I added an upload action to my
UsemodWiki code. The code I added is in the form of two sub routines that return a upload form if nothing is posted (
DoPublish) and uploads the file and returns a confirmation when a file is posted (
SavePublish).
I really know nothing about perl code so I am sure this is insecure and or poorly written, but for what it is worth here is what I did. I did add some security with a check for useris...
sub
DoPublish {
print &GetHeader(, T('File Upload Page'), );
if (&UserIsAdmin || &UserIsEditor){}
else
{
print '<center>Only Administrators and Editors can upload files</center>';
print &GetCommonFooter();
return;
}
print '<FORM METHOD="post" ACTION="wiki.pl" ENCTYPE="multipart/form-data">';
print '<input type="hidden" name="upload" value="1" />';
print 'File to Upload: <INPUT TYPE="file" NAME="file"><br><BR>';
print '<INPUT TYPE="submit" NAME="Submit" VALUE="Upload">';
print '</FORM>';
print &GetCommonFooter();
}
sub
SavePublish {
my ($upload_dir,$filename,$upload_filehandle);
print &GetHeader("", "Uploading file", "");
if (&
UserIsAdmin || &
UserIsEditor){}
else
{
print '<center>Only Administrators and Editors can upload files</center>';
print &GetCommonFooter();
return;
}
$upload_dir = "/home/username/public_html/uploads"; #absolute path to upload dir
$filename = $q->param("file");
$filename =~ s/.*[\/\\](.*)/$1/;
$upload_filehandle = $q->upload("file");
open UPLOADFILE, ">$upload_dir/$filename";
while ( <$upload_filehandle> ){print UPLOADFILE;}
close UPLOADFILE;
print "The link to your image is...\n<br><BR>";
print "http://www.yourserver.org/uploads/$filename<BR><BR>\n";
print "<HR><img src=http://www.yourserver.org/uploads/$filename></html>\n";
print &GetCommonFooter();
}