##

#!/usr/bin/perl -T
use CGI;
use strict;
my $q = new CGI;
if($q->param('img') =~ /^([\w\.\-]+)$/) { # untaint
    my $file = $1;
    if(-f "/tmp/$file") {
        if(open(I,'<',"/tmp/$file")) {
            print $q->header(-content_type => "image/jpeg");
            print while ;
            close I;
            exit; 
        }   
    }   
}   
print $q->header(-status => '404 Not found');
print "Not found.\n";