encode_entities($s) would do

Thanx - thats also what LanX suggested so my script is now this:

#!C:\Perl64\site\bin\perl.exe
use strict;
use warnings;
use HTML::Entities;
use CGI;

my $cgi = CGI->new();

my $nick = $cgi->param('nick');
my $pic = $cgi->param('pic');
my $say = $cgi->param('say');
my $likes = $cgi->param('likes');
my $fav = $cgi->param('fav');
my $car = $cgi->param('car');
my $age = $cgi->param('age');
my $town = $cgi->param('town');
my $drink = $cgi->param('drink');
my $wpage = $cgi->param('wpage');

encode_entities($_)
   for $nick, $pic, $say, $likes, $fav, $car, $age, $town, $drink, $wp
+age;

open(my $fh, '>>', 'drivers.html');
print "Content-type:text/html\r\n\r\n";
print $fh "<b>$nick</b><br><img src='$pic' width='250' height='auto' b
+order='2'><br><br>Says <b>$say</b><br>Likes <b>$likes</b><br>Favorite
+ vehicle <b>$fav</b><br> Real life car/vehicle <b>$car</b><br>Age <b>
+$age</b><br>Hometown <b>$town</b><br>Favorite drink <b>$drink</b><br>
+<b><a href='$wpage'>$wpage</a></b><HR color=#008000 SIZE=2>\n";
print "<html><head><meta http-equiv = 'refresh' content = '0; url = dr
+ivers.html' /></head>";
close $fh;
[download]

I also tried using -T (taint) after the shebang line but then I just get 500 Internal error - any idea why?

I also tried using -T (taint) after the shebang line but then I just get 500 Internal error - any idea why?

Your script attempts to write tainted data to the filesystem. Running in taint mode protects you from doing this which is a very good reason to run in taint mode. See your web server's error log for more detail.

Update: As in the replies, there is no reason why your script as posted would not run under taint mode. I too have just tried it and it works fine.

---

🦛