在包含不同表单的另一个cgi脚本中使用表单值
在包含不同表单的另一个cgi脚本中使用表单值
提问于 2019-07-26 04:54:41
我需要使用另一个cgi脚本中的表单数据,另一个表单也exists.Basically我需要从以前的表单数据创建一个文件名,并需要重命名的文件,这是上传到另一个表单。
#!/usr/bin/perl
use CGI qw(:standard);
use CGI::Carp qw( fatalsToBrowser );
use File::Basename;
use Exporter qw(import);
our @EXPORT = qw(copyToTarget);
$newfilename='';
sub xyz()
{
local ($buffer, @pairs, $pair, $name, $value, %FORM);
$ENV{'REQUEST_METHOD'} =~ tr/a-z/A-Z/;
if ($ENV{'REQUEST_METHOD'} eq "POST")
{
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
}
else
{
$buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%(..)/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}
$Circle = $FORM{Circle};
$Techno = $FORM{Techno};
$newfilename = $Circle.'_'.$Techno.'.csv';
#print ("Content-type: text/html\n\n");
#print "$newfilename";
}
sub print_page()
{
xyz();
print ("Content-type: text/html\n\n");
print <<__HTML__;
<form style="margin:20px 0" action="Maintenance_Framework.cgi" method="post" enctype="multipart/form-data">
<p>
<h3 align='center'> Maintenance File Upload </h3>
<p>File to Upload: <input type="file" name="filecsv" /></p>
<p><input type="submit" name="Submit" value="Upload" >   
<input type="button" value="Cancel" onClick="javascript:window.close();">
</body>
</html>
</form>
__HTML__
}
sub main()
{
$CGI::POST_MAX = 1024 * 5000;
my $safe_filename_characters = "a-zA-Z0-9_.-";
my $upload_dir = "/opt/IBM/Maintenance/tmp";
my $query = new CGI;
print_page();
my $filename = $query->param("filecsv");
#my $ctext = $query->param("Circle");
if ( !$filename )
{
exit;
}
my ( $name, $path, $extension ) = fileparse ( $filename, '.csv' );
$filename = $name . $extension;
$filename =~ tr/ /_/;
$filename =~ s/[^$safe_filename_characters]//g;
if ( $filename =~ /^([$safe_filename_characters]+)$/ )
{
$filename = $1;
}
else
{
die "Filename contains invalid characters";
}
my $upload_filehandle = $query->upload("filecsv");
open ( UPLOADFILE, ">$upload_dir/$filename" ) or die "$!";
binmode UPLOADFILE;
while ( <$upload_filehandle> )
{
print UPLOADFILE;
}
close UPLOADFILE;
`mv /opt/IBM/Maintenance/tmp/*.csv /opt/IBM/Maintenance/tmp/$newfilename.csv`;
print <<END_HTML;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Thanks!</title>
<style type="text/css">
img {border: none;}
</style>
</head>
<body>
<p>Thanks for uploading your file!</p>
</body>
</html>
END_HTML
}
#xyz();
main();例如:如果Circle包含Gabon_RAN.csv,Techno包含RAN,并且用户上传了一个文件,则应将其重命名为Techno
回答 1
Stack Overflow用户
发布于 2019-07-29 10:12:34
您忘记在HTML中声明circle和techno表单元素。此外,当您已经有CGI模块为您解析表单数据时,自己解析表单数据也是毫无意义和危险的。
小心潜在的数据丢失:您是否考虑过在输入中再次生成相同的名称时会发生什么情况?正如现在的代码一样,具有相同名称的旧文件将被覆盖。
#!/usr/bin/env perl
use strict;
use warnings;
use CGI qw();
use HTTP::Status qw(HTTP_UNPROCESSABLE_ENTITY HTTP_METHOD_NOT_ALLOWED HTTP_INTERNAL_SERVER_ERROR);
use File::Copy qw(copy);
$CGI::POST_MAX = 1024 * 5000;
my $cgi = CGI->new;
if ('GET' eq $cgi->request_method) {
STDOUT->print($cgi->header('text/html'));
STDOUT->print(<<~'');
<!DOCTYPE html>
<html>
<body>
<form method="post" enctype="multipart/form-data">
<h3>Maintenance File Upload</h3>
<p><label for="circle">Circle</label>:
<input type="text" name="circle" id="circle" /></p>
<p><label for="techno">Techno</label>:
<input type="text" name="techno" id="techno" /></p>
<p><label for="filecsv">File to Upload</label>:
<input type="file" name="filecsv" id="filecsv" /></p>
<p><input type="submit" name="Submit" value="Upload" />
<input type="button" value="Cancel" onClick="javascript:window.close();"></p>
</form>
</body>
</html>
} elsif ('POST' eq $cgi->request_method) {
my %names = (
circle => scalar $cgi->param('circle'),
techno => scalar $cgi->param('techno'),
);
for my $key (keys %names) {
my $val = $names{$key};
if (not length $val or $val =~ /[^a-zA-Z0-9_.-]/) {
STDOUT->print($cgi->header(-status => HTTP_UNPROCESSABLE_ENTITY));
STDOUT->print("parameter '$key' validation error: must be any of a-zA-Z0-9_.-");
exit;
}
}
my $upload = $cgi->upload('filecsv');
unless ($upload) {
STDOUT->print($cgi->header(-status => HTTP_UNPROCESSABLE_ENTITY));
STDOUT->print("upload error: no data for field 'filecsv'");
exit;
}
my $temporary_name = $cgi->tmpFileName($upload);
my $new_name = sprintf '/opt/IBM/Maintenance/tmp/%s_%s.csv', $names{circle}, $names{techno};
my $result = copy $temporary_name, $new_name;
my $error = $!;
unless ($result) {
STDOUT->print($cgi->header(-status => HTTP_INTERNAL_SERVER_ERROR));
STDOUT->print("copy error: from '$temporary_name', to '$new_name', error '$error'");
exit;
}
STDOUT->print($cgi->header);
STDOUT->print("Thanks for uploading your file!");
} else {
STDOUT->print($cgi->header(-status => HTTP_METHOD_NOT_ALLOWED));
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/57213396
复制相关文章
相似问题
腾讯云开发者
