I wouldn't recommend using that script verbatim. Feeding user input to system() is a bad thing, and feeding it in scalar context is extra bad. Using system() with a scalar rather than an array argument sends the command to the system shell (usually /bin/sh) for processing, so metacharacters like ';' and '`' get interpreted. Anyone who finds the script can run arbitrary commands as you simply by putting them in the 'module' parameter. E.g. if someone loads http://someisp.com/~you/compile.cgi?module=;rm%20-rf%20*;, that script would happily run
system("/bin/gunzip ;rm -rf *;.tar.gz")
-Matt