So, here's an SSCCE which works well.
#!/usr/bin/perl
use strict;
use warnings;
use CGI::Session;
my $session = CGI::Session->new or die CGI::Session->errstr;
my $cgi = $session->query;
my $html = '<h1>Session test</h1>';
my $field = 'doc_upload';
# Initial value
my $gfn = $session->param ($field);
$html .= $gfn ? "<p>Initial value: $gfn</p>" : '<p>No iniital value</p
+>';
# New value
my $newgfn = $cgi->param ($field);
$html .=
$newgfn ? "<p>Supplied value: $newgfn</p>" : '<p>No supplied value</
+p>';
if ($newgfn) {
$session->param ($field, $newgfn);
$html .= '<p>Initial value overwritten with new value</p>';
}
$html .= qq{<form method="post"><input type="text" name="$field"/>
<input type="submit" value="Submit new value"/></form>};
print $session->header, $html;
$session->flush;
The HTML is minimalistic but serves the purpose. Run this CGI a few times to convince yourself that it is indeed storing new values but only when supplied. Then see how this differs from your script and amend yours accordingly. Good luck.