#!/usr/bin/perl -T

use warnings;
use strict;
use CGI;
use CGI::Carp qw(Fatalstobrowser Warningstobrowser);
use CGI::Pretty;

my $q = CGI->new;

...

# my @runutil = qw(/usr/bin/util arg arg /path/arg/file );
# system { $runutil[0] } @runutil;

my $taintedvar = $q->params('user_id');
my ( $safervar ) = ( $taintedvar =~ /^(\w+)$/ );

do '/lair/supervillain/X/Evil/ransomdemands.pl';

die 'syntax: ', $@ if $@;
die 'system: ', $! if $!;

my $thingtoprint = &show($safervar);

open my $logfile, '>>', '/path/to/log';

print { $logfile } $thingtoprint,"\n";

close $logfile;

...


##</code><code>##

#!/usr/bin/perl

use warnings;
use strict;

sub show{
  my $name = shift;
  my ( $safername ) = ( $name =~ /^(\w+)$/ ); 
  return 'six hundred zagillion $$ to the account of '.$safername;
}

# end on true if exporting script
1;