[Home]UseModWithUploads

UseModWiki | RecentChanges | Preferences

File uploading is now an option in 1.0, based on the code by Ross Kowalski and IliyanJeliazkov (see below). I made several changes to their code:

Thanks to Ross Kowalski and IliyanJeliazkov for the original code! I did not intend to implement uploading for 1.0 until I stumbled on this page accidentally. --CliffordAdams


Here is the code that I use that has upload capability but please read this entire message before using it.

The first thing is that the implementation of this upload feature is as follows.

1. An editor or administrator does ?action=upload

2. They are prompted to select a file and upload it.

3. A page is presented to them where they are shown the image as uploaded and presented with a link to the image that they can cut and paste into their wiki page.

The second thing is a BIG WARNING. There is nothing in the code to check if the uploaded file is actually an image, and there is nothing in the code to chmod the uploaded file to 666. Someone could upload and possibly run a perl script or php script. Yikes!

The third thing to know about this modified usemodwiki is that it has a printable page "feature" where clicking on a link on the goto bar links you to an identical wiki script in the same directory called waki.pl that has the header and footer turned off. This is a bizarre way of doing this, but it was quickly implemented.

While this script is not well remarked, and definitely not ready for prime time, the feature does work reliably and I use it on a wiki of mine on a regular basis.

I did recently implement an upload feature for a php based wiki pmwiki that checks if the file is an image file, limits file size to 100K, limits the image size to 300x300px, requires a password, sets the permission of the uploaded file to 666, and names it with a name in keeping with the wiki page it was uploaded for (for organizational purposes) I am very satisfied with that solution.

[Link to a modified usemod script with upload feature] - DeadLink

--Ross Kowalski

Hmm, some checks for the filename and so on needs to be added. I currently have a strange case were small parts from the file contents seems to end up in the filename. Be careful when you enable $UseUpload?. This seems to be a problem with my local CGI.pm (3.15). Bug is already known. -- MarkusLude


Here are the diffs between the original UseModWiki 0.92 and the changes in the UseModWithUploads script:

1c1
< #!/usr/local/bin/perl
---
> #!/usr/bin/perl
48c48
<   $UserGotoBar $UpLdDir $UpLdName );
---
>   $UserGotoBar);
58,59c58,60
< $DataDir     = "./mywikidb"; # Main wiki directory
< $UseConfig   = 0;       # 1 = use config file,    0 = do not look for config
---
> $DataDir     = "/tmp/mywikidb"; # Main wiki directory
> $UseConfig   = 1;       # 1 = use config file,    0 = do not look for config
> 
61,65c62,64
< $UpLdName    = "uploads"; #name of directory for uploads
< $UpLdDir     = "/home/user/public_html/mywiki"; #real path to upload dir
< $CookieName  = "MmyWiki";       # Name for this wiki (for multi-wiki sites)
< $SiteName    = "MyWiki";        # Name of site (used for titles)
< $HomePage    = "MyWikiWelcomePage";      # Home page (change space to _)
---
> $CookieName  = "Wiki";          # Name for this wiki (for multi-wiki sites)
> $SiteName    = "Wiki";          # Name of site (used for titles)
> $HomePage    = "HomePage";      # Home page (change space to _)
67c66
< $LogoUrl     = "/logo.jpg";     # URL for site logo ("" for no logo)
---
> $LogoUrl     = "/wiki.gif";     # URL for site logo ("" for no logo)

