First you have to actually create a file under your server's DocumentRoot, which could not be as obvisous as it seems if you don't have the permissions.

Second, the file is potentially visible by other users too, and you must remember to erase it. Otherwise the filesystem will fill up and the file would be at other client's perusal.

Third, you must carefully choose how to create the temp dir, or the same problems/race conditions associate to temp files would potentially show up.

Fourth, MIME headers are so cool in this context :-)

Nonetheless your solution is probably the quickest, but a security-proof implementation can be more painful than it seems. <SIGNATURE>-- TIMTOWTDI</SIGNATURE>

In reply to Re: Re: Getting CGI to name a file it returns by trantor
in thread Getting CGI to name a file it returns by Torgo

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.