I decided to start a new thread to make it easy to find.

I've made an upload mod. You will need to add an extra field in your database to store the file name and make a few tweaks to the templates, add.cgi and links.cfg but apart from that it is easy to install

I just have to test it a bit and then I'll post instructions/code asap

btw, it supports unlimited uploads.

thank you thank you thank you very much ....

.. can't wait

Gregor

The File Upload Mod is finished and you can download it here:

http://www.wiredon.net/gt/download.shtml

Please let me know if you find any problems. (There may be bugs )

Hi!

ready for additional questions
1. I'm using password mod. does this mod affects in any way this upload mod or reverse.
2. Tag <%File%> can be used in templates?
3. Will be file deleted with resource?
4. How to allow only i.e. 60x60 pxl pics

I hope this is not too much what i'm asking

thanx in advance

Gregor

1. I'm using password mod. does this mod affects in any way this upload mod or reverse.

I've never used the password mod. But it shouldn't matter.

2. Tag <%File%> can be used in templates?

Yes.

3. Will be file deleted with resource?

How are you deleting them?

4. How to allow only i.e. 60x60 pxl pics

You'd need Image::Size for that. I can supply the code if you have that module.

To get the image to delete when you delete a record from admin would require modifications to db.pl

Hi!

Image:Size would be great since i would use it so link owners can supply pics of their hot air balloons at http://www.balonarstvo.com/imenik/

what modifications would be nedeed for deleting a link via admin and also a image with this link.

thanx in advance

Gregor

Right well firstly you'll need to install Image::Size if you don't have it.

shell> perl -MCPAN -e 'install Image::Size'

Then in add/modify.cgi in sub parse_me_and_upload under

$file_name = $rand . $file_name; # Prevent files being overwritten by giving them a random prefix

...add........

($x, $y) = imgsize("$upload_path/$file_name");

($x > $size_x) or ($y > $size_y) and &cgierr("Image dimensions are $x x $y. Max allowed in $size_x x $size_y");


Then in links.cfg add $size_x and $size_y with the size you want. eg....

$size_x = 50;
$size_y = 50;

...oh an remember to add

use Image::Size;

to the top of both scripts.

I'm not sure whether to add this to the default copy for everyone :( ...not everyone has Image::Size

Right well firstly you'll need to install Image::Size if you don't have it.

shell> perl -MCPAN -e 'install Image::Size'

...hmm this one looks strange to me ... "shell" where do i have to install this ...

Gregor

That means you have to do it from telnet or ssh

You need root access which you don't have.

Hmmm may need to contact your host to ask if they'll install it and/or if they have it installed already.

yep .. because i don't have access to telnet ... i'll contact them

thenx

Gregor

Hi!

just droped in to say i'm doing very good with this mod. Now i'm going to try Image:Size ...

can u please explain what modification should i made in db_utils so image gets deleted when link is delted. I think that Eliot has posted this a long time ago .. but in this crowd and mess of articles regarding upload i cannot find it ..

thanx

Gregor

Hi!

with this definition in links.def


add.cgi still wants File i mean i get error

File (Invalid format)

??

Gregor

That will only accept gif/GIF/jpg/JPG

yes but it is marked as not necessary .. i mean that users can left it blank .. with no file ...

Gregor

Hmm thats weird.

Could you try removing the regex to see if that helps.

Im not sure what that will do though as I have a copy working with that regex without problems.

i did some mistakes with language mod when modifying files for upload mod, so i reset everything .. i'm starting upload mod from the beginning ...

i'll post any problems here ... hope there wont be any

Gregor

Hi, I've got an interesting problem!

Set up for 5 (image) File uploads called from modify.html only. If all 5 upload fields are complete images load ok. If all are left blank we get the error notice 'File1 (Invalid format)', five times. If some of the upload fields are complete the empty fields auto fill with expanded file names based on the last file entered (the rand time # is added to the last filename, in an expanding format)! And 0kb files are created in the upload directory. You can see txt versions of my modify.cgi, modify.html and links.def by clicking these links. You can also check out the problem at http://www.antique-seekers.co.uk, use Account Key: 9 and Password: test to try and modify a listing. The sites under construction!