73,74c72,73
< $SiteBase    = "http://www.my-domain.org/mywiki/"; # Full URL for <BASE> header
< $FullUrl     = ""; # Set if the auto-detected URL is wrong
---
> $SiteBase    = "";              # Full URL for <BASE> header
> $FullUrl     = "";              # Set if the auto-detected URL is wrong
76,77c75,76
< $AdminPass   = "admin";         # Set to non-blank to enable password(s)
< $EditPass    = "edit";          # Like AdminPass, but for editing only
---
> $AdminPass   = "";              # Set to non-blank to enable password(s)
> $EditPass    = "";              # Like AdminPass, but for editing only
80c79
< $EmailFrom   = "MyWiki";          # Text for "From: " field of email notes.
---
> $EmailFrom   = "Wiki";          # Text for "From: " field of email notes.
93,94c92,93
< $RawHtml     = 1;       # 1 = allow <HTML> tag,   0 = no raw HTML in pages
< $HtmlTags    = 1;       # 1 = "unsafe" HTML tags, 0 = only minimal tags
---
> $RawHtml     = 0;       # 1 = allow <HTML> tag,   0 = no raw HTML in pages
> $HtmlTags    = 0;       # 1 = "unsafe" HTML tags, 0 = only minimal tags
110c109
< $HtmlLinks   = 1;       # 1 = allow A HREF links, 0 = no raw HTML links
---
> $HtmlLinks   = 0;       # 1 = allow A HREF links, 0 = no raw HTML links
144c143
< $RcOldFile   = "$DataDir/rclog.old"; # Old RecentChanges logfile
---
> $RcOldFile   = "$DataDir/oldrclog"; # Old RecentChanges logfile
309c308
<   $CGI::DISABLE_UPLOADS = 0;  # no uploads
---
>   $CGI::DISABLE_UPLOADS = 1;  # no uploads
877,882d875
< sub GetPrintLink {
< my ($page) = @_;
<  return "<a href=\"$SiteBase"."waki.pl?$page\">PrintablePage</a>";
< }
< 
< 
958,960d950
< 
< 
< 
977,978d966
< 
< 
1099c1087
<   my ($id,$rev) = @_;
---
>   my ($id) = @_;
1108,1111d1095
< 
< 
< 
< 
1114d1097
<   $bartext .= " | " . &GetPrintLink($id);
2486,2487d2468
<     } elsif ($action eq "upload") {
<     	&DoPublish();
2511,2516d2491
< 
<   if (&GetParam("upload", 0)) {
<       &SavePublish();
<       return;
<   }
< 
2614c2589
<   #print "<p>", T('Summary:'),
---
>   print "<p>", T('Summary:'),
2618,2624c2593,2599
<   #if (&GetParam("recent_edit") eq "on") {
<   #print "<br>", $q->checkbox(-name=>'recent_edit', -checked=>1,
<   #                             -label=>T('This change is a minor edit.'));
<   #} else {
<   # print "<br>", $q->checkbox(-name=>'recent_edit',
<   #                           -label=>T('This change is a minor edit.'));
<   #}
---
>   if (&GetParam("recent_edit") eq "on") {
>     print "<br>", $q->checkbox(-name=>'recent_edit', -checked=>1,
>                                -label=>T('This change is a minor edit.'));
>   } else {
>     print "<br>", $q->checkbox(-name=>'recent_edit',
>                                -label=>T('This change is a minor edit.'));
>   }
3007,3027d2981
< sub DoPublish {
<   print &GetHeader('', T('File Upload Page'), '');
< 
< 
<   if (&UserIsAdmin || &UserIsEditor){} 
<   else 
<   {
<     print '<center>Only Administrators and Editors can upload files</center>';
<     print &GetCommonFooter();
<     return;
<   }
< 
<   print '<FORM METHOD="post" ACTION="'.$ScriptName.'" ENCTYPE="multipart/form-data">';
<   print '<input type="hidden" name="upload" value="1" />';
<   print 'File to Upload: <INPUT TYPE="file" NAME="file"><br><BR>';
<   print '<INPUT TYPE="submit" NAME="Submit" VALUE="Upload">';
<   print '</FORM>';
< 
<   print &GetCommonFooter(); 
< }

< 
3645,3679d3598
< 
< ##upload additions##
< 
< sub SavePublish {
<  my ($filename,$upload_filehandle);
<   
<    print &GetHeader("", "Uploading file", "");
< 
< 
< if (&UserIsAdmin || &UserIsEditor){} 
<   else 
<   {
<     print '<center>Only Administrators and Editors can upload files</center>';
<     print &GetCommonFooter();
<     return;
<   }
< 
<    $filename = $q->param("file");
<    $filename =~ s/.*[\/\\](.*)/$1/;
<    $upload_filehandle = $q->upload("file");
< 
<    open UPLOADFILE, ">$UpLdDir/$UpLdName/$filename";
< 
< 
<    while ( <$upload_filehandle> ){print UPLOADFILE;}
<    close UPLOADFILE;
< 
<    print "The link to your image is...\n<br><BR>";
<    print $SiteBase.$UpLdName."/".$filename."<BR><BR>\n";
<    print "<HR><img src=".$SiteBase.$UpLdName."/".$filename."></html>\n";
< 
<   print &GetCommonFooter();
< }
< 
< ##end upload additions##

--BernhardZechmann


Here is a small improvement: You can add the following lines into the sub GetGotoBar. A link named Upload appears in the menu. Only admins or editors can upload files.

sub GetUploadLink {
  return &ScriptLink("action=upload", T('Upload'));
}

sub GetGotoBar {
...

  if (&UserIsAdmin || &UserIsEditor){
    $bartext .= " | " . &GetUploadLink(); ## Patch: Upload
  }

  if (&GetParam("linkrandom", 0)) {

--BernhardZechmann


Here is another improvement. Im using the same wiki with both http and https, inside and outside of a corporate firewall. I got tired of having to insert "http" or "https" for every uploaded image, which in addition didn't help much when viewing the site with the "other" protocol. So I added a small improvement - an "upload:/some_file_name.ext" pseudo URL. This automatically creates the correct hyperlink, regardles of the currenly used access protocol. Here is the patch (which contains all the above updates, too) to UseModWiki version 0.92:

