Hello all,
I have a question about the CGI upload()
function.
Why does it return a valid file handle to a file
that does not exist on the client (web browser)
machine, and what's the best way to handle this?
Details:
--------
1. A user enters a nonexistent file name in an upload
field in a form handled by my cgi script. (E.g. on
windows c:\uplaodthis.txt <-- note typo).
2. My cgi script does something like this:
my $q = new CGI;
if(defined($q->param('Upload'))){
my $upload_file_handle =
$q->upload('upload_file');
if(defined($upload_file_handle)){
print "Valid file handle to empty file is:\n" .
Dumper($upload_file);
}
}
3. It outputs:
"Valid file handle ...
$VAR1 = bless( \*{FH::uplaodthis.txt ...}, 'Fh' );"
What to do?
-----------
Currently, I write out all valid file handles (checked
for basic security problems as described in perlsec).
If the file is zero length, I delete it and report an
error. Which just isn't very satisfying.
What am I missing?
Is there a better way?
All advice and documentation pointers (beyond 'CGI'
:-) appreciated.
Thanks,
joby
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
