I'm not a web guru, but there are a few things to note. One, you'll want to read up on tainting. This script is leaving big security holes on your server. Taint mode can be read about via the perldoc perlsec command on your system. This isn't a short subject, but I think it's important.

I'd also suggest looking into the CGI module to make your life easier. Ovid has a very good CGI course.

Edit: I should also note that I didn't really address your question at all with the above info. But it seems to me that b1om covered that already.