Hello All,
I have a funky file upload function problem -
yes, I've looked all over the hallowed halls for an answer, but none has presented itself. Putting security issuses aside (this is for an internal, password protected section of a site) here is the jist of the script, its pretty cut and dry:
sub _file_upload { my $self = shift; no strict 'refs'; foreach(@_) { my $file = $_; if ($file ne "") { my $fileName = $file; $fileName =~ s!^.*(\\|\/)!!; open (OUTFILE, ">$img_dir/$fileName") or die("can't write ima +ge file '$img_dir/$fileName': $!"); while (my $bytesread = read($file, my $buffer, 1024)) { print OUTFILE $buffer; } close (OUTFILE); } } }
the above code works well... IF the filename only has numbers in it!, like 1.gif, 2.gif, 3.gif.. ect. It won't work for filenames like photo.gif, things like that.
What is going on here? I've traced this myself to a few things:
First off, the function is screwing up in the while loop. File is created, nothing is written and the file is closed.
I don't understand where/how $file is being read. Its gotta be in the /tmp directory. Maybe something's getting messed up when I'm passing the filehandle from a script that uses the CGI.pm to get the saved form information to the Perl Module (the code above) that houses the _file_upload() function.
the above code works 100% correctly on one server that I test, which is runing suEXEC, but is otherwise a similar setup to another server that's only correctly saving files that are numbers.
Anyways, why would the name of the file make any difference?
-justin simoni
!skazat!
In reply to YAF(ile)U(ploading)Q(uestion) by skazat
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |