blob: 2c8d63aa108a367b76abfa55fd8fe84c6f9d0caf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
#!/usr/bin/env python3
import cgi, os
import cgitb
cgitb.enable()
status = '200 Ok'
try: # Windows needs stdio set for binary mode.
import msvcrt
msvcrt.setmode (0, os.O_BINARY) # stdin = 0
msvcrt.setmode (1, os.O_BINARY) # stdout = 1
except ImportError:
pass
form = cgi.FieldStorage()
# Test if the file was uploaded
if 'file' in form:
fileitem = form['file']
# strip leading path from file name to avoid directory traversal attacks
fn = os.path.basename(fileitem.filename)
f = open(('%s/files/%s' % (os.environ["DOCUMENT_ROOT"], fn)), 'wb');
f.write(fileitem.file.read())
f.close()
message = "The file %s was uploaded successfully" % (fn)
print("Status: 201 Created")
print("Content-Type: text/html")
print("Location: %s://%s/files/%s" % (os.environ["REQUEST_SCHEME"], os.environ["HTTP_HOST"], fn))
print("")
print("<html><body><p>%s</p></body></html>" % (message))
elif 'remove' in form:
remove = form['remove'].value
try:
fn = os.path.basename(remove)
os.remove('./files/' + fn)
message = 'The file "' + fn + '" was removed successfully'
except OSError as e:
message = 'Error removing ' + fn + ': ' + e.strerror
status = '404 File Not Found'
print("Status: %s" % (status))
print("""
Content-Type: text/html
<html><body>
<p>%s</p>
</body></html>""" % (message))
else:
message = '''\
Upload File<form method="POST" enctype="multipart/form-data">
<input type="file" name="file">
<button type="submit">Upload</button></form>
'''
print("Status: %s" % (status))
print("""\
Content-Type: text/html
<html><body>
<p>%s</p>
</body></html>""" % (message))
|