---IliyanJeliazkov

#BEGIN_PATCH
--- wiki.pl	4 Jul 2003 19:03:38 -0000	1.1
+++ wiki.pl	6 Jul 2003 03:45:46 -0000
@@ -45,7 +45,7 @@
   $UrlProtocols $UrlPattern $ImageExtensions $RFCPattern $ISBNPattern
   $FS $FS1 $FS2 $FS3 $CookieName $SiteBase $StyleSheet $NotFoundPg
   $FooterNote $EditNote $MaxPost $NewText $NotifyDefault $HttpCharset
-  $UserGotoBar);
+  $UserGotoBar $UpLdLinkPattern $UpLdDir $UpLdName );
 # Note: $NotifyDefault is kept because it was a config variable in 0.90
 # Other global variables:
 use vars qw(%Page %Section %Text %InterSite %SaveUrl %SaveNumUrl
@@ -55,10 +55,12 @@
   $q $Now $UserID $TimeZoneOffset $ScriptName $BrowseCode $OtherCode);
 
 # == Configuration =====================================================
-$DataDir     = "/tmp/mywikidb"; # Main wiki directory
+$DataDir     = "/usr/public/Www/wiki"; # Main wiki directory
 $UseConfig   = 1;       # 1 = use config file,    0 = do not look for config
 
 # Default configuration (used if UseConfig is 0)
+$UpLdName    = "uploads"; #name of directory for uploads
+$UpLdDir     = "/home/user/public_html/mywiki"; #real path to upload dir
 $CookieName  = "Wiki";          # Name for this wiki (for multi-wiki sites)
 $SiteName    = "Wiki";          # Name of site (used for titles)
 $HomePage    = "HomePage";      # Home page (change space to _)
@@ -233,6 +235,7 @@
   $ImageExtensions = "(gif|jpg|png|bmp|jpeg)";
   $RFCPattern = "RFC\\s?(\\d+)";
   $ISBNPattern = "ISBN:?([0-9- xX]{10,})";
+  $UpLdLinkPattern = "upload:\/([^\\]\\s\"<>$FS]+)$QDelim";
 }
 
 # Simple HTML cache
@@ -305,7 +308,7 @@
   my @ScriptPath = split('/', "$ENV{SCRIPT_NAME}");
 
   $CGI::POST_MAX = $MaxPost;
-  $CGI::DISABLE_UPLOADS = 1;  # no uploads
+  $CGI::DISABLE_UPLOADS = 0;  # no uploads
   $q = new CGI;
 
   $Now = time;                     # Reset in case script is persistent
@@ -873,6 +876,12 @@
   return &ScriptLink("action=editprefs", T('Preferences'));
 }
 
+sub GetPrintLink {
+my ($page) = @_;
+ return "<a href=\"$SiteBase"."waki.pl?$page\">PrintablePage</a>";
+}
+
+
 sub GetRandomLink {
   return &ScriptLink("action=random", T('Random Page'));
 }
@@ -893,6 +902,10 @@
   return &ScriptLink("action=browse&diff=$diff&id=$id$rev", $text);
 }
 
+sub GetUploadLink {
+  return &ScriptLink("action=upload", T('Upload'));
+}
+
 sub ScriptLinkTitle {
   my ($action, $text, $title) = @_;
 
@@ -949,7 +962,7 @@
   return $result  if ($embed);
 
   if ($oldId ne '') {
-    $result .= $q->h3('(' . Ts('redirected from %s', 
+    $result .= $q->h3('(' . Ts('redirected from %s',
                                &GetEditLink($oldId, $oldId)) . ')');
   }
   if ((!$embed) && ($LogoUrl ne "")) {
@@ -1084,7 +1097,7 @@
 }
 
 sub GetGotoBar {
-  my ($id) = @_;
+  my ($id,$rev) = @_;
   my ($main, $bartext);
 
