WEB Need quick code for image uploader

Discussion in 'OT Technology' started by iBoost, Jul 19, 2009.

  1. iBoost

    iBoost ohio state, son OT Supporter

    Joined:
    Jan 7, 2005
    Messages:
    4,160
    Likes Received:
    0
    Does anyone have any simple, ready to use code for putting an image uploader on my webpage? I just want something simple where the user can upload 3-5 pictures at a time to a predetermined folder and then will be provided with links to their pictures. Thanks.
     
  2. Browning

    Browning Active Member

    Joined:
    Feb 14, 2005
    Messages:
    89,465
    Likes Received:
    10
  3. Jesse

    Jesse PSN: iamajesse; XBL: Inhale My Rod; G8 GT crew; Ne OT Supporter

    Joined:
    Jan 12, 2005
    Messages:
    25,649
    Likes Received:
    0
    Location:
    California :: (925)
    Simple usually means unsafe. Proceed with caution.
     
  4. Pepsi1975

    Pepsi1975 Mod of the Year

    Joined:
    Jan 6, 2005
    Messages:
    47,590
    Likes Received:
    1
    Location:
    Detroit
    :werd:

    just ask oter eggman :mamoru:
     
  5. iBoost

    iBoost ohio state, son OT Supporter

    Joined:
    Jan 7, 2005
    Messages:
    4,160
    Likes Received:
    0
    i uploaded those files to my host and i cant load any pages from it on my site?
     
  6. Pepsi1975

    Pepsi1975 Mod of the Year

    Joined:
    Jan 6, 2005
    Messages:
    47,590
    Likes Received:
    1
    Location:
    Detroit
  7. Browning

    Browning Active Member

    Joined:
    Feb 14, 2005
    Messages:
    89,465
    Likes Received:
    10


    show me an uploader that can't, or hasn't been hacked.
     
  8. Jesse

    Jesse PSN: iamajesse; XBL: Inhale My Rod; G8 GT crew; Ne OT Supporter

    Joined:
    Jan 12, 2005
    Messages:
    25,649
    Likes Received:
    0
    Location:
    California :: (925)
    One that uses mime type checking and file extension checking would be a start.
     
  9. brds

    brds OT Supporter

    Joined:
    Jun 26, 2006
    Messages:
    17,651
    Likes Received:
    15
    Location:
    Atlanta
    w3schools has a quick basic tutorial on their page. from there, you can easily figure out how to edit if you know what information is held in the $_FILES array
     
  10. retorq

    retorq What up bitch??

    Joined:
    Dec 14, 2006
    Messages:
    6,061
    Likes Received:
    0
    Location:
    Mohave Desert
    I have a perl one that checks mime types ... so far so good but it's not like I've posted it here for you guys to hack away at. :big grin:
     
  11. dazmanultra

    dazmanultra New Member

    Joined:
    Jun 17, 2002
    Messages:
    34,795
    Likes Received:
    0
    Location:
    English Countryside
    I don't know why so many people sackride celerondude's uploader.
     
  12. retorq

    retorq What up bitch??

    Joined:
    Dec 14, 2006
    Messages:
    6,061
    Likes Received:
    0
    Location:
    Mohave Desert
    I didn't like it cause it was way beyond bloated for a simple xfer program.
     
  13. retorq

    retorq What up bitch??

    Joined:
    Dec 14, 2006
    Messages:
    6,061
    Likes Received:
    0
    Location:
    Mohave Desert
    Here's mine, it's a two parter:

    upload.html:
    Code:
    <html>
    <!-- Creation date: 11/25/2003 -->
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <title></title>
    </head>
    <body bgcolor="#E5E5E5">
    
    <FORM METHOD="POST" ACTION="http://www.domain.com/cgi-bin/upload.cgi";
    ENCTYPE="multipart/form-data">
    <P>Enter or Browse to the file you would like to upload.<BR>
    <INPUT TYPE="file" NAME="FILEID" VALUE="" SIZE=50 MAXLENGTH=80><BR>
    <INPUT TYPE="submit" NAME="submit" VALUE="Upload"></FORM>
    
