文件无法通过Perl脚本上传

时间:2016-06-03 15:12:15

标签: perl upload

以前,我发布了一个PERL文件上传脚本,我已经使用了多年,神秘地停止了工作。我已经尝试了另一个脚本(从一个网站借来 - https://www.sitepoint.com/uploading-files-cgi-perl/),它也没有用。我真的需要在我们的网站上运行一个文件上传脚本,所以感谢任何帮助。

当我尝试使用html表单上传文件时,它似乎正常工作并提供确认屏幕。该文件存在于upload文件夹中,但它是空的。我在存储上传文件的文件夹上将权限更改为777,但这似乎没有帮助。因此,它可以在文件夹中打开文件,但不能写入文件。

HTML CODE 

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>File Upload</title>

    </head>

    <body>

    <form action="/cgi-bin/upload.cgi" method="post" enctype="multipart/form-data">
    <h2 style="margin-left:40px;">Nursing File Upload</h2>

    <p style="margin-left:40px;margin-top:40px;font-size:24px;">File to Upload: <input type="file" name="photo" /></p>

    <p style="margin-left:40px;font-size:24px;">Password: <input type="password" name="password" /></p>

    <p style="margin-left:40px;font-size:24px;"><input type="submit" name="Submit" value="Submit Form" /></p>

    </form>

    </body>

    </html>

PERL CODE 

    #!/usr/bin/perl -wT

    use strict;
    use CGI;
    use CGI::Carp qw ( fatalsToBrowser );
    use File::Basename;

    $CGI::POST_MAX = 1024 * 5000;
    my $safe_filename_characters = "a-zA-Z0-9_.-";
    my $upload_dir = "/home/httpd/cgi-bin/ge";

    my $query = new CGI;
    my $filename = $query->param("photo");
    my $password = $query->param("password");

    if ($password ne "nursing1")
    {
    print $query->header ( );
    print "Password incorrect.  Please try again.";
    exit;
    }

    if ( !$filename )
    {
    print $query->header ( );
    print "There was a problem uploading your file.";
    exit;
    }

   my ( $name, $path, $extension ) = fileparse ( $filename, '..*' );
   $filename = $name . $extension;
   $filename =~ tr/ /_/;
   $filename =~ s/[^$safe_filename_characters]//g;

   if ( $filename =~ /^([$safe_filename_characters]+)$/ )
   {
   $filename = $1;
   }
   else
   {
   die "Filename contains invalid characters";
   }

   my $upload_filehandle = $query->upload("photo");

   open ( UPLOADFILE, ">$upload_dir/$filename" ) or die "$!";
   binmode UPLOADFILE;

   while ( <$upload_filehandle> )
   {
   print UPLOADFILE;
   }

   close UPLOADFILE;

   print $query->header ( );

   print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"     \"DTD/xhtml1-strict.dtd\">";
   print "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">";
   print "<head>";
   print "<meta http-equiv=\"Content-Type\" content=\"text/html;     charset=utf-8\" />";
   print "<title>Thanks!</title>";
   print "<style type=\"text/css\">";
   print "img {border: none;}";
   print "</style>";
   print "</head>";
   print "<body>";
   print "<p>Thanks for uploading your file!</p>";
   print "</body>";
   print "</html>";

1 个答案:

答案 0 :(得分:0)

您的文件夹权限应设置为755。 不要上传到cgi-bin,将文件夹移出那里。 您chmod 0644, $upload_dir.'/'.$filename;之后可以使用权限644 close UPLOADFILE;设置上传的文件,但使用该上传脚本仍然存在一些安全问题。

相关问题
最新问题