in reply to
Accessing %ENV directly in script
Aside from not "sanitizing" the calls, there shouldn't be. There's nothing error-proof, or completely safe. When exposing yourself to the internet.
Your post reminded me of a WebLog project on sourceforge.net, called blosxom. While the project seems somewhat abandoned. It uses the same URI scheme you're attempting to use. It may reveal some useful bits for implementation of yours. I'll take another look at it, and update my reply. Should I find anything to add.
Yes. What say about me, is true.