#!/usr/local/bin/perl -T
# Script: good_finger.pl

# need to set the path explicitly to pass
# taint checks.
$ENV{'PATH'}='/usr/bin';

use CGI;
$|=1;				# unbuffer output

$q = new CGI;
print $q->header;

print $q->start_html('Finger Gateway'),
    "<H1>Finger Gateway</H1>",
    "<ISINDEX>";

@usernames = $q->keywords();
# untaint usernames by pattern matching on things 
# that look like bare usernames or e-mail addresses.
# Add the matched pattern to a list of OK names 
foreach (@usernames) {
    unless (/^(\w+|\w+\@[\w-.]+)$/) {
	print "<P><EM>$_: Not a valid name.</EM>\n";
	next;
    }
    push(@oknames,$1);# if we get here,the name's safe
}

if (@oknames) {
	print "<PRE>\n";
	# Invoke the finger program.
	# We duplicate standard error to standard output so that
	# finger errors appear in the browser window.
	system ("finger @oknames 2>&1");
	print "</PRE>\n";
}

print $q->end_html;