instead, i'd use something like this, as is referenced (sort of) in the CGI documentation:

#!/usr/local/bin/perl -wT
use strict;
$|++;

use CGI;

my %defaults = (
    foo => "bar",
    bar => "baz",
);

my $input = CGI->new();            # gimme CGI!
$input->use_named_parameters(1);   # tell CGI to add dashes
# remember to untaint @ARGV here!!!
$input->param( %defaults, @ARGV ); # assign params after untainting
# more code...
[download]

don't be so trusting of @ARGV. make sure it is untainted before you use it!

~Particle ;Þ