my $user = get_username();
if ($user =~ /^(\w+)$/) {
  $user = $1;
} else {
  die "Hey, you gave me bad input: $user\n";
}
# proceed with untainted $user