If you're just looking for a single CGI variable (e.g. 'my_var'), then you would create a global called 'my_var'. The content would be:
sub { $IN->param('my_var') }
Then when you want to add the my_var content, simply put: <%my_var%> in the template. The template tag should be the same name as the global; the value between the (parenthese) in ->param('....') should be the CGI parameter.
Alternatively, if there are multiple variables that you need to access, I'd add a new global; call it 'param', perhaps. The content of that global would be:
sub { $IN->param(shift) }
(Note that there are no quotes around shift)
Now, in the template, to get the CGI input, use:
<%param(my_var)%>
Neither case allows raw HTML to be passed in; if you want that capability, change the globals' contents to be:
sub { \($IN->param('my_var')) }
and
sub { \($IN->param(shift)) }
respectively. As Paul mentioned, there is a minor security concern with allowing the HTML - someone could change the input to display any HTML they like on the page. They can't show it or cause anything malicious to other users, unless they paste a link somewhere that people decide to follow.
Jason Rhinelander
Gossamer Threads jason@gossamer-threads.com