cgi (common gateway interface)
DESCRIPTION
CGI (Common Gateway Interface). CmpE 587 Emir Bayraktar Onur Bük. Overview. What is CGI ? How it works Perl Language Cgi Environment Variables Get & POST Methods Server-Side Includes (SSI). What is CGI ?. It stands for Common Gateway Interface It is a way of programming for the web - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/1.jpg)
1
CGI(Common Gateway Interface)
CmpE 587
Emir BayraktarOnur Bük
![Page 2: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/2.jpg)
2
Overview
What is CGI ? How it works Perl Language Cgi Environment Variables Get & POST Methods Server-Side Includes (SSI)
![Page 3: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/3.jpg)
3
What is CGI ? It stands for Common Gateway
Interface It is a way of programming for the
web It is a server-side technology It makes web-pages dynamic
![Page 4: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/4.jpg)
4
Basics of CGI CGI can be written with many
languages Most popular are PERL and C Our choose is PERL because...
PERL is standard on UNIX systems PERL is very easy and robust It also runs on WindowsNT
![Page 5: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/5.jpg)
5
How it works ? CGI combines HTML tags with
program statements HTML tags are for appearance and
visuality PERL codes are for functionality The result are functional and nice
web-pages
![Page 6: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/6.jpg)
6
Before we begin PERL is an interpreted language You write the script and it runs But only if it is error-free A simple text editor is enough No additional software required
![Page 7: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/7.jpg)
7
Let’s begin with the first script
We need to know where PERL runs %>whereis perl or %> which perl /usr/bin/perl
The first line of our script would be #!/usr/bin/perl
As the result must be an HTML code print “Content-type:text/html\n\n”;
![Page 8: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/8.jpg)
8
Default First Script : “HELLO WORLD”
#!/usr/bin/perl
print “Content-type:text/html\n\n”;
print “<html><head><title>HELLO
</title></head>\n”;
print “<body>\n”;
print “<h2>HELLO WORLD</h2>\n”;
print “</body></html>\n”;
![Page 9: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/9.jpg)
9
PERL Variables
Like many other programming languages, PERL has different kinds of variables SCALAR VARIABLES ==> $scalar ARRAY VARIABLES ==> @array HASH VARIABLES ==> %hash
![Page 10: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/10.jpg)
10
Scalar Variables
A scalar variable stores a scalar value. They have the prefix $. They can contain any kind of data like numbers, characters or a string. $num=5; $name=“John”;
You can input data to a scalar variable with $name=<STDIN>;
![Page 11: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/11.jpg)
11
Array Variables
An array stores list of information. They have the prefix @. The arrays start with the index 0. If you refer to a single element of the array, you use the prefix $ with the index. For example @city=(“ist”,“ankara”,“izmir”); $city[0] =“ist” $city[2] =“izmir”
![Page 12: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/12.jpg)
12
Hash Variables
Hash variables are a special kind of arrays. They contain paired groups of elements. Each pair consists of a key and data value. They have the prefix %. %pages = ( ”Yahoo" => "http://www.yahoo.com",
”Mail" => "http://www.hotmail.com",
”Uni" => "http://www.boun.edu.tr“ );
![Page 13: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/13.jpg)
13
CGI Environment Variables
These are a series of hidden values that the web server sends to every CGI you run. They are stored in a hash called %ENV. Some of them are… DOCUMENT_ROOT:The root directory of your
server HTTP_HOST:The hostname of your server REMOTE_ADDR:The IP address of the visitor REMOTE_HOST:The hostname of the visitor SERVER_NAME:Your server's qualified domain
name
![Page 14: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/14.jpg)
14
Properties of %ENV
The %ENV hash is set for every CGI, and you can use any or all of it as needed. For example, you can write the IP address of the visitor with the command: print “Your IP =$ENV{‘REMOTE_ADDR'}\n";
print “Your Port =$ENV{‘REMOTE_PORT’}\n”; print “Your Browser =$ENV{‘HTTP_USER_AGENT’}\n”;
![Page 15: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/15.jpg)
15
Some examples using %ENV
Let’s find the IP address of the visitor...#!usr/bin/perl
print “Content-type:text/html\n\n”;
print <<Finish
<html><head><title>IP</title></head>
<body>
Your IP address: $ENV{‘REMOTE_ADDR’}
</body></html>
Finish
![Page 16: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/16.jpg)
16
GET and POST
We use GET and POST in order to send data from an HTML document to a CGI program.
