#!/usr/bin/perl -wT use strict; use warnings; use diagnostics; use File::Spec::Functions; use CGI qw(:standard); open LOG, ">logfile" or die; our $ALBUM_DIR = "../www/albums"; my $user = param("user"); my ($album) = param("T1"); #=~ /([\w ]+)/; # Untaint the album dir name my $albumdir = catdir( $ALBUM_DIR, $album ); unless ( -d $albumdir ) { mkdir $albumdir, 0775; } my @pics; for ( '', 0 .. 19 ) { push @pics, { idx => $_, name => (param("photo$_") =~ /.+([\w. ]+)/)[0], fh => upload("photo$_") }; } foreach my $pic (@pics) { my $name = $pic->{'name'}; my $fh = $pic->{'fh'}; my $idx = $pic->{'idx'}; my $filenm = catfile( $albumdir, "pic$idx.img" ); print LOG $idx . "\n"; unless($fh eq undef){ local *IMAGE; open IMAGE, ">", $filenm or die "Couldn't open $filenm for writing: $!"; binmode IMAGE; while (my $line = <$fh>) { print IMAGE $line or die "Couldn't write to $filenm: $!"; } close IMAGE or die "Couldn't close $filenm while writing: $!"; } } close(LOG); print qq(Content-type: text/html\n );