virtual does an HTTP request. Since you can't specify which method to use, I bet it virtual always uses GET.

include doesn't work since the included file is treated as a PHP scripts (causing a Perl script to be outputed unexecuted).

I think passthru or system will do the trick. In any case, this is a PHP problem, and has nothing to do with Perl.

Alright, thanks for the info!

Well, perhaps you'd better ask on php monks :) because it's obviously a PHP problem. The php include() is used only to include PHP code. It can't work with anything else. And the documentation for virtual() states that

Warning
The query string can be passed to the included file but $_GET is copied from the parent script and only $_SERVER['QUERY_STRING'] is filled with the passed query string. The query string may only be passed when using Apache 2. The requested file will not be listed in the Apache access log.

So basically if you're using Apache 1.3, you're stuck.

Well i suppose its time i build a new secure webserver anyway. Thanks for the help everyone.

Thanks for your reply, but i think the following might debunk that:

If i output the $ENV{'CONTENT_LENGTH'} variable with nothing in the forms, the size is 22. However, if i put one char in a field and hit submit, the size increases by one. If i put n chars in the form, $ENV{'CONTENT_LENGTH'} increases by n. So the CGI script is getting the length of the POST input, im just nto sure how else to access it (other than doing read(STDIN, $x, $ENV{'CONTENT_LENGTH'})).

Check what's in $HTTP_GET_VARS, that's all I see. However we're getting really off-topic now :)