Browser Requests Object using GET or POST method, eg: 
GET http://www.domain.com/some/file

[download]
Server 'maps' domain name to directory and looks for object, eg: 
/home/sites/mysite/web/some/file

[download]
If found, server looks at extension.

Is it .htm or .html? It's a web page, so return appropriate content header and send the page to the browser.

Is it executable? Server checks against list of file types it's been told it can run. May be .cgi, may be .pl, may be both or more.

If it can run it, it then tries to run it.

".. the browser is retrieving a file, not uploading one, which in my experience all- ways requires an Id and password to log in first."

There are several things here I think you're confused about. I think you need to think about the protocols (the ways you are talking to the server). When you upload your web site files to the server, you are using FTP, and your account requires a login and password to upload and download files1.

With HTTP, when you are uploading a file, you are essentially sending a page request and attaching a block of data. The upload will only work if you have installed and configured the upload script by FTP1. - ie, you needed a login/password to tell the server you want to use this script (that's the FTP part) and where you want it to dump the file that's uploaded - along with other security checks, like maximum file size (that's the Perl part).

You can force users to enter a username/password at upload time, but then you need to store passwords securely, or use .htaccess to control access to the pages - and that's another story.

Clear as mud now, eh? :-) From the way you are wording your questions, I think you need to learn quite a bit more before you can safely and securely let yourself loose on an upload script. At the very least, post the code you are going to use at some point and ask people to check whether it's secure or not.

But as I said before, read those pages on Amazon, and buy the book if you can afford it - and Learning Perl might be useful too.

hth

cLive ;-)

1 Yes, you can have anonymous FTP, but I'm trying to keep it simple for your example. And let's not get into SSH, Telnet etc...

In reply to (cLive ;-) Re: cgi.pm file upload script by cLive ;-)
in thread cgi.pm file upload script by wolverina

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.