This would be a "classic" Perl application. There are a lot of scripts floating around out there of this type. However, not all of them are built with an eye toward security. Some points to look for in a script (or to include in your own) are the -T flag on the line (called shebang) that invokes Perl at the beginning: #!/usr/bin/perl -wT The T invokes "taint" mode, which prevents you from using user-supplied values in a dangerous way without first "purifying" them.

The w, which I added as well, turns on extra warnings from the compiler, which will facilitate debugging. (On a finished program, this flag would be less important.)

Any program that's going to be used in a web (CGI) environment ought to use the CGI module: use CGI;. This module has been written to take care of major security issues, and is constantly being updated to protect against new exploits.

Finally, it is extremely helpful to add use strict; at the top of your program. This enforces the use of good programming practice (within limits).

The Web Techniques columns by our own merlyn should give you more ideas.