgi_error ) { print $q->header( -status => $q->cgi_error ); exit(0); } else { $q->param('latest_status', 'No filehandle?' ); } } print $q->header(), $q->start_html( -title => 'Testing file uploads' ), $q->start_multipart_form({ -method => 'POST', -action => 'testingx.pl' }), $q->filefield({ -name => 'filename', }), ' ', $q->submit('Add'), $q->end_form(), $q->hr(), $q->textfield('latest_fullpath'), ' Latest Fullpath', + $q->br(), $q->textfield('latest_filepath'), ' Latest Filepath', + $q->br(), $q->textfield('latest_filename'), ' Latest Filename', + $q->br(), $q->textfield('latest_length'), ' Latest Length', + $q->br(), $q->textfield('latest_status'), ' Latest Status', + $q->br(), $q->textfield('latest_content'), ' Latest Content-ty +pe', $q->br(), $q->hr(), " CGI::POST_MAX is '$CGI::POST_MAX'", $q->br(), " CGI::DISABLE_UPLOADS is '$CGI::DISABLE_UPLOADS'", $q->br( +), " REQUEST_METHOD is ", $q->request_method(), $q->br(), " CONTENT_TYPE is ", $q->content_type(), $q->br(), $q->end_html();
----------------------------------------------------
farquarh.txt Latest Fullpath
Latest Filepath
farquarh.txt Latest Filename
Latest Length
Latest Status
application/octet-stream Latest Content-type
----------------------------------------------------
CGI::POST_MAX is '-1'
CGI::DISABLE_UPLOADS is '0'
REQUEST_METHOD is POST
CONTENT_TYPE is multipart/form-data; boundary=---7d335e13e00e0
Submitting a valid filename resulted in:
----------------------------------------------------
\\data01\users2\budgie\diffs.txt Latest Fullpath
\\data01\users2\budgie\ Latest Filepath
diffs.txt Latest Filename
3566 Latest Length
Latest Status
text/plain Latest Content-type
----------------------------------------------------
You can drive yourself nuts if you can't see what's going on, so just display any/every thing you _might_ need to see!
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re: Re: Get vs. POST in CGI.pm
by Anonymous Monk on Sep 24, 2003 at 02:00 UTC |