Nov 151999

upload files via http

This article talks about how I installed a script which allows you to upload files to a web server via http.

NOTE: This article contains references to which is no longer registered.

Why bother with http?

Why would anyone bother with http when there is a perfectly good ftp?  I agree.   But we don’t live in a perfect world.  My preference for file transfers is ftp.  You may recall that I was installing an ftp server.   It was anticipted that people would be at sites which did not permit ftp through the firewall.  We avoided this problem by using http instead.  Most sites allow people to use web browsers.

The script

I obtained the script from based on the recommendation of Paul Kennett.   From that website, under the File Uploading section, I chose the File Upload! ( script by Jeff Carnahan (  I found it easy to configure.   This script will work with Netscape Navigator 2.0 or later and with MS Internet Explorer if you have the upgrade.  Details are in the README supplied with the script.

I do not kow if this script works with non Netscape/Internet Explorer browsers.

Installation and configuration

I will assume you have a standard apache installation. If you don’t, then you should be clever enough to figure how my instructions should be modified to suit your needs.   However, If you aren’t, then perhaps you should have used the default apache configuration.

I first downloaded from Jeff’s website to /usr/local/file-upload (you can use whatever directory you prefer).  NOTE: If you can’t access Jeff’s site, I have the tarball on my website at File_Upload-6.00.tar.gz.

Then I unzipped the file:

[root@fred:/usr/local/file-upload] # tar xvfz File_Upload-6.00.tar.gz 

This file contains three files:

file-upload.cgi   script which uploads files README   instructions for use upload.html   the web page which calls the cgi script

I followed the instructions in README.  So should you.  Be warned.  Read that file.  Go do it now.  Stop reading this.  Go.  Be gone.  You shouldn’t be blindly following my instructions without understanding what they do.   Why, I could be telling you to give a logon on your box and you wouldn’t know the difference.  So go read the instructions.  Now.

After reading the instructions, I copied the script to the appropriate location:

cp file-upload.cgi /usr/local/www/cgi-bin

Then I modifed the first line of this file to contain:


Then I changed the following lines within the script so they appeared as shown:

$SAVE_DIRECTORY = "/usr/local/www/data/upload";

The first item specifies the upload location.  The second item allows filenames which start with "index".  You should carefully consider that last item.  Read the script for details.

Remember to make the cgi script executable:

chmod 755 ./file-upload.cgi

It should look something like this:

-rwxr-xr-x  1 root  wheel  13298 Nov 15 14:21 file-upload.cgi

The permissions bit is the important part.

Create the upload directory as specified in the SAVE_DIRECTORY item above:

mkdir /usr/local/www/data/upload
chmod 777 /usr/local/www/data/upload

A sample upload web page is supplied with the script.  I copied this to my webpage as well:

cp upload.html /usr/local/www/data 

Testing the script

Then I opened my browser and went to the webpage upload.html.  I selected a file to upload, and clicked on the "Upload File(s)" button.  And I got this:
Not Found
The requested URL /cgi-bin/upload.cgi was not found on this server.

That’s not very nice.  So I renamed the script:

cd /usr/local/www/cgi-bin
mv file-upload.cgi upload.cgi

This time, the file upload worked.


  5 Responses to “upload files via http”

  1. Hi,
    I have an Apache server (ver. 2.0.39) installed on windows 2000
    and I don’t know how I can upload files from a HTTP client to
    the server.
    please help…..

    After pulling my hair out for almost a week trying to figure out how to get these darn upload scripts to work, I read your page and FINALLY got it! THANK YOU!!!

  3. It seems to me there are 2 issues with this script:

    1) The size of the uploaded file is checked _after_ the upload has been done. If it is too large it is removed. However, by this time the file has already been written to disk. The ramifications here are significant.

    For example:

    WWW partition size = 500M

    User uploads a 5GB file. Since the file size is checked _after_ the upload the available disk space on the www partition has been filled. Potential server crash.

    2) No maximum specified on number of files that can be uploaded.
    Similar to the previous issue.

    For example:

    www partition size = 500M

    User Upload 10 x 100M files. Same result as issue 1.

    These issues are not insurmountable but they should be taken into consideration by anyone who plans to post this script to their www server. Beware of blindly adding 3rd party scripts to your http server.

    • I haven’t tested it, but I think this would correct that and still display the correct message.
      I will test this and update.

      At line 279:

      while ($Bytes = read($File_Handle,$Buffer,1024)) {
      $BytesRead += $Bytes;
      print OUTFILE $Buffer;
      if ($BytesRead > $MAXIMUM_UPLOAD && $MAXIMUM_UPLOAD > 0) {

      That didn’t work, oops…
      Hopefully I’ll be back.


      Post Edited (22-06-10 10:32)