Others have already raised the security issues with this - I'll just add that I believe it's better not to play shell games with your variables. When the variable is in $q->param('fieldname'), you know exactly where it came from - $fieldname tells you nothing of the variable's origin. Moving variables around confuses things - at some point you may get the same theoretical variable from a trusted source (e.g. the database), and you'll probably rename that to $fieldname too. Keeping track of which variables came from where, can you trust them, are they up-to-date, etc., becomes a new set of problems you wouldn't have if you hadn't destroyed their original contexts.

---

Update
Here's an example from the quality system of a medical equipment division of a Fortune 500 company. The authors of the system decided to put all of the variables from the form submission into a $formVals hash. So far so good. Then they had the genius idea to put the values they got from the database into the same hash - that way they could just assign the $formVals hash to the template and the submitted values would go in there if form validation failed - otherwise the database values would go there. Needless to say this became my nightmare as the maintainer of the system. It's indicative of a broken mental model of client-server programming - they made all kinds of other errors, from trusting form values to be current (allowing the clobbering of new data with old) to updating the screen with new records that hadn't been saved to the database (it looked like they had been saved, but they were only preserved in the form).