##### Uploads files
sub uploadfiles{
        my ($param,$filename)=@_;
        my $filepath="/www/ejc/docs/";
        my ($i);
        my $file = $q->param($param);
        $filename=~ s/([^\w.-])/_/g;
        $filename=~ s/^[-.]*//;
        if ($filename =~/^([-\@\w.]+)$/){ # untaint filename
                $filename= $1;
                }

    open(OUT,">$filepath"."$filename") or die("Can't open outfile for writing: $!");
    while (read($file,$i,1024)) {
                print OUT $i;
    }
    close(OUT);
}
##### End of file upload.