#####################################################################
### ###
### F I L E U P L O A D ###
### Last Modified: 2 Apr 2001 ###
### ###
### Mod based on a script created by ###
### Jeff Carnahan jeffc@terminalp.com ###
### Adapted for use by DBMan by ###
### JPDeni deni@jpdeni.com ###
### Integration with DBMan script by ###
### Jim Kangosjärvi Jim.Kangosjarvi@Abc.se ###
### ###
#####################################################################
# #
# This modification will allow you to add file uploading capability #
# to your database. The most common use of the mod will probably be #
# to upload a graphic file to accompany a record. The mod is set up #
# to allow only one file per record. #
# #
# The mod changes the name of the uploaded file to match the key #
# value of the associated record. This prevents conflicts between #
# the names of files that users might upload. #
# #
# There are options within the mod where you can choose whether you #
# want to require the user to upload a file when he or she adds a #
# record. Please read the notes carefully and make sure you are #
# using the option you require. #
# #
# This script requires that the CGI.pm module is installed on your #
# system. It probably is, but if you run into problems, you might #
# ask your server admin if the CGI.pm module is installed. #
# #
# You will not be able to use the autogenerate feature of DBMan with#
# this mod. You must create your own html_record and #
# html_record_form subroutines. #
# #
#####################################################################
#####################################################################
# Create a directory in your public html directory -- the place #
# where you normally put web pages -- for the graphics to be #
# uploaded. On most systems, this should *not* be within the #
# cgi-bin. #
# #
# Set the permissions for this directory to 777. #
#####################################################################
#####################################################################
# file: default.cfg #
# If you *DO* want to require all users to upload a file when they #
# add a record, within your field definitions, #
# add the following #
#####################################################################
Filename => [10,'alpha',0,255,1,'','']
# (Change the field number to fit with your database definition.)
#####################################################################
# file: default.cfg #
# If you *DO NOT* want to require all users to upload a file when #
# they add a record, within your field definitions, #
# add the following #
#####################################################################
Filename => [10,'alpha',0,255,0,'','']
# (Change the field number to fit with your database definition.)
#####################################################################
# file: default.cfg #
# If you *DO NOT* want to require all users to upload a file when #
# they add a record, but would like users to be able to search for #
# only records that have graphics attached, add the following #
#####################################################################
Graphic => [11,'alpha',0,255,0,'','Yes']
# (Change the field number to fit with your database definition.)
# Also, create a checkbox field for your search form
%db_checkbox_fields = ( Graphic => 'Yes' );
#####################################################################
# file: default.cfg #
# #
# After the Authorization Options section #
# add the following #
#####################################################################
# File upload parameters
# --------------------------------------------------------
#
# File uploads -- if you want to be able to upload files, set this to 1
$db_upload = 1;
# Full path to directory for uploaded files -- NOT A URL!!!! No trailing slash please.
$SAVE_DIRECTORY = "/home/username/public_html/uploads";
# Full URL to directory for uploaded files. No trailing slash please.
$SAVE_DIRECTORY_URL = "http://www.server.com/uploads";
# Defines the number of bytes that can be uploaded. Files that exceed
# this limit will not be saved on the server. Set this to zero in order to
# disable size checking.
$MAXIMUM_UPLOAD = 50000;
# List of allowable file extensions. If the file does not have one of the extensions
# listed, it will not be saved to the server. The format for the setting is
# \.[extension]$ If you want to allow more than one extension, separate the options by
# a | character. Note that case counts!
$ALLOWED_EXT = '\.gif$|\.jpg$|\.GIF$|\.JPG$';
######################################################################
# file: db.cgi #
# after #
# $db_script_path = "."; #
# add the following #
######################################################################
use CGI;
$query = new CGI;
######################################################################
# file: db.cgi #
# sub parse_form #
# replace subroutine with the following #
######################################################################
sub parse_form {
# --------------------------------------------------------
my (%in);
my ($buffer, $pair, $name, $value);
PAIR: foreach $name ($query->param()) {
$value = $query->param("$name");
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s///g;
if ($value eq "---") { next PAIR; }
unless ($value) { next PAIR; }
(exists $in{$name}) ?
($in{$name} .= "~~$value") :
($in{$name} = $value);
}
return %in;
}
######################################################################
# file: db.cgi #
# sub add_record #
# after #
# while ($status eq "duplicate key error" and $db_key_track) { #
# return "duplicate key error" if ($counter++ > 50); #
# $in{$db_key}++; #
# $status = &validate_record; #
# } #
# add #
######################################################################
if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture
#####################################################################
# file: db.cgi #
# sub add_record #
# If you *DO NOT* want to require all users to upload a file when #
# they add a record, *AND* you have added the 'Graphic' field to #
# your field definitions, #
# after the line you added above, add #
#####################################################################
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $in{$db_key} . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
$in{'Graphic'} = 'Yes';
$graphic_found=1;
}
}
unless ($graphic_found) { $in{'Graphic'} = ''; }
######################################################################
# file: db.cgi #
# sub modify_record #
# before #
# $status = &validate_record; #
# add #
######################################################################
$db_not_null{'Filename'} = 0;
