sub Parse_Form {

	use vars ('%formdata');

	my @pairs = ();

	if ($ENV{'REQUEST_METHOD'} eq 'GET') {
		@pairs = split(/&/, $ENV{'QUERY_STRING'});

	} elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
		read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
		@pairs = split(/&/, $buffer);
		
#### Removed as security risk 
#### Use hidden vars in stead
#### don't mix methods		if ($ENV{'QUERY_STRING'}) {
#### don't mix methods			@getpairs =split(/&/, $ENV{'QUERY_STRING'});
#### don't mix methods			push(@pairs,@getpairs);
#### don't mix methods		}

	} else {
		print "Content-type: text/html\n\n";
		print "<P>Use Post or Get";
	}

	foreach my $pair (@pairs) {
		my ($key, $value) = split (/=/, $pair);

		$key =~ tr/+/ /;
		$key =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
		$value =~ tr/+/ /;
		$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
	
###=== Begin Security addition ======================
		## REMOVE poison NULL 
		$key =~ s/\0//g;
		$value =~ s/\0//g;

		## Clean characters to remove weird stuff
		my $allowedCHARS = 'a-zA-Z0-9\!\"\#\$\%\&\'\(\)\*\+\,\-\.\/\:\;\<\=\>\?\@\[\\\]\^\_\`\{\|\}\~';
		$key =~ s/[^$allowedCHARS]//gi;
		$value =~ s/[^$allowedCHARS]//gi;

		$key =~s/<!--(.|\n)*-->//g;
###=== End Security addition ========================


###=== Begin Cosmetic/Functionality addition ========
		## REMOVE LEADING BLANKS
		$key =~ s/^\s*//;

		## REMOVE TRAILING BLANKS
		$key =~ s/\s*$//;
###=== End Cosmetic/Functionality addition ==========


		$value =~s/<!--(.|\n)*-->//g;

		if ($formdata{$key}) {
			$formdata{$key} .= ", $value";
		} else {
			$formdata{$key} = $value;
		}
	}
}	
return 1;