Terrence Brannon


HTTP::File - Routines to deal with HTML input type file.


CGI.pm example

savepage.html looks like this:

<H1>Upload a webpage</H1>

<FORM METHOD=POST ENCTYPE="multipart/form-data" action="/cgi-bin/webplugin/savepage.cgi">

<INPUT TYPE=file name=FILE_UPLOAD size=35>

<INPUT TYPE=submit NAME=Action VALUE="Upload Ahoy!">


savepage.cgi looks like this:


use CGI; use HTTP::File;

$cgi = new CGI;


$raw_file = $cgi->param('FILE_UPLOAD'); $basename = HTTP::File::upload($raw_file,$upload_path);

print $cgi->header; print $cgi->start_html;

print "$basename upload successfully.<BR>Upload path: "; print $upload_path ? $upload_path : '/tmp';

print $cgi->end_html;

HTML::Mason example

<FORM METHOD=POST ENCTYPE="multipart/form-data" action="receive-upload.html"> <INPUT TYPE=file name=PHOTO_FILE size=35> </FORM>

... then in receive-upload.html

<%init> use HTTP::File; </%init>

<%perl> $output_path="/var/spool"; $raw_file=$ARGS{PHOTO_FILE}; HTTP::File::upload($raw_file, $output_path); </%perl>


HTTP::File is a module to facilitate file uploads from HTML file input.It detects the basename of the raw file across MacOS, Windows, and Unix/Linux platforms.

sub platform

Uses a subset of the functionality of HTTP::Headers::UserAgent to determine the type of machine that uploaded the file.

sub upload

Upload RAW_FILE to the local disk to a specified PATH, or to /tmp if PATH is not specified.

    Returns the basename of the uploaded file;

As of version 3.1, there are two new args to upload():

  • $debug

    A third argument, $debug, if non-zero will send debugging information to STDERR.

  • $kludge

    A fourth argument, $kludge, if non-zero, will also write the read data to a file in the temp directory.


This module exists for backwards-compatibility. CGI.pm now has an upload() function which serves the same purpose.


Terrence Brannon >tbone@cpan.org<

binmode support for Windows added by Mark Zellers: (reverse com dot docent at mzellers

Perl 5.8.x taint compatibility added by Rodd Clarkson rodd at redfishbluefish dot com dot au

Rodd also suggested that I refer people to a more modern and popular solution to the problem of uploading files --- CGI.pm


CGI::Upload - a newer and more secure version of this module. I tried to use CGI::Upload, but after staring at the docs and pinging on IRC, I still had no clue of how to do what I wanted. Thus the return of my insecure, naive approach to the same problem. Caveat emptor, whatever that means.