Welcome to WebmasterWorld Guest from 50.19.156.133

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

No scripts appear to be actioned

     

siriusfire

1:50 am on Feb 23, 2010 (gmt 0)

5+ Year Member



I am trying to put a form on a webpage but the scripts do not appear to be running. Can anyone suggest what I'm doing wrong.

I am on a Fasthost Linux server, and have 'post' buttons that should call the scripts to work. However when the buttons are selected the browser shows a blank page and the filename and path of the script appear in the address bar. I have tried three different scripts - all copied (and personalised) from reliable sources. All have the same issue.

I have CGI, Perl enabled on the server and have CHMOD's the permissions of the cgi-bin directory and the scripts I am running to 755.

I have successfully run 'servercheck.cgi' from inside the cgi-bin which seems to show that perl is fully installed and working on the server. Is there anything obvious (or not so obvious) that I have missed.
Thanks in anticipation
SF

phranque

2:25 am on Feb 23, 2010 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld [webmasterworld.com], siriusfire!

is the action atribute value of the form tag referring to the script url and do you have a method="post" attribute on that tag?
are you writing a Content-type header?
are there any clues in your server log files?

siriusfire

2:57 am on Feb 23, 2010 (gmt 0)

5+ Year Member



Thanks fro the welcome Phranque

Answers:

Yes,yes
I think so...
I can't see anything from the log files really indicating what is wrong!

This is the Form HTML:

 <form action="/cgi-bin/upload.cgi" method="post" 
enctype="multipart/form-data">
<p>Photo to Upload: <input type="file" name="photo" /></p>
<p>Your Email Address: <input type="text" name="email_address" /></p>
<p><input type="submit" name="Submit" value="Submit Form" /></p>
</form>


And this is the CGI script:
#!/usr/bin/perl

use strict;
use warnings;
use CGI;
use CGI::Carp qw/fatalsToBrowser/;
use File::Basename;

# set the maximum limit for file uploads
$CGI::POST_MAX = 1024 * 5000;

# change to 1 (one) to disable file uploads
$CGI::DISABLE_UPLOADS = 0; #1 disables uploads, 0 enables uploads

my $query = new CGI;

unless ($CGI::VERSION >= 2.47) {
print $query->header(),
$query->start_html(),
'Your version of CGI.pm is too old. You must have verison 2.47 or higher to use this script.',
$query->end_html;
exit(0);
}

my $upload_dir = "/home/MYHOST/MYWEBSITE/user/htdocs/upload";

# a list of valid characters that can be in filenames
my $filename_characters = 'a-zA-Z0-9_.-';

my $file = $query->param("photo");
my $email_address = $query->param("email_address");

# get the filename and the file extension
# this could be used to filter out unwanted filetypes
# see the File::Basename documentation for details
my ($filename,undef,$ext) = fileparse($file,qr{\..*});

# convert spaces to underscores "_"
$filename =~ tr/ /_/;

# remove illegal characters
$filename =~ s/[^$filename_characters]//g;

# append extension to filename
$filename .= $ext;

# satisfy taint checking
if ($filename =~ /^([$filename_characters]+)$/) {
$filename = $1;
}
else{
print $query->header(),
$query->start_html(),
'The filename is not valid. Filenames can only contain these characters: $filename_characters',
$query->end_html;
exit(0);
}

my $upload_filehandle = $query->upload("photo");


open (UPLOADFILE, ">$upload_dir/$filename") or die "$!";
binmode UPLOADFILE;
while ( <$upload_filehandle> ) {
print UPLOADFILE;
}
close UPLOADFILE;

print $query->header(),
$query->start_html(-title=>'Upload Successful'),
$query->p('Thanks for uploading your photo!'),
$query->p("Your email address: $email_address"),
$query->p("Your photo $filename:"),
$query->img({src=>"../uploads/$filename",alt=>''}),
$query->end_html;
(MY HOST and MYWEBSITE changed to protect the innocent!)

Thanks in advance
SF

phranque

4:38 am on Feb 23, 2010 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



nothing obvious i can see.
has your image file been uploaded and written to /upload/ ?
(btw your src attribute value says /uploads/)

if all else fails, try simplifying your script to see if something else happened without leaving clues:
use strict;
use warnings;
use CGI;
use CGI::Carp qw/fatalsToBrowser/;

my $query = new CGI;

my $file = $query->param("photo");
my $email_address = $query->param("email_address");

print $query->header(),
$query->start_html(-title=>'CGI Script Testing'),
$query->p("Your email address: $email_address"),
$query->p("Your photo file: $file"),
$query->end_html;


also:
my ($filename,undef,$ext) = fileparse($file,qr{\..*});

that pattern for the file suffix is "greedy and promiscuous" [google.com] so if your file name is file.name.ext then the suffix is .name.ext which means name could be almost anything and you should be careful what you do with $ext - i would suggest using a less ambiguous pattern such as qr/\.[^.]*$/

siriusfire

9:17 am on Feb 23, 2010 (gmt 0)

5+ Year Member



No file was uploaded - the browser went blank and the name and path of the script appeared in the address bar.

phranque

11:28 am on Feb 23, 2010 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



when you execute the script from the command line what is the output you get?
try putting the print $query->header(); immediately after creating the CGI object.

what are the permissions and ownership of the upload(s) directory?
i would add "or warn" or "or die" as appropriate after all system calls especially i/o.

I can't see anything from the log files really indicating what is wrong!

but you can see the POST request to the ACTION= script from your form submit?
and it is showing a 200 response code?

No file was uploaded - the browser went blank

that is why i would start with a simple print "hello, world!"; script and then see if you can retrieve parameters as i suggested above and then see if you can get a file.
the name and path of the script appeared in the address bar.

this is expected behavior.
you presumably got a response from the server.
have you tried "view source" from the "blank" page?

a tool such as the "LiveHTTPHeaders" [livehttpheaders.mozdev.org] add-on for firefox can be helpful in debugging cases like this.

siriusfire

1:42 pm on Feb 23, 2010 (gmt 0)

5+ Year Member



Phranque

Thanks very much for all the tips - I went back to basics and started with a 'hello world' script which worked - then executed it via an html page.

In looking at the previous log files, they didn't show up any POST requests being sent. I re-uploaded the files using my own FTP (rather than the on-site uploader) and believe this may have done the trick. Although the 'uploader' assured me it had uploaded the scripts in binary - I'm not convinced. Anyway I now seem to have the scripts functioning - not necessarily correctly but functioning all the same!
Thanks very much for your help!

rocknbil

4:33 am on Feb 24, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Is the upload directory writable?
 

Featured Threads

Hot Threads This Week

Hot Threads This Month