This appears to be related to a cgi-script, right? Are you using the CGI module to fetch the parameter values from the form? I have seen people trying to read the parameters in themselves (without CGI.pm) and getting bitten by URI escape sequences in their input. Without seeing your code... this would be my first guess.