NAME
CGI::Upload - CGI class for handling browser file uploads
SYNOPSIS
use CGI::Upload;
my $upload = CGI::Upload->new;
my $file_name = $upload->file_name('field');
my $file_type = $upload->file_type('field');
$upload->mime_magic('/path/to/mime.types');
my $mime_type = $upload->mime_type('field');
my $file_handle = $upload->file_handle('field');
DESCRIPTION
This module has been written to provide a simple and secure manner by which to handle files uploaded in multipart/form-data requests through a web browser. The primary advantage which this module offers over existing modules is the single interface which it provides for the most often required information regarding files uploaded in this manner.
This module builds upon primarily the CGI and File::MMagic modules and offers some tidy and succinct methods for the handling of files uploaded via multipart/form-data requests.
METHODS
The following methods are available through this module for use in CGI scripts and can be exported into the calling namespace upon request.
- new
-
This object constructor method creates and returns a new CGI::Upload object. In previously versions of CGI::Upload, a mandatory argument of the CGI object to be used was required. This is no longer necessary due to the singleton nature of CGI objects.
As an experiment, you can now use any kind of CGI.pm like module. The requirements are that it has to support the ->param method and the ->upload method returning a file handle. You can use this feature in two ways, either providing the name of the module or an already existing object. In the former case, CGI::Upload will try to require the correct module and will croak if cannot load that module. It has been tested with CGI.pm and CGI::Simple.
We tested it with CGI::Simple 0.075.
It is known to break with version 0.071 of CGI::Simple so we issue our own die in such case.
Examples:
use CGI::Upload; CGI::Upload->new({ query => "CGI::Simple"});
or
use CGI::Upload; use CGI::Simple; $CGI::Simple::DISABLE_UPLOADS = 0; # you have to set this before creating the instance my $q = CGI::Simple->new; CGI::Upload->new({ query => $q});
- query
-
Returns the CGI object used within the CGI::Upload class.
- file_handle('field')
-
This method returns the file handle to the temporary file containing the file uploaded through the form input field named 'field'. This temporary file is generated using the new_tmpfile method of IO::File and is anonymous in nature, where possible.
- file_name('field')
-
This method returns the file name of the file uploaded through the form input field named 'field' - This file name does not reflect the local temporary filename of the uploaded file, but that for the file supplied by the client web browser.
- file_type('field')
-
This method returns the file type of the file uploaded as specified by the filename extension - Please note that this does not necessarily reflect the nature of the file uploaded, but allows CGI scripts to perform cursory validation of the file type of the uploaded file.
- mime_magic('/path/to/mime.types')
-
This method sets and/or returns the external magic mime types file to be used for the identification of files via the mime_type method. By default, MIME identification is based upon internal mime types defined within the File::MMagic module.
See File::MMagic for further details.
- mime_type('field')
-
This method returns the MIME type of the file uploaded through the form input field named 'field' as determined by file magic numbers. This is the best means by which to validate the nature of the uploaded file.
See File::MMagic for further details.
BUGS
Please report bugs on RT: http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Upload
TODO
Explain why there is no 100% tests coverage...
Give inteligent error message when user forgets to add enctype="multipart/form-data" in the upload form.
Add better MIME magic support (see request on RT)
Test if multiple file uploads are supported and fix this if they are not.
Apache::Request support
CGI::Minimal support
Example code from Mark Stosberg (CGI::Uploader):
if ($q->isa('CGI::Simple') ) {
$fh = $q->upload($filename);
$mt = $q->upload_info($filename, 'mime' );
if (!$fh && $q->cgi_error) {
warn $q->cgi_error && return undef;
}
}
elsif ( $q->isa('Apache::Request') ) {
my $upload = $q->upload($file_field);
$fh = $upload->fh;
$mt = $upload->type;
}
# default to CGI.pm behavior
else {
$fh = $q->upload($file_field);
$mt = $q->uploadInfo($fh)->{'Content-Type'} if $q->uploadInfo($fh);
if (!$fh && $q->cgi_error) {
warn $q->cgi_error && return undef;
}
}
SEE ALSO
COPYRIGHT
Copyright 2002-2004, Rob Casey, rob.casey@bluebottle.com
AUTHOR
Original author: Rob Casey, rob.casey@bluebottle.com
Current mainainer: Gabor Szabo, gabor@pti.co.il
Thanks to
Mark Stosberg for suggestions.
and to the CPAN Testers for testing.
LICENSE
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.