CGI Perl script to accept and store parameters and call imagemap

#!/usr/local/bin/perl 

# ERIN database gateway script
# Tony Boston	- June 1994

# Define constants and environment variables

$ENV{'ORACLE_HOME'} = '';
$ENV{'ORACLE_SID'} = '';
$ENV{'TWO_TASK'} = '';
$cgidir = '';
$sqrdir = '';
$tmpdir = '';
$logdir = '';

# Open the parameter file
open(PARAM,"> $tmpdir/param.$ENV{'REMOTE_ADDR'}") || die "Open parameter file did not work: $!\n";

# Check if GET or POST
if ($ENV{'REQUEST_METHOD'} eq "GET") {
    $query = $ENV{'QUERY_STRING'};
    @pairs = split(/&/, $query);

    foreach $pair (@pairs)
    {
        ($name, $value) = split(/=/, $pair);

        # Un-Webify plus signs and %-encoding
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

        # Stop people from using subshells to execute commands
        $value =~ s/~!/ ~!/g;
        
        if ($name eq "map.x") {
            $mapx = $value;
        }
        elsif ($name eq "map.y") {
            $mapy = $value;
        }
        else {
            printf(PARAM "%s\n","$name=$value");
        }
    }
  } 
elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
    # Get the input
    read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
    # Split the name-value pairs
    @pairs = split(/&/, $buffer);
 
    foreach $pair (@pairs)
    {
        ($name, $value) = split(/=/, $pair);
 
        # Un-Webify plus signs and %-encoding
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
 
        # Stop people from using subshells to execute commands
        $value =~ s/~!/ ~!/g;
 
        if ($name eq "map.x") {
            $mapx = $value;
        }
        elsif ($name eq "map.y") {
            $mapy = $value;
        }
        else {
            printf(PARAM "%s\n","$name=$value");
        }
    }
  }

# Close the output file
close(PARAM);

# Call IMAGEMAP
print "Location: /cgi-bin/imagemap/bio?$mapx,$mapy\n\n";