   $bartext  = &GetPageLink($HomePage);
@@ -1095,6 +1108,11 @@
   }
   $bartext .= " | " . &GetPageLink($RCName);
   $bartext .= " | " . &GetPrefsLink();
+  $bartext .= " | " . &GetPrintLink($id);
+  
+  if (&UserIsAdmin || &UserIsEditor){
+    $bartext .= " | " . &GetUploadLink(); ## Patch: Upload
+  }
   if (&GetParam("linkrandom", 0)) {
     $bartext .= " | " . &GetRandomLink();
   }
@@ -1221,6 +1239,7 @@
     }
     s/$RFCPattern/&StoreRFC($1)/geo;
     s/$ISBNPattern/&StoreISBN($1)/geo;
+    s/$UpLdLinkPattern/&StoreUpLd($1)/geo;
     if ($ThinLine) {
       s/----+/<hr noshade size=1>/g;
       s/====+/<hr noshade size=2>/g;
@@ -1462,6 +1481,30 @@
   return "<a href=\"http://www.faqs.org/rfcs/rfc${num}.html\">RFC $num</a>";
 }
 
+sub StoreUpLd {
+  my ($url) = @_;
+
+  return &StoreRaw( &UpLdLink($url));
+}
+
+sub UpLdLink {
+  my ($filename) = @_;
+  my ($html);
+  
+  $html = "<a href=\"" . $SiteBase . $UpLdName . "/" . ${filename} . "\">";
+
+  if ($filename =~ /${ImageExtensions}$/) {
+	  $html .= "<img src=\"" . $SiteBase . $UpLdName . "/" . ${filename} . "\" alt=\"upload:/${filename}\">";
+  }
+  else {
+	  $html .= "upload:/${filename}";
+  }
+  $html .= "</a>";
+  
+  return $html;
+}
+
+
 sub StoreISBN {
   my ($num) = @_;
 
@@ -2466,6 +2509,8 @@
       &DoEditPrefs();
     } elsif ($action eq "editbanned") {
       &DoEditBanned();
+    } elsif ($action eq "upload") {
+    	&DoPublish();
     } elsif ($action eq "editlinks") {
       &DoEditLinks();
     } elsif ($action eq "login") {
@@ -2489,6 +2534,12 @@
     &DoUpdateBanned();
     return;
   }
+
+  if (&GetParam("upload", 0)) {
+      &SavePublish();
+      return;
+  }
+
   if (&GetParam("enter_login", 0)) {
     &DoLogin();
     return;
@@ -2979,6 +3030,27 @@
   print &GetMinimumFooter();
 }
 
+sub DoPublish {
+  print &GetHeader('', T('File Upload Page'), '');
+
+
+  if (&UserIsAdmin || &UserIsEditor){} 
+  else 
+  {
+    print '<center>Only Administrators and Editors can upload files</center>';
+    print &GetCommonFooter();
+    return;
+  }
+
+  print '<FORM METHOD="post" ACTION="'.$ScriptName.'" ENCTYPE="multipart/form-data">';
+  print '<input type="hidden" name="upload" value="1" />';
+  print 'File to Upload: <INPUT TYPE="file" NAME="file"><br><BR>';
+  print '<INPUT TYPE="submit" NAME="Submit" VALUE="Upload">';
+  print '</FORM>';
+
+  print &GetCommonFooter(); 
+}
+
 sub GetNewUserId {
   my ($id);
 
@@ -3597,6 +3669,41 @@
   print &GetCommonFooter();
 }
 
+##upload additions##
+
+sub SavePublish {
+ my ($filename,$upload_filehandle);
+  
+   print &GetHeader("", "Uploading file", "");
+
+
+  if (&UserIsAdmin || &UserIsEditor) {} 
+  else 
+  {
+    print '<center>Only Administrators and Editors can upload files</center>';
+    print &GetCommonFooter();
+    return;
+  }
+
+   $filename = $q->param("file");
+   $filename =~ s/.*[\/\\](.*)/$1/;
+   $upload_filehandle = $q->upload("file");
+
+   open UPLOADFILE, ">$UpLdDir/$UpLdName/$filename";
+
+
+   while ( <$upload_filehandle> ){print UPLOADFILE;}
+   close UPLOADFILE;
+
+   print "The link to your image is ...\n<br><BR>";
+   print "upload:/".$filename."<BR><BR>\n";
+   print "<HR><img src=".$SiteBase.$UpLdName."/".$filename."></html>\n";
+
+  print &GetCommonFooter();
+}
+
+##end upload additions##
+
 sub DoEditBanned {
   my ($banList, $status);
 
@@ -4033,7 +4140,7 @@
 
 sub DoShowVersion {
   print &GetHeader("", "Displaying Wiki Version", "");
-  print "<p>UseModWiki version 0.92<p>\n";
+  print "<p>UseModWiki version 0.92. Pathched for CSS and File Uploads<p>\n";
   print &GetCommonFooter();
 }
 #END_OF_OTHER_CODE
#END_PATCH

UseModWiki | RecentChanges | Preferences
Edit text of this page | View other revisions | Search MetaWiki
Last edited March 19, 2008 1:04 am by 213.231.3.56 (diff)
Search: