##!/usr/bin/perl -wT
use strict;
use warnings;
use diagnostics;
use File::Spec::Functions;
use CGI qw(:standard);

our $ALBUM_DIR = "albums";

my $user  = param("user"); 
my ($album) = param("T1") =~ /([\w ]+)/; # Untaint the album dir name
my $albumdir = catdir( $ALBUMDIR, $album );

unless ( -d $albumdir ) {
    mkdir $albumdir, 0775;
}

my @pics;
for ( '', 0 .. 13 ) {
    push @pics, {
        idx  => $_,
        name => (param("photo$_") =~ /.+([\w. ]+)/)[0],
        fh   => upload("photo$_")
    };
}

foreach my $pic (@pics) {
    my $name = $pic->{'name'};
    my $fh   = $pic->{'fh'};
    my $filenm = catfile( $albumdir, "pic$idx" );

    local *IMAGE;
    open IMAGE, ">", $filenm
        or die "Couldn't open $filenm for writing: $!";
    binmode IMAGE;
    while (my $line = <$fh>) {
        print IMAGE $line
            or die "Couldn't write to $filenm: $!";
    }
    close IMAGE
        or die "Couldn't close $filename while writing: $!";
}

print
    header,
    start_html(
        -title => 'Please Wait',
        -meta  =>
            { "HTTP-EQUIV" => "refresh",
              CONTENT => "05;URL=http://eoinmurphy00.netfirms.com/cgi-bin/main.cgi?status=home&user=$user" },
    ),
    p('Please Wait'),
    p('You will be redirected to the main page in two seconds.'),
    p("Thank you $user"),
    end_html;