#!/usr/bin/perl -wT
use strict;
use CGI::Pretty qw( :standard );

my ( $p, $password );

$p="howdy";
$password=param('password');

' Here's where we taint check.  $password is undef
' if it doesn't match the regex
( $password ) = ( $password =~ /^(\w+)$/ );

if (defined $password and $p eq $password) {
    print header,
          start_html( -title   => 'Password Check',
                      -BGCOLOR => 'navy',
                      -text    => 'white' ),
          h1( 'It worked' ),
          hr(),
          br(),
          end_html;
} else {
    print header,
          start_html( -title   => 'Password Check',
                      -BGCOLOR => 'orange' ),
          h1( 'Loser -- Try Again' ),
          hr(),
          br(),
          end_html;
}