Sounds like you want to pass form data as system commands, which is potentially dangerous. The only really secure way to do this is to connect through a secure server (https://) and check for user name and password before running the command. You can also check to make sure the referring URL is relatively secure:

exit if $ENV{'HTTP_REFERER'} !~ /^https:/;
[download]

See CGI.pm and related CGI:: modules for how to handle form data.

EDIT: If what you want is an interface between the web browser and unix shell, bypassing Apache or other web server software entirely, then ignore this post.