Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

how can i upload a file using a web-browser and the chmod() the file ?

( #34202=categorized question: print w/ replies, xml ) Need Help??
Contributed by Digsy on Sep 27, 2000 at 18:27 UTC
Q&A  > HTTP and FTP clients


Description:

I am trying to write a script that will upload a script from a PC via a web-browser. (The PC cant have FTP or perl) The script would be put onto a secure FTP server and then chmod'ed so that the script could be executed.

Answer: how can i upload a file using a web-browser and the chmod() the file ?
contributed by merlyn

File uploading is fairly painless with CGI.pm. From the manpage:

CREATING A FILE UPLOAD FIELD print $query->filefield(-name=>'uploaded_file', -default=>'starting value', -size=>50, -maxlength=>80); -or- print $query->filefield('uploaded_file','starting value',50 +,80); [...] When the form is processed, you can retrieve the entered filename by calling param(): $filename = $query->param('uploaded_file'); [...]
You can then copy the file to the appropriate place (perhaps using the File::Copy core module), and then use the chmod operator to make it executable.

An important security concern is to make sure your script is not available to the general populus, because you've effectively given an open prompt to whomever wants it.

Answer: how can i upload a file using a web-browser and the chmod() the file ?
contributed by AgentM

Minimally, you will want to turn on taint checking with -T. If you are uploading a picture, you'll want to check its "pictureness" with Image::Magick or some similar Module. In any case, you should set a maximum size for the file in the CGI Module using $CGI::POST_MAX and optionally scan the file to make sure that its corresponds with some given format. In the name of security, you should definitely take these extra steps to ensure the sanity of your filesystem.

Please (register and) log in if you wish to add an answer



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others studying the Monastery: (11)
    As of 2014-10-20 11:22 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      For retirement, I am banking on:










      Results (75 votes), past polls