Here's a snippet of a file upload subroutine I wrote that works pretty nice. I don't know of any particular reason that it wouldn't work on Win2k, though I haven't done perl programming on it. Make sure your directory is writable by this script.

It runs under strict. The original does automatic duplicate checking and stores file attachment names in an mySQL database (this is part of a larger document management web app). I stripped out the mySQL parts 'cuz they didn't seem important.

Good luck. If you know how to use subroutines this should be easy. If not, you should be able to figure it out anyway.

You invoke it by passing it the param of the file form element, followed by the desired filename param.
Example:
if($q->param("attach1")){uploadfiles('attach1',$q->param('attach1filename');}

##### Uploads files
sub uploadfiles{
        my ($param,$filename)=@_;
        my $filepath="/www/ejc/docs/";
        my ($i);
        my $file = $q->param($param);
        $filename=~ s/([^\w.-])/_/g;
        $filename=~ s/^[-.]*//;
        if ($filename =~/^([-\@\w.]+)$/){ # untaint filename
                $filename= $1;
                }

    open(OUT,">$filepath"."$filename") or die("Can't open outfile for 
+writing: $!");
    while (read($file,$i,1024)) {
                print OUT $i;
    }
    close(OUT);
}
##### End of file upload.
[download]

Update: Changed regex, per ryanus's suggestion below.