Browser File Uploading, File naming problem on server

[seanl]

Hi, I am new to perl, and don't really consider myself a real programmer, anyway I have a small problem which I would really like to solve and as I lack a lot of knowledge when it comes to perl, I hope someone can help. If someone does have the time to debug the scripts i'm using, I have them in text format on this website for reference :

http://musicremastering.hypermart.net/h/cgi.htm

Here's my problem. I am using the cgi-lib.pl program with a file uploading script (fup.cgi) My only problem is that when I upload a few files, the filenames are written to the server in the following format :

cgi-lib.45001.1 6k
cgi-lib.45434.1 12k
cgi-lib.58432.1 7k

These are not the original filnames, it seems the program is writing preformatted filnames. I really need it to write the filename I specifically give it when I fill in the html form. Looking through the script, I can't figue out where its coming up with these obscure names. I presumed the variable $cgi_data{'upfile'} is the variable which corresponds to the selected file chosen to be uploaded, is this right? What would help is if I knew in which script does the write to the directory on the server, is it the cgi-lib.pl? or the file upload script, fup.cgi? at least then I try and debug one script as opposed to both.

Any help in this matter will be greatly appreciated.

Cheers,

Sean

 

[luciddream]

post your code for fup.cgi... adam@aauser.com

 

[seanl]

Here's the fup cgi....


#!/usr/local/bin/perl

# Copyright (c) 1996 Steven E. Brenner
# $Id: fup.cgi,v 1.2 1996/03/30 01:33:46 brenner Exp $

require 5.001;
use strict;
require "cgi-lib.pl";


MAIN:
{
# Change this so that it's the path to your script.
my ($self) = "/cgi-bin";


my (%cgi_data, # The form data
%cgi_cfn, # The uploaded file(s) client-provided name(s)
%cgi_ct, # The uploaded file(s) content-type(s). These are
# set by the user's browser and may be unreliable
%cgi_sfn, # The uploaded file(s) name(s) on the server (this machine)
$ret, # Return value of the ReadParse call.
$buf # Buffer for data read from disk.
);

# When writing files, several options can be set..
# Spool the files to the /tmp directory
$cgi_lib::writefiles = "/data1/hypermart.net/musicremastering/upload/";

# Limit upload size to avoid using too much memory
$cgi_lib::maxdata = 5000000;

# Start off by reading and parsing the data. Save the return value.
# Pass references to retreive the data, the filenames, and the content-type
$ret = &ReadParse(\%cgi_data,\%cgi_cfn,\%cgi_ct,\%cgi_sfn);

# A bit of error checking never hurt anyone
if (!defined $ret) {
&CgiDie("Error in reading and parsing of CGI input"
} elsif (!$ret) {
print <<&quot; EOF&quot;;
Content-type: text/html


<html>
<body>
<h1>upload example</h1>
<p>
This is an example of a CGI script that allows the user to
upload a file through his browser.
This example is for a paper to be submitted for a conference.
It allows the user to submit a PostScript file containing the
paper, along with the paper's title and author's name.
</p>
<p>
Because this is only an example and we don't have unlimited
disk space, the contents of the uploaded file is simply
echoed back to the user and then the file is deleted.
</p>
<p>
If this script is expected to write in a directory that is
not world-writable, the setuid bit should be turned on.
See <a href=&quot;man?name=chmod&quot;>chmod (1)</a>
for more information.
</p>
<p>
To install this, place
<a href=&quot;src/upload&quot;>the source</a>
in your directory with an extension of &quot;.cgi&quot; and the world
read and execute bits turned on.
Next, change the &quot;self&quot; variable so that it reflects the
correct path to the script.
</p>

<form action=&quot;$self&quot; method=POST enctype=&quot;multipart/form-data&quot;>
<p>title: <input type=text name=&quot;title&quot;>
<p>author: <input type=text name=&quot;author&quot;>
<p>paper file (PostScript): <input type=file name=&quot;upfile&quot;></p>
<p><input type=submit value=&quot;upload&quot;>
</form>
</body>
</html>
EOF

exit(0);

} elsif (!defined $cgi_data{'upfile'} or !defined $cgi_data{'title'}) {
&amp;CgiDie(&quot;Data missing\n&quot;,
&quot;Please complete <a href='$self'>the upload form</a>.\n&quot;
}


# Now print the page for the user to see...
print &amp;PrintHeader;
print &amp;HtmlTop(&quot;File Upload Results&quot;

print <<EOT;
<p>You've uploaded a file.</p>
<p>The title is &quot;$cgi_data{'title'}&quot;
and the author is &quot;$cgi_data{'author'}&quot;.

<p>The file has been spooled to disk as &quot;$cgi_data{'upfile'}&quot;.</p>
<p>The file's reported name on the client machine was &quot;$cgi_cfn{'upfile'}&quot;.</p>

<p>The file's reported content type was &quot;$cgi_ct{'upfile'}&quot;.</p>

<pre>
EOT




# cleanup - delete the uploaded file
# Note that when using spooling of files to disk, the uploaded file's
# name on the server machine is in both %cgi_data and %cgi_sfn
# (that is, the first and fourth parameters to ReadParse). However,
# for technical reasons, the data in %cgi_data are tainted. The data in
# %cgi_sfn are not tainted, but the keys can contain only a limited
# set of characters ([-\w] in cgi-lib 2.8)


print &amp;HtmlBot;


# The following lines are solely to suppress 'only used once' warnings
$cgi_lib::writefiles = $cgi_lib::writefiles;
$cgi_lib::maxdata = $cgi_lib::maxdata;

}