I have put together quite a few pages using CGI and HTML::Template and I really like it. It works. When I took the little perl knowledge that I had and comined it with Ovid's CGI Course I felt that I had a simple and secure application. I am trying to expand my sites and add more functionality so I have decided to start using CGI::Application. This is a realy cool module and fun to use. I have an issue though. I am not sure how I can untaint input from users. Take the following for example:

sub login{
    my $self = shift;
    my ($nick, $pass) = @_;
    my $session = $self->param('session');
    if(defined $nick and defined $pass){
        if($nick eq $pass){
            #REPLACE THIS WITH A REAL CHECK!!!!
            #DO STUFF
          }else{
            #DO OTHER THINGS
          }
     }
[download]

I have been using CGI::Untaint when I was using just CGI, but now that I am modularizing the site, I am not sure how to go about this. Should I be looking to "$self" and asking for $nick and $pass and then untaint them? Is there a better way to do this now the I am using CGI::Application?

My thanks to all,
ghettofinger