$|=1;
		
		my $data = $q->param("ATTACHMENT_FILE");
		#&cgierr("File 0:".$data);
		# write original file
		# --------------------------------------------------------
		if($data) {
			my $max_size = 50000;	#in kb			
                        # read file extension
			# --------------------------------------------------------
			my ($file_obj,$file_ext) = split(/\./,$data);
			$file_ext = lc($file_ext);
		
                        #unrelated SQL statements removed for clarity

			my $directory = "$c{base}{path}/folder/".theYear.theMonth.refNo;
			$directory =~ s/\\/\//g;
			if (!(-e $directory)) {
				mkdir ($directory, 0755);
			}
			$directory =~ s/\\/\//g;
			&cgierr("Directory does not exist! : $directory\n") if (!(-e $directory));
                        &cgierr("Permissions denied! : $directory\n") if (!(-W $directory));
                        &cgierr("Specified path is not a directory! : $directory\n") if (!(-d $directory));		
				
			my ($filename,$fullfile);
			($directory =~ m,/$,) ?
			($fullfile = "$directory$data") :
			($fullfile = "$directory/$data");
			my ($bytesread, $buffer, $file_size);
			$file_size = 0;
			open(OUTFILE,">$fullfile");
			binmode( OUTFILE );		     
                        while ($bytesread = read($data,$buffer,1024)) {
				print OUTFILE $buffer;
				$file_size += 1024;
			}
			close(OUTFILE);
			chmod (0666, "$fullfile");