The web server's root and your OS's root are different.
The web server won't look outside it's tree. If you write your image file to a location outside the server's DocumentRoot, your web server can't find it.
You can
- use the Alias directive to have a location point to some path outside the DocumentRoot
- allow the webserver process to write to some images directory inside the tree rooted at DocumentRoot
- use a CGI script to serve the image. Provide e.g. the tag
<img src="/cgi-bin/image.pl?img=$tag.jpg">
in the page referencing the image, and have it served thusly:
#!/usr/bin/perl -T
use CGI;
use strict;
my $q = new CGI;
if($q->param('img') =~ /^([\w\.\-]+)$/) { # untaint
my $file = $1;
if(-f "/tmp/$file") {
if(open(I,'<',"/tmp/$file")) {
print $q->header(-content_type => "image/jpeg");
print while <I>;
close I;
exit;
}
}
}
print $q->header(-status => '404 Not found');
print "<h1>Not found.</h1>\n";
As for 1. and 2. - if you allow your web server to write to some path, you should limit the methods POST, PUT and DELETE for that directory (or location).
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|