Also think there will be another problem when returning to modify because the upload fields will show empty and the user won't know the original file names!

Hope you can give me some pointers to solving probs - thanks

Gra

Hi, done some slight tweaks to 'sub parse_me_and_upload ' code in modify.cgi, all seems fine! Apart from when returning to modify, as expected if file upload fields are left empty previous files are cleared from the links.db. Any one got any ideas how to side-step this?

Here's the modified parse:

sub parse_me_and_upload {

use CGI qw(:standard);

my (%in);
my ($fnum,$file_field,$file_name,$ext,$bytes_count,$size,$buff);
my ($num)=1;
my ($IN) = new CGI;

# create a hash for all input - name => value
for ($IN->param) { $in{$_} = $IN->param($_) }
# loop through the input
for (keys %in) {
# if the field name matches File(DIGIT) create an array of file fields
if (/^(File\d*)$/i) {
# establish and number associative files in array
$fnum = $num++;
$file_field = $1;
$in{$file_field} =~ /([^\/\\]+)$/ and $file_name = $1;
# check for new file to upload
if (length($in{$file_field}) < 1 ) {
$file_field = $in{file_name};
}else{
# split the file name and get the file type extension
@divprts=split(/\./,$file_name);
$prts=@divprts; $prts--;
$ext=lc($divprts[$prts]);
# create new filename based on client id and file number, enables client to overwrite existing file!
$file_name = "$in{'ID'}_$fnum.$ext";
open U, ">$upload_path/$file_name" or &cgierr("Can't open $upload_path/$file_name : $!");
binmode U; # needed for Windows servers
while ($bytes_count = read($in{$file_field},$buff,2096)) {
$size += $bytes_count;
print U $buff;
} close U;
$in{$file_field} = $file_name;
# create an array of upload fields so we can unlink if there's a booboo
push @uploads, $in{$file_field}
}
}
}
# return the %in hash as normal
return %in

}

Gra

Hi, can't get past the modify.cgi clearing the previous image uploads when re-modifying the fields! So I'm going to flag a warning message by each File# field if an image has previously been uploaded using:-

<%if File#%>WARNING image <%File#%> will be removed<%endif%>

in modify.html. Means the client will have to upload again or replace that particular image. But other than that the client user experience will be pretty clean having only one form to update.

Many thanks to PaulW for the UploadMod, will create a credits page on the site(s) with acknowledgement and link to wiredon.

Ta Mate


Gra

Does this mod make links 2.0 more vulnerable to hackers? Or does it not change it at all?

I'm just wondering because lots of big download sites (eg. www.download.com) don't use an upload thing like this.

It seems like a great mod but I am just concerned with the amount of hacking going on lately.

Thanks,

Andrew

Hi Andrew - I believe allowing any form of file upload will always be open to abuse by the scurrilous types. This mods author (and thread initiator) has reduced the risk by limiting the file types that can be uploaded within the field definitions in links.def (i.e. '^[^\.]+\.(gif|GIF|jpg|JPG)$'],). As an extra precaution I only allow file upload from the modify form and not from the initial add form. This allows some choice and limited control over who can upload files, plus you have a good idea of the submitters id. Hope this is helpful, have a good 2002..
Gra

Thankyou for your reply.

It will probably be a bit risky for me to have this mod on my site because it's based on all types of files (*.zip, *.exe etc.).

Still I congatulate the author on a great mod.

Andrew

Paul - THANKS!

I have everything installed and the templates have been mod'd, BUT there is a slight problem. When I click "Add Resource" I get an error:

Unkown Tag: Title



Those three words are all it says on the page.

http://www.carsonscorner.com/cgi-bin/links/add.cgi