as ikegami toll you, eval $expr is the easiest way to evaluate arithmetic expresions but it allows for more things that just math, so it can be very dangerous.

You can try checking the expression first with a regular expression but you have to be very carefull, and finding a secure filter for more than simple math expressions becomes difficult.

Other alternative is to write a parser and an evaluator in perl. The parser converts the string to a tree (or stack or other conveniant representation) and after that, the evaluator evaluates it (look in CPAN for Parser::RecDescent for an easy way to write parsers).