#!/usr/bin/perl print "Content-type: text/html\n\n"; #SET MAXIMUM FILE SIZE ################################################# $maxfilesize = 30508; # 30.2kb #CHECK FILE SIZE ################################################# $len = $ENV{'CONTENT_LENGTH'}; if ($len > $maxfilesize) { print "file is bigger than 30.2kb, sorry\n"; exit; } #SET PATH VARIABLES ################################################ $| = 1; $upath = "/absolute/path/to/upload/dir/"; $uindex = "/absolute/path/to/upload/dir/upload.index"; $tempfile = $upath . $ENV{'REMOTE_ADDR'}; #READ IN BUFFER AND WRITE TO TEMP FILE ################################################ read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); open (x,">$tempfile"); print x $buffer; close (x); #OPEN TEMP FILE AND PROCESS IT ################################################ open (temp,$tempfile); #PULL OUT MIME/MULTIPART ################################################ $_ = <temp>; ($vernum) = /(\d+)/; # Next line of the file contains the filename in the format: # filename="C:\windows\win.ini" # KEEP ONLY PART WITHIN QUOTES ################################################ $_ = <temp>; $filetemp = $1 if (/filename=\"(.*)\"/); #REMOVE FULL PATH NAME ################################################ @pathz = (split(/\\/,$filetemp)); $filetempb = $pathz[$#pathz]; @pathza = (split('/',$filetempb)); $filename = $pathza[$#pathza]; #IF FILENAME IS BLANK, SHOW ERROR MESSAGE ############################################### if ($filename eq "") {<br> print "Oops, the you did not give a valid file name\n\n"; close(temp); `rm $tempfile`; } #CREATE FILE IN UPLOAD DIR ############################################### open (outfile, ">$upath$filename"); # Now we don't care about the Content-type of this, so<br> we'll pass +that up $junk = <temp>; $junk = <temp>; #READ/WRITE ALL APART FROM MIME/MULTIPART BIT ############################################## while (<temp>) { if (!(/-{28,29}$vernum/)) { print outfile $_; } } #ALL DONE, CLOSE AND PRINT SUCCESS MSG ############################################## close (temp); close (outfile); `rm $tempfile`; print "Your file <i>$filename</i> has been successfully<br> transferre +d to this site.<br>\n"; exit;
So theres the code, anyone know how I can pass through 3 VARIABLES too?. I do need the variables for security but at this stage the user has already logged in. I just like to constantly pass throught a username and password so that the .cgi script cant be accessed on its own without going through the login.
Im pretty new to all this so I really am sorry if I sound like a gimp. lol Really appreciate more help on this, thanks for all the replies everyone, Ill make sure I put you on the Thanks Page. :)
In reply to Re: Re: File Upload - AND hidden values
by Anonymous Monk
in thread File Upload - AND hidden values
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |