## taint environmentals
$ENV{'PATH'} = "/bin:/usr/sbin";
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};

## clean up user's name
$formdata{username} =~ s/ //g;
$formdata{username} =~ s/[^A-Za-z0-9]//g;
$formdata{username} =~ /^([A-Za-z0-9]{1,8}).*$/;
$formdata{username} = $1;

my $cli = "-s $shell -d $home -G $group $formdata{username}";
  $cli =~ /^(\-s \"\/bin\/false\" \-d \"\/home\/clients\/(?:stage\.)?(?:[\w\-]+\.)(?:\w{2,3}\.)?(?:\w{2,4})\/[A-Za-z0-9]+\" \-G \"hosting\,[\w\-]+\" [A-Za-z0-9]+)$/;
  $cli = $1;

  print "CLI is $cli";

  system("/usr/sbin/useradd $cli");