UPLOAD_FILE:
{
	for my $file_num (1..5) {
		my $file = $grab_file->param("file$file_num") or next UPLOAD_FILE;
		my ($base,$path,$type)=@_;
		my $file_handle = $grab_file->upload("file$file_num");
		my $buffer = "";
		
		if (!$file && $grab_file->cgi_error) {
			print $grab_file->header(-status=>$grab_file->cgi_error);
			exit 0;
		}

		if ($file) {

			$file =~ s/</&lt;/g;
			$file =~ s/>/&gt;/g;  

			fileparse_set_fstype("MSWin32");
			($base,$path,$type) = fileparse($file,'\..*');
			my $type = lc $type;
			my $uploadedfile = $base . $type;

			$uploadedfile =~ s/[^\w.-]/_/g;
			if ( $uploadedfile =~ /^(\w[\w.-]*)/ ) {
				$uploadedfile = $1;
			} else {
				error( $grab_file, "Invalid file name; files must start with a letter or number." );
			}

			# This will create the new file in the new location
			until ( sysopen OUTFILE, UPLOAD_DIR . $uploadedfile, O_RDWR|O_CREAT|O_EXCL, 0777 ) {
				$uploadedfile =~ s/(\d*)(\.\w+)$/($1||0) + 1 . $2/e;
				$1 >= MAX_OPEN_TRIES and error( $grab_file, "Unable to save your file. File 1" );
			}
			
			# The file needs to be set to binmode in order to save it on a Win32 system
			binmode OUTFILE;
			binmode $file_handle;
			
			# This will write the info into the new file
			while ( read($file_handle,$buffer,BUFFER_SIZE) ) { 
				print OUTFILE $buffer; 
			}
			close OUTFILE;

			my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$file_size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($file);

			# This will store the file and size in the database
			push @statement,"INSERT INTO documents (record_id, document, size) VALUES ('$record_id', '$uploadedfile', '$file_size')";
		}
	}
}