Fixed a potential security problem with the page.

Fixed a potential security problem with the page.
All filenames passed as the "doc" parameter must end in ".txt" and may not
contain any other dots, for example "../", but sensible web servers should
restrict the wwwuser as a matter of caution, anyway.  Furthermore, only
normal characters are allowed in the filename - see the regexp on line 36
to see what these are.  This was to combat malicious users potentially
inserting a ";" or other character in the HTTP querystring, however, most
implementations of perl CGI readily ignore everything after (and
including) the first
";" when a new CGI object is used to return the form variables.