Provided by: libcgi-application-plugin-ajaxupload-perl_0.0.3-4_all 
NAME
CGI::Application::Plugin::AJAXUpload - Run mode to handle a file upload and return a JSON
response
VERSION
This document describes CGI::Application::Plugin::AJAXUpload version 0.0.3
SYNOPSIS
use MyWebApp;
use CGI::Application::Plugin::JSON qw(to_json);
use CGI::Application::Plugin::AJAXUpload;
sub setup {
my $c = shift;
$c->ajax_upload_httpdocs('/var/www/vhosts/mywebapp/httpdocs');
$c->ajax_upload_setup(
run_mode=>'file_upload',
upload_subdir=>'/img/uploads',
);
return;
}
DESCRIPTION
This module provides a customisable run mode that handles a file upload and responds with
a JSON message like the following:
{status: 'UPLOADED', image_url: '/img/uploads/666.png'}
or on failure
{status: 'The image was too big.'}
This is specifically intended to provide a CGI::Application based back end for
AllMyBrain.com <http://allmybrain.com>'s image upload extension
<http://allmybrain.com/2007/10/16/an-image-upload-extension-for-yui-rich-text-editor> to
the YUI rich text editor <http://developer.yahoo.com/yui/editor>. However as far as I can
see it could be used as a back end for any CGI::Application website that uploads files
behind the scenes using AJAX. In any case this module does NOT provide any of that client
side code and you must also map the run mode onto the URL used by client-side code. That
said a working example is provided which could form the basis of a rich text editor.
INTERFACE
ajax_upload_httpdocs
The module needs to know the document root because it will need to to copy the file to a
sub-directory of the document root, and it will need to pass that sub-directory back to
the client as part of the URL. If passed a value it will store that as the document root.
If not passed a value it will return the document root.
ajax_upload_setup
This method sets up a run mode to handle a file upload and return a JSON message providing
status. It takes a number of named parameters:
upload_subdir
This is the sub-directory of httpdocs_dir where the files will actually be written to.
It must be writable. It defaults to '/img/uploads'.
dfv_profile
This is a Data::FormValidator profile. The hash array that is validated consists of
the fields described below. A very basic profile is provided by default.
value This is contains the actual data contained in the upload. It will be untainted.
One can of course apply filters that resize the image (assuming it is an image) or
scrub the HTML (if that is appropriate).
file_name This is the filename given by the browser. By default it will be required to
be no more than 30 alphanumeric, hyphen or full stop, underscore characters; it will
be untainted and passed through unmodified. One could however specify a filter that
completely ignores the filename, generates a safe one and does other housekeeping.
mime_type This is the file extension passed by the browser.
data_size By default this is required to be less than 512K.
Note that this module's handling of file upload and data validation is somewhat
different from that expected by Data::FormValidator::Constraints::Upload and
Data::FormValidator::Filters::Image. Those modules work with file handles. The
Data::FormValidator profiles required by this module are expected to work with the
data and meta data.
run_mode
This is the name of the run mode that will handle this upload. It defaults to
ajax_upload_rm.
ajax_upload_default_profile
This returns a hash reference to the default Data::FormValidator profile. It can be called
as a class method.
_ajax_upload_rm
This private method forms the implementation of the run mode. It requires a file CGI query
parameter that provides the file data. Optionally it also takes a validate parameter that
will make other more paranoid checks. These checks are only optional because if the
system is set up correctly they should never fail.
It takes the following actions:
-- It will get the filename and data associated with the upload and pass the data through
the Data::FormValidator if a profile is supplied.
-- If it fails the Data::FormValidator test a failed message will be passed back to the
caller.
-- If the validate parameter is set the setup will check. If there is a problem a status
message will be passed back to the user.
-- The data will then be copied to the given file, its path being the combination of the
httpdocs_dir parameter, the upload_subdir and the generated file name.
- The successful JSON message will be passed back to the client.
DIAGNOSTICS
Most error messages will be passed back to the client as a JSON message, though in a
sanitised form. One error 'Internal Error' is fairly generic and so the underlying error
message is written to standard error.
CONFIGURATION AND ENVIRONMENT
CGI::Application::Plugin::AJAXUpload requires no configuration files or environment
variables. However the client side code, the URL to run mode dispatching and the general
web server setup is not supplied.
DEPENDENCIES
This is using the "to_json" method from CGI::Application::Plugin::JSON. As such that
module needs to be exported before this module. Or of course you could just define your
own.
BUGS AND LIMITATIONS
Please report any bugs or feature requests to
"bug-cgi-application-plugin-ajaxupload@rt.cpan.org", or through the web interface at
<http://rt.cpan.org>.
One really odd thing is that the content header of the AJAX reply cannot be
'application/json' as one would expect. This module sets it to 'text/javascript' which
works. There is a very short discussion on the YUI forum
<http://yuilibrary.com/forum/viewtopic.php?f=89&t=4743&p=16459&hilit=POST+connection#p16459>.
AUTHOR
Nicholas Bamber "<nicholas@periapt.co.uk>"
LICENCE AND COPYRIGHT
Copyright (c) 2010, Nicholas Bamber "<nicholas@periapt.co.uk>". All rights reserved.
This module is free software; you can redistribute it and/or modify it under the same
terms as Perl itself. See perlartistic.
The javascript code in the example draws heavily on the code provided by AllMyBrain.com.
DISCLAIMER OF WARRANTY
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE,
TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE
COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF
ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO
THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE
DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT
HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY
THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL,
INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY
OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.