in reply to CGI::Safe and easy file uploading

++ Ovid.

This is the code that I usually run whenever I install perl on a new machine or update (I like to have my cake and eat it.)
use CGI; use strict; { my %CGI_Patch; local ($^I, @ARGV) = ('.bak', $INC{''}); while (<>) { s/^(\s*\$POST_MAX\s*=\s*)([^;]*);/${1}1024 * 100;/ && $CGI_Patch{POSTMAX}++; s/^(\s*\$DISABLE_UPLOADS\s*=\s*)([^;]*);/${1}1;/ && $CGI_Patch{NOUPLOADS}++; # I'll have my cake and eat it too!... my $cake = '\$query_string .= \(length\(\$query_string\) +'. '\? \'&\' : \'\'\) . \$ENV{\'QUERY_STRING\'}'. ' if defined \$ENV{\'QUERY_STRING\'};'; s/(\s*)#(\s*)($cake)/$1$2$3/ && $CGI_Patch{CAKE}++; print; close ARGV if eof; } print " ($INC{''}) patch results...\n"; print '$POSTMAX updated...........' , $CGI_Patch{POSTMAX} , "\n"; print '$DISABLE_UPLOADS updated...' , $CGI_Patch{NOUPLOADS} , "\n" +; print 'Have your cake and eat it..' , $CGI_Patch{CAKE} , "\n"; }
Admittedly, this code is likely to break when CGI changes dramatically, so it's not as robust as CGI::Safe. I like to edit the source, so I make sure that everyone else's code on the server is a bit more secure.

Error: Keyboard not attached. Press F1 to continue.