.htaccess below......running on redhat 6.2 . apache.
AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName "Site"
AuthType Basic
#<Limit GET POST>
<Limit GET>
using in script
#!/usr/bin/perl -Tw
$| = 1;
use CGI qw(param);
use strict;
my $file = param("file");
my @file_name = split(/\\/,$file);
my $file_name = pop(@file_name);
my $max_file_size = 2000000;
my $base_dir = "/home/ducc/";
my $out_file = $base_dir . $file_name;
my $log_file = $base_dir . "upload.log";
my ($total_bytes_read, $ip_log, $time_log);
my $username = $ENV{REMOTE_USER};
print "Content-type: text/html\n\n";
open (OUT, ">$out_file") || die "Can't open: $!";
open (LOG, ">>$log_file");
while (my $bytes_read = read($file, my $buffer, 1024)){
$total_bytes_read += $bytes_read;
$ip_log = $ENV{'REMOTE_ADDR'};
$time_log = scalar localtime;
if ($bytes_read > $max_file_size){
print "ERROR: The file you tried to upload is will not be uplo
+aded<br>";
print "Your file is: $bytes_read bytes<br>";
print "The max file size you can upload is $max_file_size byte
+s<br>";
close (OUT);
unlink ($out_file);
print LOG "ERROR: At $time_log $username tried to upload $out_
+file that was $bytes_read bytes from $ip_log\n";
die "$time_log: $ip_log tried to upload a file > $max_file_siz
+e";
}else{
print OUT "$buffer";
print LOG "At $time_log $username uploaded $out_file that was
+$bytes_read bytes from $ip_log\n";
}
}
close (OUT) || die "Can't close: $!";
close (LOG);
print "$username has completed uploading $file_name: $total_bytes_read
+ bytes<br>";
print "Done...";
code above still needs a lot of security checking
</code> |