#!/usr/bin/perl --

use CGI qw( :standard escapeHTML );
use strict;

my $megabyte = 1024 * 1024;  # bytes
my $max_mb   = 10; # max no. of MB we will allow

$CGI::DISABLE_UPLOADS = 0;  
# CGI module variable for en/disabling uploads (non-zero to disable)
$CGI::POST_MAX = $megabyte * $max_mb;  
# CGI module variable for maximum upload size (bytes)

my $base_dir = "/var/www/site1/web/";
my $base_dom = "http://www.website.here/";
my $target_dir = "../uploads";
my $directory = $base_dir . $target_dir;
my $sendmail = "/usr/bin/sendmail";
my @sendmail_opts = ( '-oi', '-t' );

$| = 1;
my $query = new CGI;

my @names = $query->param;
my $url = $query->param("URL");
my $fh = $query->upload('upload_file');
my $filename = $query->param('name');
$filename =~ s/[^A-Za-z0-9\.\_]/_/g;

open OUTF, "> $directory$filename" or die;
binmode OUTF;
while ( $bytesread = read $fh, $buffer, 1024 )
{
	print OUTF $buffer;
}
close OUTF;

if ( !$file && $query->cgi_error )
{
	print $query->header( -status => $query->cgi_error );
	exit 0;
}


open MAIL, "| $sendmail @sendmail_opts" or die "Can't fork sendmail: $!\n";

print MAIL
    "From: $0\n",
    "To: ", $query->param("TO"), "\n",
    "Subject: ", ( $query->param("SUBJECT") || "mailed form submission" ),
    "\n\n";

for my $param ( @names )
{
	printf MAIL "%s: %s\n", $para, $query->param($param);
}

print MAIL
    "\n\nThe link to the uploaded file is $base_dom$target_dir$filename . ",
    "It was renamed by the upload script, so you will need to rename it.\n";

close MAIL;

print $query->redirect( -URL => $url );