Also, the following popular construct can generate a warning if the parameter is undefined:
As I don't like spurious warnings in my error log, it seems cleaner this way.
my ($action) = param('action') =~ /^([[:alpha:]]+)$/;
Why would you consider those warnings spurious? If they were a result of an incorrect parameter name in a form, they could help with debugging. If they are the result of someone purposefully trying to submit incorrect parameters it might be interesting to know that...
The code looks fine, by the way. I don't use POSIX character classes very often myself but I don't have any problem reading them.
"My two cents aren't worth a dime.";