Steve Linberg writes: |I use a slight variation: |$buffer =~ tr/+/ /; |$buffer =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; |$buffer =~ s/<!--(.|\n)*-->//g; |$buffer =~ s/<([^>]|\n)*>//g; |do this before the split statement. This is why it's best to use something like CGI.pm that has been tested by thousands of people. Think about what happens if a name or value has an equal sign, ampersand, or plus in it. Under CGI.pm it will work fine. Under the code quoted above, it not only will fail, but fail badly. Second, you're being way overzealous in your removal of comments and markup. Consider what happens to: <!-- a comment -->good stuff<!-- another comment --> and: If a < b and c > d, ... and: <!----> which isn't even a valid SGML comment. Brian ***** Want to unsubscribe from this list? ***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch