upload.pl
Copying Source is Forbidden
86 lines of code
1
#!/usr/local/bin/perl
2
3
# must have's!
4
use strict;
5
use warnings;
6
use CGI::Carp qw(fatalsToBrowser);
7
use DBI;
8
use URI::Escape;
9
use File::Basename;
10
11
$CGI::POST_MAX = 1024 * 5000;
12
13
use lib "/var/www/html/Pm";
14
15
use Html qw(pre_html_header);
16
use Bc_chef qw(cookie_get);
17
use Redir qw(notice_redir
18
error_redir
19
);
20
use Bc_sql qw(
21
get_constant
22
sql_execute
23
user_exists
24
$QUERY_PAGE
25
$QUERY_UID
26
$LOGGEDIN
27
28
$DB
29
);
30
use User qw(isUserSubscriber);
31
32
use Security qw(banned);
33
34
my $query = new CGI;
35
my $filename = $query->param("pic");
36
my $database = $query->param("db");
37
if (not $database) { $database = "2812.ns.db"; }
38
39
my $DEBUG = 0;
40
if (not user_exists($LOGGEDIN) or banned($LOGGEDIN) or not isUserSubscriber($LOGGEDIN)) {
41
my $msg = "Access Denied";
42
if ($DEBUG) { $msg .= " (upload.pl)"; }
43
print error_redir("/", $msg);
44
45
exit 1;
46
}
47
48
my $output; # = pre_html_header(); # this is JUST a placeholder
49
50
if ($filename) {
51
my @bits = split(/\./, $filename);
52
my $extension = $bits[$#bits]; # that SHOULD give us the file extension, finally!
53
$output .= "file data received, processing...<br>\n";
54
$output .= "filename: $filename<br>\n";
55
$output .= "extension: $extension<br>\n";
56
57
my $upload_filehandle = $query->upload("pic");
58
59
my $image;
60
while (<$upload_filehandle>) { $image .= $_; }
61
62
my $dbh = DBI->connect("dbi:SQLite:dbname=$database", {RaiseError => 1}) or die $DBI::errstr;
63
my $stm = $dbh->prepare("insert into images (ID, UID, data, type, dp) values (?, ?, ?, ?, 1)") or die $DBI::errstr;
64
$stm->bind_param(1, undef);
65
$stm->bind_param(2, $LOGGEDIN);
66
$stm->bind_param(3, $image, DBI::SQL_BLOB);
67
$stm->bind_param(4, $extension);
68
$stm->bind_param(5, '1');
69
$stm->execute() or die $DBI::errstr;
70
$stm->finish() or die $DBI::errstr;
71
$dbh->commit() or die $DBI::errstr;
72
$dbh->disconnect();
73
# yahoo! it worked!
74
75
#sleep 8;
76
77
# now, let's display the image we just inserted
78
#$output .= "<img src='/getimage.pl?id=" . $ref->{ID} . "'>\n";
79
$output = notice_redir("/?" . $QUERY_PAGE . "=" . get_constant("PHOTOS_PAGE"), "image successfully uploaded...");
80
} else {
81
$output = error_redir("/?" . $QUERY_PAGE . "=" . get_constant("PHOTOS_PAGE"), "image did not upload...");
82
}
83
84
print $output;
85
86
exit 1;