How can I let a user upload a file to my site?

Hi,

How can I let a user upload a file to my site?  I am running a web site on an sgi and I want people to be able to upload stuff to me.  I own the sgi so I have total access to everything.
I don't really have clue where or how to approach this.  Is there any examples of how do to this or does anyone have any simple scripts I could use to do this.  I would prefer a user to have to enter a password before they can upload something to my site.  

Thanks for any help.
LVL 1
onestarAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

undefCommented:
#!/usr/bin/perl -w -T

$datapath = 'absolute/path/to/dir';

use CGI;

$q = new CGI;

if(not $q->param){
      print +
            $q->header,
            $q->start_multipart_form,
            $q->filefield(-name=>'file',-size=>25),
            $q->submit;
            $q->end_form;
} else {
      $filename = $q->param('file');
      open FILE, ">$datapath/$filename"; #BIG SECURITY HOLE:)
      while(read($filename,$buffer,1024)){
            print FILE $buffer;
      }
      close FILE;
      print $q->header;
      print "File: $filename uploaded\n";
}
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
onestarAuthor Commented:
Your script runs great thanks.
But what do you mean BIG SECURTIY HOLE?
How so...
Just because anyone could upload anything to my server or is there something else?  What if you made them enter a password before they could get to this page.  Or something like you have to log in before you are allowed to do this.  What do you suggest?

Also is there any limitations about file size?
Can you limit the max. size of a file the server will accept?
I
0
undefCommented:
BSH:)  - BUG SECURITY HOLE -- means ther somebody may delete files from server... use some radom names with a file extension :

$ext = split /\./,$filename)[-1];
$name = rand (10000) . $ext;
open FILE,">$datapath/$name";
.....

or to be sure that is correct file type use may do this:

$filename = $query->param('file');
$type = $query->uploadInfo($filename)->{'Content-Type'};
unless ($type eq 'text/html') {
          die "HTML FILES ONLY!";
}
0
undefCommented:
$query from sample;)
use $q in your script..
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Perl

From novice to tech pro — start learning today.