in reply to How To Upload File Using CGI?

I'd like to suggest you to use CGI::Upload by rob_au. It's really well written and easy to use, and might prevent you from writing exploitable code. (I've seen some pretty bad upload scripts on a page of a friend last week which could have been exploited pretty easily...). But even with using CGI::Upload you should check your Script carefully and have a look at b0ilers Hacking-CGI and of course CGI-Course by ovid. I just tell you the stuff about security because I have made same errors when I started some months ago so I want to prevent others from doing the same :)


Replies are listed 'Best First'.
Re: Re: How To Upload File Using CGI?
by rob_au (Abbot) on Jul 03, 2002 at 00:25 UTC
    Thanks for your comments giant.

    For an example of this module in use, see this node in the thread where I originally posted CGI::Upload for discussion. Note however, that the code in the CGI::Upload distribution on CPAN has incorporated a number of bug fixes from the code originally posted in that thread.