#!/usr/bin/perl -wT
use strict;
use CGI qw/:standard/;

# grab the data
my $tainted_field1 = param( 'field1' ) || '';
my $tainted_field2 = param( 'field2' ) || '';

# untaint the data
my ( $field1 ) = ( $tainted_field1 =~ /^([\w\s]+)$/ );
my ( $field2 ) = ( $tainted_field2 =~ /^([\w\s]+)$/ );

# do as you will...