Your code is very confusing, you should not name a namespace sub, and you should give your variables more meaningfull names than @Data!
I also suspect that it is possible to pass you in filenames for the images such as ..\..\..\..\..\..\..\autoexec.bat\0 to overwrite your autoexec.bat file - you should use taint mode on your CGI scripts! Also, you should give out your own names (like 000000.jpg) instead of trusting on anything that a user supplies.
From what I understood of the code, you open the files (via $fHandle->upload()), but you never close either $Data[11] or $Data[12]. Try closing them and the temporary files should be deleted automatically.
I tried to rewrite your code a bit to make it clearer to me, but I couldn't test it:
my $mode = $Data[3];
my $user = $Data[2];
my $imagename = $Data[10];
if ($mode eq "recieve") {
my ($name_fullsize,$name_thumb) = ($Label[11],$Label[12]);
my $fh_fullsize = $fHandle->upload($name_fullsize);
my $fh_thumb = $fHandle->upload($name_thumb);
if ($fh_fullsize =~ /\.jpg$/i) {
open (FULLSIZE, ">".$Root."/records/classifieds/fullsize/$user/$
+imagename.jpg");
binmode(FULLSIZE);
while (read($fh_fullsize, $fBuffer, 1024)) {print FULLSIZE $fBuf
+fer}
close (FULLSIZE);
close $fh_fullsize;
if ($fh_thumb =~ /\.jpg$/i) {
open (THUMBNAIL, ">".$Root."/records/classifieds/thumbnail/$u
+ser/$imagename.jpg");
binmode(THUMBNAIL);
while (read($fh_thumb, $fBuffer, 1024)) {print THUMBNAIL $fBu
+ffer}
close (THUMBNAIL);
} else { copy($Root."/records/classifieds/fullsize/$user/$image
+name.jpg", $Root."/records/classifieds/thumbnail/$user/$imagename.jpg
+");
}
# $Data[11] = $Data[12] = "";
@Data = sub::clearcarry(0,@Data);
@Data = sub::pushcommand("preview",@Data);
goto AllDone;
}
perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ; # The
$d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider
($c = $d->accept())->get_request(); $c->send_response( new #in the
HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' # web
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.