But when i do use CGI.pm and I upload any file from the local windows machine, my application now grabs the whole path of the file (example C:\docs\test.txt). It obviously omits the backslashes(\)used in the windows path for the file and the application ends up with a file called C:docstest.txt.

I'm not sure what you're saying here. I think that you're saying that CGI.pm gives you the full filename eg "C:\docs\test.txt" and you just want "test.txt". Is that correct?

Assuming that I'm right, you might consider using the File::Basename module that comes standard with Perl. So your script might have code that looks kinda like the following. 

use CGI;
use File::Basename;

my $cgi = new CGI;
          # $fullname is now a filehandle and a string
          # containing the uploaded filename.
my $fullfilename = $cgi->upload("file");

my ($filename, $type) = split '\.', basename($fh);

[download]

An example of how you might use the above is to add something like this below it: 

          # untaint filename and type
$filename =~ s/[^A-Za-z0-9_-]//g;
$type =~ s/[^A-Za-z0-9_-]//g;

          # create a unique file in my desired $directory:
my $i = 0;
while(-e "$directory/$filename$i.$type")
{
    $i++;
}
          # this won't write over anything else.
my $newfilename = "$directory/$filename$i.$type";

          # Write contents of uploaded file to $directory
open(FILE, "> $newfilename") or die "$!\n";
{
     local $/="";
     my $uploaded = <$filename>;
     print FILE $uploaded;
}
close FILE or die "$!";

[download]
Of course, you might want to be doing something else with your uploaded data, so go ahead.

You might be tempted to do this another way. For example you could do this: 

my $fullfilename = $cgi->upload("file");

my $filename = reverse((split(/\//,                
                             reverse($fullfilename)))[0]);

[download]
and then $filename would have everything beyond your last /. Of course TMTOWTDI. Keep in mind that the first solution I have offered is somewhat more portable though. ;)

Hope this helps.

jarich

Update:added in " marks to make it compile. *blush*. Changed called to fileparse to basename and split as fileparse doesn't seem to work as expected in many cases. Added in taint checking for filename in example use.

In reply to Re: CGI.pm help needed by jarich
in thread CGI.pm help needed by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.