Here's a relevant snippet from the CGI.pm docs:

To be safe, use the upload() function (new in version 2.47). When called with the name of an upload field, upload() returns a filehandle, or undef if the parameter is not a valid filehandle.

     $fh = $query->upload('uploaded_file');
     while (<$fh>) {
           print;
     }
[download]

This is the recommended idiom.

This article shows a practical example.

Use something like this to check your CGI.pm version:

% perl -e "use CGI; print CGI->VERSION;"

Hope this helps...

--f