@special = ("body",
            "subject",
            "link_url",
            "pid");

foreach $field (keys %form_data) {
	# specific fields that can have additional characters
	if($field eq "body" ||
	   $field eq "subject" ||
	   $field eq "link_url" ||
	   $field eq "pid") {
		# were looking for specific hacker tricks here
		foreach (@special) {
			$form_data{$_} =~ s/system\(.+//g;
			$form_data{$_} =~ s/grep//g;
			$form_data{$_} =~ s/\srm\s//g;
			$form_data{$_} =~ s/\srf\s//g;
			$form_data{$_} =~ s/\.\.([\/\:]|$)//g;
			$form_data{$_} =~ s/< *((SCRIPT)|(APPLET)|(EMBED))[^>]+>//ig;
		}
	# all other fields get sifted here
	} elsif($form_data{$field} ne "") {
		unless ($form_data{$field} =~ /^([-\@\w.\s]+)$/) {
			# exit handler here
		}
	}
}