#!/usr/bin/perl -w
use strict;
use CGI ':standard';

print header(),
  start_html('CGI Upload'),

my $file = param('file');
$file =~ s#^[^/\\]*[/\\]##; #Sufficient for windows and *nix

if ($file =~ /[^\w\.\-]/) {
  print p( strong('Invalid Filename!') );
  exit;
}

my $fh = upload('file');
my $info = do { local $/; <$fh> };

print p($info),
  end_html;