Just something to consider. There can be security problems when
you save a file to the name the user chose. If they upload a .pl file
for example and then manange to call it as a CGI script.... you get
the idea? When I upload a file, I either save it to a fixed name, if
this is applicable, (known to me only - not given to the user) or do
this:
open FILE, "> /path_to/uploads/file.$$";
binmode FILE;
print FILE $buffer while read($fdat{ImageName}, $buffer, 32768);
close FILE;
open FILE, "> /path_to/uploads/original_file_name.$$";
print FILE "$fdat{ImageName}";
close FILE;
On 13 Dec 2001, at 5:30, Gerald Richter wrote:
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
