#!/usr/bin/perl -wT 
# the -T flag turns on taint checking
use strict;
my $user = <STDIN>;
chomp $user;

     # make sure that $user only contains word characters
     # these are a-z, A-Z, 0-9 and _
     # if this is so, assign the value found to $user.
     # otherwise, die with an error
unless(($user) = ($user =~ /^(\w+/)$)) {
    die "Invalid username: $user\n";
}

open (HAND, "mysql -u $user") or die "error $!";
     # only good values of $user get to here