#!/usr/bin/perl 

print "Content-type: text/plain\n\n";

use strict;
use warnings;
use Validate;
use CGI qw(:standard);

my @errors;

my $sendto 	= Validate->alphanum (param('sendto'));
push @errors, "Missing or invalid addressee\n" unless $sendto;

my $email	= Validate->email (param('email'));
push @errors, "Missing or invalid e-mail address\n" unless $email;

# similar untainting for all other user input here, then...

if (@errors) { &printerrors; exit; }
	
#-----------send email ---------

	$sendto .= "\@somewebsite.org";

	open(MAIL,"| /usr/lib/sendmail -t") or die "Could not open sendmail: $!";
		print MAIL "From: $name\n";
		print MAIL "To: $sendto\n";
		print MAIL "Subject: $subject\n\n";
		print MAIL "E-mail: $email\n\n";
		print MAIL "Message: $message\n\n";
		print MAIL "\n\n";
	close MAIL or die "Could not close sendmail: $!";

print "Thanks for your message.";	
exit;

sub printerrors {
	for (@errors) { print $_."\n" }
}

__END__