In addition to what the others have said - Use strict and warnings and don't use that $FORM code - you are exposing yourself to a huge security hole by allowing people to entirely replace an HTML file (with SSIs apparently). It's called a Cross-site scripting (XSS) attack, here's a tutorial (in fact, this is even worse, since you're allowing the page to be entirely replaced, not just portions of it).

Although I really think you should move away from CGI.pm (CGI Parameters, UP-TO-DATE Comparison of CGI Alternatives, and CGI::Alternatives), and you need to address the above security issue somehow (at the very least some password protection?), to answer your questions: Instead of your $FORM stuff, use the param function, and to overwrite a file, you just need to use a regular open with a mode of ">" instead of ">>", this will clobber the file contents.