#!/usr/bin/perl #======================================================# # EveryAuction Addon # Upload A Picture Add-On v1.1b #======================================================# # PiTA - Park In The Alley Software (Auction-Script.com) #======================================================# # Author: Splatt 11/20/00 # justguns.com auction-script.com compalley.com #------------------------------------------------------# # Unauthorized redistribution is prohibited!!! # The latest version of my addons can be found at: # www.auction-script.com/addons #======================================================# #------------------------------------------------------# # Upload configuration section #------------------------------------------------------# $basedir = '/usr/www/auction/uploadedpictures/'; # Directory to store the file $windows = 'yes'; # yes or no, if set to no it will CHMOD the file for you $returnurl = 'http://www.yourdomain.com/cgi-bin/auction.cgi'; # The full URL to your auction $mailerror = 'auction\@yourdomain.com'; # EMail address in case of an upload error #------------------------------------------------------# # End configuration #------------------------------------------------------# #------------------------------------------------------# # Main Code #------------------------------------------------------# umask(000); mkdir("$basedir", 0777) unless (-M "$basedir"); use CGI; # On some servers uncommenting this makes it work correctly $| = 1; read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); $buffer =~ /^(.+)\r\n/; $bound = $1; @parts = split(/$bound/,$buffer); $filename=$parts[1]; $parts[1] =~ s/\r\nContent\-Disposition.+\r\n//g; $parts[1] =~ s/Content\-Type.+\r\n//g; $parts[1] =~ s/^\r\n//; @subparts = split(/\r\n/,$parts[2]); $directory = $subparts[3]; $directory =~ s/\r//g; $directory =~ s/\n//g; #got the directory name $filename =~ s/Content-Disposition\: form-data\; name=UploadedFile\; filename\=//g; @stuff=split(/\r/,$filename); $filename = $stuff[1]; $filename =~ s/\"//g; $filename =~ s/\r//g; $filename =~ s/\n//g; @a=split(/\\/,$filename); $totalT = @a; --$totalT; $fname=$a[$totalT]; @a=split(/\//,$fname); $totalT = @a; --$totalT; $fname=$a[$totalT]; @a=split(/\:/,$fname); $totalT = @a; --$totalT; $fname=$a[$totalT]; @a=split(/\"/,$fname); $filename=$a[0]; if($parts[1] !~ /[\w\d]/) { print "Content-Type: text/html\n\n"; print "\nError!\n"; print "\n"; print "You did not provide a file to be uploaded or it is empty.
\n"; print "Press your browsers BACK button to try again."; print "\n"; exit 0; } #------------------------------------------------------# # START: Filter to allow only GIF and JPG files and # less than 100K Size # Contributed by RC netlink@netlinkcorp.com #------------------------------------------------------# $extension = (split(/\./,$filename))[-1]; if ($extension !~ /(gif|jpg)/i ) {print "Content-Type: text/html\n\n"; print "\nError!\n"; print "\n"; print "

ERROR - FILE TYPE NOT ALLOWED\!

\n"; print "You can only upload a jpg or gif file.
\n"; print "or
\n"; print "This routine does not work with your version of Internet Explorer.

\n"; print "Press your browsers BACK button to try again.

"; print "\n"; exit 0; } if ($ENV{'CONTENT_LENGTH'} >= 100000) { print "Content-Type: text/html\n\n"; print "\nFile size is too large!\n"; print "\n"; print "

ERROR - IT'S TOO BIG\!

\n"; print "Sorry but you are not authorized to upload files over 100k.
\n"; print "Please only upload files less than 100k in size.

"; print "\n"; exit 0; } #------------------------------------------------------# # END: Filter to allow only GIF and JPG files and # less than 100K Size # Contributed by RC netlink@netlinkcorp.com #------------------------------------------------------# $directory = $basedir; open(REAL,">$directory$filename") || &error($!); binmode REAL; print REAL $parts[1]; close(REAL); if($windows ne 'yes') #chmod it for unix systems { `chmod 777 $directory$filename`; } #------------------------------------------------------# #Let the user know that the upload's complete #------------------------------------------------------# if(-e "$directory$filename") { print "Content-Type: text/html\n\n"; print "\nUpload Successful\n"; print "\n"; print "The upload was successful. Here is the data concerning the file\:\n"; print "
"; print "Click HERE to return"; print "\n"; exit 0; } else { print "Content-Type: text/html\n\n"; print "\nUpload Unsuccessful\n"; print "\n"; print "The upload was unsuccessful\.\.\.unable to create $directory.\n"; print "
Error Message\n"; print "
$!
\n"; print "Click HERE to notify the site administrator"; print "\n"; exit 0; } #------------------------------------------------------# #Sub: Error #------------------------------------------------------# sub error{ #------------------------------------------------------# print "Content-Type: text/html\n\n"; print "\nError!\n"; print "\n"; print "Could not create $directory\n"; print "
Error message:$_[0]\n"; print "Click HERE to notify the site administrator"; print "\n"; exit 0; } #------------------------------------------------------# # Sub: Unable to open file #------------------------------------------------------# sub unable{ #------------------------------------------------------# print "Content-type: text/html\n\n"; print "\n"; print "Error\n"; print "\n"; print "Unable to open: $_[0]\n"; print "Click HERE to notify the site administrator"; print "\n"; exit 0; } #------------------------------------------------------# #------------------------------------------------------# #------------------------------------------------------#