If you want to have a literal backslash in a string then you have to escape it. You wrote " C:\WINDOWS\Profiles\eoin\My Documents\images\border.jpg" but really you have to write that as " C:\\WINDOWS\\Profiles\\eoin\\My Documents\\images\\border.jpg".
Added: Oh I see. You're using the filename all wrong. You have to accept that the filename as given by the browser isn't going to be used locally since you can't really trust it to be sane. Consider this - depending on the browser the filename may contain backslashes, slashes or colons or perhaps other odd things. Those are all OS dependant characters and you can't really trust them all too much. Here's an alternate implementation.
A short list of changes:
##!/usr/bin/perl -wT use strict; use warnings; use diagnostics; use File::Spec::Functions; use CGI qw(:standard); our $ALBUM_DIR = "albums"; my $user = param("user"); my ($album) = param("T1") =~ /([\w ]+)/; # Untaint the album dir name my $albumdir = catdir( $ALBUMDIR, $album ); unless ( -d $albumdir ) { mkdir $albumdir, 0775; } my @pics; for ( '', 0 .. 13 ) { push @pics, { idx => $_, name => (param("photo$_") =~ /.+([\w. ]+)/)[0], fh => upload("photo$_") }; } foreach my $pic (@pics) { my $name = $pic->{'name'}; my $fh = $pic->{'fh'}; my $filenm = catfile( $albumdir, "pic$idx" ); local *IMAGE; open IMAGE, ">", $filenm or die "Couldn't open $filenm for writing: $!"; binmode IMAGE; while (my $line = <$fh>) { print IMAGE $line or die "Couldn't write to $filenm: $!"; } close IMAGE or die "Couldn't close $filename while writing: $!"; } print header, start_html( -title => 'Please Wait', -meta => { "HTTP-EQUIV" => "refresh", CONTENT => "05;URL=http://eoinmurphy00.netfirms.com/cgi- +bin/main.cgi?status=home&user=$user" }, ), p('Please Wait'), p('You will be redirected to the main page in two seconds.'), p("Thank you $user"), end_html;
In reply to Re: Lost Backs\ash
by diotalevi
in thread Lost Backs\ash
by eoin
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |