Sure, here is my code:
# ...
use CGI; my $q = new CGI;
my $namecover = check_input( $q->param("cover") );
my $photocover = $q->upload("cover");
$namecover = lc $namecover;
my ($radical, $extension) = split (/\./, $namecover);
$namecover_system = "$record_id.$extension"; # this record_id comes fr
+om the database
$namecover_system = untaint ( $namecover_system ); # the -T switch wou
+ldnīt work without this; the untaint() is a sub I created to untaint
+the data
open (PHOTO,">../images/covers/$namecover_system") || die $!;
binmode PHOTO;
while (<$photocover>) {
print PHOTO;
}
close PHOTO;
# ...