#!/usr/bin/perl -Tw

use strict;
use CGI qw(:standard);
use CGI::Carp qw(fatalsToBrowser);

my $file;
if ($file = param('file')) {

   # only allow files in this dir
   if ($file =~ /[\/~]/ or $file =~ /^\./) {
      print header;
      die "access to $file not allowed" 
   }

   unless (open(FH,$file)) { 
      print header;
      die "$file does not exist";
   }

   print header(-type=>'text/plain');
   print while <FH>;
}
else {
   print header,start_html('Contents of current dir');
   print ul(li([
      map {
         a({-href=>qq|@{[script_name]}?file=$_|},$_)
      } <*>
   ]));
}