in reply to Uploading using CGI, plus a bug in CGI?
The "stickiness" is actually intentional. This allows you to display a form, have the user fill in some values, and then spit the form back at them with their previous values already filled in. This saves a lot of effort should you be re-printing the form due to bad or insufficient input, or carrying the values to a different form where you want the user's choices to stay.
As such, any "value" that you provide to a form field (including hidden fields) is merely a "default" which gets used if we have no previous paramater value of that name. If you want your new value to override any pervious values, you need to pass in an "override" option, like this:
Also, the advice about not decoding your own query string is incredibly wise. The CGI module already does this for you with its param() function.hidden(-name=>"Upload",-value=>"foo",-override=>1);
If you're using CGI version 2.47 or above, then you won't want to use param() to grab files like you're doing in your code above, as the upload() function does a much better job. param() can return something which is not a filehandle if your users are being mischievious with their parameters, whereas upload() guarantees that what you get back is a valid filehandle or undef.
If you have to use param() to get uploaded files, there's a discussion on checking if something is a filehandle here.
Cheers,
Paul
|
|---|