Uploading and Downloading files - changing names (Perl and PHP)
Archive - Originally posted on "The Horse's Mouth" - 2009-08-04 09:10:31 - Graham EllisWhen you are uploading a file to a server via http (in Perl or PHP), where is the file saved, and what is it called? And when you download a file, where is it saved on your local disc, and what name is it given? These are not unusual questions, but it can be hard to find the answer, as I was reminded in my in-box overnight:
I am located in the USA and am working through your on line public CGI Perl upload and download scripts (up.pl ; down.cgi ; up.html). I have everything working except for one problem - I can't figure out how to preserve the original filenames. I can hard code a filename in both modules and it works fine but I would like to preserve the original filenames after they have been uploaded or downloaded. All downloaded files have the name of the download module i.e. "down.cgi" and uploaded files have to have a hard coded name (e.g. $fnsave="LastUploadedFile") in order to to appear on the server directory although the file seems to be uploading to somewhere. I also can't send the file to anything but the root directory - It just doesn't show up after uploading. It seems like it should not be that difficult but I can't figure it out. Could you assist please? |
My answer is worth sharing:
On the download, (http://www.wellho.net/resources/ex.php4?item=p406/down.pl) you need to add a content-disposition header - I've illustrated that (in a PHP example) at:
http://www.wellho.net/mouth/484_Setting-the-file-name-for-a-downloaded-document.html
and you'll find source code examples (all in PHP, I'm afraid) at:
http://www.wellho.net/resources/ex.php4?item=h109/savepeople.php4
http://www.wellho.net/resources/ex.php4?item=h307/sendimage.php
and
http://www.wellho.net/resources/ex.php4?item=s156/mkexcel.php
On the upload (http://www.wellho.net/resources/ex.php4?item=p406/up.html and http://www.wellho.net/resources/ex.php4?item=p406/up.cgi), again I have some PHP examples and start at:
http://www.wellho.net/solutions/php-example-php-form-image-upload-store-in-mysql-database-retrieve.html
which however is NOT so clear as PHP does the decoding work for you ... so I have modified the Perl scripts that you referred to and uploaded them live onto my side - see
http://www.wellho.net/demo/upfile.html (form to run the demo, which runs)
http://www.wellho.net/cgi-bin/demo/upsend.cgi
and the source code is at:
http://www.wellho.net/resources/ex.php4?item=p406/upfile.html
http://www.wellho.net/resources/ex.php4?item=p406/upsend.cgi
On uploading, you'll find that it's common practise for files to be saved initially to a staging directory and then to be moved / copied - it relates to various issues such as the security implications of any old file that a user can upload being places into your directories straight away, with overwrite and overflow risks, and the ability of people to upload code which - saved to a directory with CGI enabled - could be run, and if the file was malicious code that's an injection attack!
Hopefully this is useful to you ... the comments and references could be useful to others too, and you're not the first one to struggle with this nor will you be the last, so I'm adding it to my blog at http://www.wellho.net/horse to help pull the various answers and resources together. Thanks for the inspiration for this morning!