#!/usr/bin/perl
 
use CGI;
use Mail::Sender;
$q = new CGI;
# uploading the file...
 
my $position = &filter($q->param('position'));
my $name = &filter($q->param('name'));
my $email = &filter($q->param('email'));
my $filename = &filter($q->param('filename'));

if ($filename ne ""){
  $tmp_file = $q->tmpFileName($filename);
}

$sender = new Mail::Sender {from => '$email',smtp => 'myhost.temp.hosting.com'};
$sender->OpenMultipart({to=> 'myself@mysite.com',subject=> '$position'});
$sender->Body();
$sender->Send(<<"*END*");
This is just a test of mail with an uploaded file.
This is a test.
*END*

$sender->SendFile(
          {encoding => 'Base64',
           description => $filename,
           ctype => $q->uploadInfo($filename)->{'Content-Type'},
           disposition => "attachment; filename = $filename",
           file => $tmp_file
          });
          
$sender->Close();
 
print "Content-type: text/plain\n\n";

print "Yes, it's sent\n\n";

# remove security rish charactors from the data extracted from the url
sub filter
{
  $_[0]=~s/\'/\\\'/g;
  $_[0]=~s/<//g;
  $_[0]=~s/>//g;
  $_[0]=~s/;//g;
  $_[0]=~s/\(//g;
  $_[0]=~s/\)//g;
  $_[0]=~s/\"//g;
  $_[0]=~s/\'//g;
  $_[0]=~s/\?//g;
  $_[0]=~s/script//g;
  $_[0]=~s/\///g;
  $_[0]=~s/>//g;
  #$_[0]=~s/\%2F//g;
  
  return $_[0];
}