# Note: this line is so that, if you require users to upload a file,
# they will not be forced to upload when they modify their records.
######################################################################
# file: db.cgi #
# sub modify_record #
# after #
# $status = &validate_record; #
# add #
######################################################################
if (($status eq "ok") && ($in{'Filename'})) { $status = &validate_upload; } #Validate Picture
#####################################################################
# file: db.cgi #
# sub modify_record #
# If you *DO NOT* want to require all users to upload a file when #
# they add a record, *AND* you have added the 'Graphic' field to #
# your field definitions, #
# after the line you added above, add #
#####################################################################
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $in{$db_key} . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
$in{'Graphic'} = 'Yes';
$graphic_found=1;
}
}
unless ($graphic_found) { $in{'Graphic'} = ''; }
######################################################################
# file: db.cgi #
# sub validate_upload #
# new subroutine #
######################################################################
sub validate_upload {
# --------------------------------------------------------
my ($filekey,$filename,$newfilename,$extlength,$filehandle,$totalbytes,$buffer,$bytes,@extensions,@ext);
$| = 1;
$filekey = $query->param("Filename");
$newfilename = $in{$db_key};
if (!(-e $SAVE_DIRECTORY)) {
return "The directory doesn't exist. Make sure that this directory is a complete path name,
not a URL or something similar. It should look similar to
/home/username/public_html/uploads";
}
if (!(-W $SAVE_DIRECTORY)) {
return "The directory isn't writable. Make sure that this directory is writable by all users.
At your UNIX command prompt, type chmod 777 $SAVE_DIRECTORY";
}
if (!(-d $SAVE_DIRECTORY)) {
return "The directory you specified isn't really a directory.
Make sure that this is indeed a directory and not a file.";
}
if ($filekey =~ /([^\/\\]+)$/) {
$filename = $1;
$extlength = length($filename) - index($filename,".");
$filename = $newfilename . lc(substr($filename,-$extlength,$extlength));
unless ($filename =~ /$ALLOWED_EXT/) {
$ALLOWED_EXT =~ s/\\//g;
$ALLOWED_EXT =~ s/\$//g;
@ext = split (/\Q|\E/o,$ALLOWED_EXT);
$ALLOWED_EXT = join(" or ",@ext);
return "Only files with the following extension(s) are allowed: $ALLOWED_EXT";
}
}
else {
return "You attempted to upload $filekey that isn't properly formatted. Please rename the file
on your computer, and attempt to upload it again. Files may not have forward or backward slashes in
their names. Also, they may not be prefixed with one (or more) periods.";
}
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $in{$db_key} . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
unlink ("$SAVE_DIRECTORY/$file");
}
}
if (!open(OUTFILE, ">$SAVE_DIRECTORY\/$filename")) {
return "There was an error opening '$SAVE_DIRECTORY\/$filename' for Writing.\n";
}
binmode(OUTFILE); # This is needed to work on Windows/NT platforms.
while ($bytes = read($filekey,$buffer,1024)) {
$totalbytes += $bytes;
print OUTFILE $buffer;
}
close($filekey);
close(OUTFILE);
chmod (0666, "$SAVE_DIRECTORY\/$filename");
if ($totalbytes > $MAXIMUM_UPLOAD && $MAXIMUM_UPLOAD > 0) {
unlink "$SAVE_DIRECTORY\/$filename";
return "Filename
You have reached your upload limit.
Your file contains $BytesRead $totalbytes bytes.
This exceeds the maximum limit of $MAXIMUM_UPLOAD bytes.
Your file was not saved.
Please try again.";
}
return "ok";
}
######################################################################
# file: db.cgi #
# sub delete_records #
# #
# if you want to delete the associated file when a record is deleted,#
# change #
# #
# $delete_list{$data[$db_key_pos]} ? #
# ($delete_list{$data[$db_key_pos]} = 0) : #
# ($output .= $line . "\n"); #
# #
# to the following: #
# #
######################################################################
if ($delete_list{$data[$db_key_pos]}) { # if this id is one we want to delete
$delete_list{$data[$db_key_pos]} = 0; # then mark it deleted and don't print it to the new database.
if ($db_upload) {
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $data[$db_key_pos] . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
unlink ("$SAVE_DIRECTORY/$file");
}
}
}
}
else { $output .= $line . "\n"; }
######################################################################
# file: html.pl #
# sub html_record #
# #
# after #
# my (%rec) = @_; #
# #
# add #
# #
######################################################################
$rec{$db_key} =~ s/<.?B>//g;
### Wherever you want your graphic to print out, use the following:
|; # to close off a previous print qq| statement
opendir (GRAPHIC, "$SAVE_DIRECTORY") or &cgierr("unable to open directory in delete records: $SAVE_DIRECTORY. Reason: $!");
@files = readdir(GRAPHIC);
closedir (GRAPHIC);
$file_test = $rec{$db_key} . ".";
foreach $file (@files) {
if ($file =~ /^$file_test/) {
print qq||;
$graphic_found=1;
}
}
print qq|
######################################################################
# file: html.pl #
# sub html_record #
# #
# If you *DO NOT* require users to upload a graphic and would like a #
# default graphic to appear if no graphic has been uploaded, after #
# the lines you added above, add #
# #
######################################################################
|;
unless ($graphic_found) {
print qq||;
}
print qq|
######################################################################
# file: html.pl #
# sub html_record_form #
# probably near the bottom of the form, but before the closing #
# tag #
# #
# add #
# #
######################################################################
|;
if ($form_upload) {
print qq|
Browse Picture:
|;
}
print qq|
######################################################################
# file: html.pl #
# sub html_add_form #
# sub html_add_failure #
# sub html_modify_form_record #
# sub html_modify_failure #
# add #
# right at the beginning of the subroutines #
######################################################################
$form_upload = 1;
######################################################################
# file: html.pl #
# sub html_add_form #
# sub html_add_failure #
# sub html_modify_form_record #
# sub html_modify_failure #
# change #
#
|;
}
print qq|
######################################################################
# file: html.pl #
# sub html_record_form #
# probably near the bottom of the form, but before the closing #
# tag #
# #
# add #
# #
######################################################################
|;
if ($form_upload) {
print qq|