    </body>
    </html>
    The CGI-bin:
    Code:
    #!/usr/bin/perl -w
    use CGI;
    $query = new CGI;
    print $query->header;
    print $query->start_html(-title=>"File Attachment",-BGCOLOR=>"#E5E5E5");
    
    # retrieve the upload file name.  Note that it is retrieved with
    # the same name here ('FILEID') that it has in the HTML.
    unless ($fileID = $query->param('FILEID'))
        { &showError('No file name specified.'); }
    
    # Check to make sure the uploaded file is safe to keep by checking its type.
    # I recommend against excluding types.  Instead, you should explicitly define th
    e types you want to accept.
    $type = $query->uploadInfo($fileID)->{'Content-Type'};
    unless ($type =~ /audio/i || $type =~ /image/i || $type =~ /wmv/i || $type =~ /
    video/i || $type =~ /x-shockwave-flash/i )
            { &showError("Dangerous file type of $type.<BR>UPLOAD ABORTED."); }
    
    $size = (stat($fileID))[7];
    unless ($size<50000000)
            { &showError("File size of $size.<BR>UPLOAD ABORTED."); }
    
    @pathName = split(/\\/,$fileID);
    $serverfilename .= pop(@pathName);
    $serverfilename =~ tr/\ /_/; $serverfilename =~ tr/\#/_/;
    $serverfilename =~ tr/\(//; $serverfilename =~ tr/\)//;
    $serverfilename =~ tr/A-Z/a-z/;
    
    $newFile ='/home/digital/public_html/uploads/';
    
    @serverpath = split(/\//,$newFile);
    $newserverpath .= pop(@serverpath);
    
    # add the upload filename to the new path
    $newFile .= $serverfilename;
    
    # open a handle to the new file you will write
    open(OPF,">$newFile") || &showError("Failed to open OPF, $!");
    
    # while you read from the remote machine, write to the output file.
    #print "<CENTER>Uploading <BR>$fileID to $newFile<BR></CENTER>\n";
    while ($bytesread=read($fileID,$buffer,1024))
        {
         print OPF "$buffer";
        }
    close OPF;
    
    #sexy post link/image for phpbb...
    print "<script language=\"javascript\" type=\"text/javascript\">
    <!--
    function copypaste(text) {
            text = ' ' + text + ' ';
            if (opener.document.forms['post'].message.createTextRange && opener.document.forms['post'].message.caretPos) {
                    var caretPos = opener.document.forms['post'].message.caretPos;
                    caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? text + ' ' : text;
                    opener.document.forms['post'].message.focus();
            } else {
            opener.document.forms['post'].message.value  += text;
            opener.document.forms['post'].message.focus();
            }
    }
    //-->
    </script>";
    print "Done, you may now use the link: <a href=\"http://www.domain.com/", $newserverpath,"/", $serverfilename ,"\">'ht
    tp://www.domain.com/", $newserverpath,"/", $serverfilename ,"'</a> to access your file.<BR>\n";
    print "<FORM><INPUT TYPE=\"button\" VALUE=\"Another\" onClick=\"history.go(-1);return true;\"> <INPUT TYPE=\"button\" VALUE=\
    "Close\" onClick=\"window.close();return true;\"> <INPUT TYPE=\"button\" VALUE=\"Post Image\" onClick=\"javascript:copypaste(
    '\[img\]http://www.domain.com/$newserverpath/$serverfilename\[/img\]')\"> <INPUT TYPE=\"button\" VALUE=\"Post Link\" o
    nClick=\"javascript:copypaste('\http://www.domain.com/$newserverpath/$serverfilename\')\"></FORM>\n";
    print "          ";
    print $query->end_html;
    
    sub showError
    {
    # a generic complaint generator
    my @error = @_;
    print "<CENTER><font color=\"\#ff4500\">ERROR - @error</font><BR>\n";
    print "Please use the BACK button to return to the previous page<BR>\n";
    print "and correct the error.<BR></CENTER>\n";
    print $query->end_html;
    exit;
    }
    Older code, I'm sure it can be stream lined a bit here and there ...
     

Share This Page