GET: The input values are sent as part of the URL, saved in the QUERY_STRING environment variable.
POST: Data are sent as input stream to the program
![Page 17: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/17.jpg)
17
A simple example with GET
We will write a simple CGI script which takes data input from and sends the data with the ‘QUERY_STRING’. The working part of the code is as follows:#!/usr/bin/perl
print “Content-type:text/html\n\n”
print <<Finish
<html><head><title>CMPE587</title></head>
<body>
![Page 18: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/18.jpg)
18
A simple example with GET (cont’d)
<h2>This page collects info about you</h2>
<form action:“http://www.students.itu.edu.tr/~bayraktara/cgi-bin/info.cgi” method=“GET”>
Name:<input type=“text” name=“name” size=20>
<p>
Surname:<input type=“text” name=“sname” size=30><p>
<input type=“submit” value=“submit”>
Finish
![Page 19: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/19.jpg)
19
A simple example with GET (cont’d)
![Page 20: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/20.jpg)
20
There are two important results
If we look at the %ENV variable we would see that $ENV{‘QUERY_STRING’}= name=Ali+Veli&sname=Yilmaz
The second result is that the address bar of the result page would look like
![Page 21: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/21.jpg)
21
How to filter unwanted characters
There are some unwanted characters in the string: “=” , “+” and “&”. “+” stands for space and “&” separates input values. name=Ali+Veli&sname=Yilmaz
First we have to split “name” and “sname”. Fortunately, PERL has a “split” command. @val=split(/&/,$ENV{‘QUERY_STRING’}) @val=(“name=Ali+Veli”,”sname=Yilmaz”)
![Page 22: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/22.jpg)
22
How to filter unwanted characters (cont’d)
We have now an array variable. We use the split command for the second time in order to filter “=“ character. As we have many input values we use such a code: foreach $ran (@val) {
($field, $value)= split(/=/,$ran);print “$field = $value\n”;}
![Page 23: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/23.jpg)
23
Advantages and disadvantages of GET
It is very simple to collect data and process it. You can make forms very easily. This is an advantage.
It is not secure. The data that will be sent is a part of the URL. It can be easily obtained by others.
![Page 24: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/24.jpg)
24
An example with POST
POST is another method of sending data but it is much more secure than GET. Data will be sent after encoding. It can also send more data according to GET. Encoding requires decoding and this increases the complexity of the script.
The decoding tasks are performed by PERL with some simple commands.
![Page 25: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/25.jpg)
25
Decoding Commands
There are two basic decoding commands. These are substitute and translate.
The syntax for substitute is:$varia =~ s/pattern/replacement
An example clears all: $greeting = “Hello name.\n”;
$greeting = ~s/name/Ali/;
print $greeting;
![Page 26: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/26.jpg)
26
Decoding Commands
The syntax for translate is: $varia =~ tr/searchlist/replacelist The translate command turns every
character in the searchlist to its corresponding character in the replacelist
The upper&lower case transformation can easily be done with
$lower =~ tr/[A-Z]/[a-z]
$upper =~ tr/[a-z]/[A-Z]
![Page 27: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/27.jpg)
27
How to decode data streams
We have seen how to split a data stream. Now , we have to decode the stream with translate and substitute.$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
![Page 28: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/28.jpg)
28
How we get POST dataread (STDIN, $ENV{‘CONTENT_LENGTH’});
@pairs=split(/&/,$buffers);
Foreach $pair(@pairs){
($varname,$value)=split(/=/,$pair);,
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$FORM{$varname}=$value;
}
![Page 29: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/29.jpg)
29
Server-Side Includes(SSI) Embedded code section in an HTML
document. Dependent on type of server Server
parses SSI code executes it sends the results to the client
![Page 30: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/30.jpg)
30
Server-Side Includes (cont’d) How does the server understand
that the HTML file contains SSI code? The file extension is converted to
shtml or The access rights for the file is 755
(in UNIX environment)
![Page 31: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/31.jpg)
31
SSI Structure <!--#element property=value
property=value -- > Ex:
<!--#include file=“bodybar” -- > <!--#flatsmode
virtual=“/includes/flashes.inc” -- > <!--#exec cgi=“/cgi-bin/a.cgi” -- >
![Page 32: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/32.jpg)
32
Database Connectivity Uses Perl’s DBI Module Ex (pseudocode):
use DBI;$dbh=DBI->Connect(“dbi:mysql:dbname”,”username”,”pswd”);
$sth=$dbh->prepare(“sql query”);$sth.execute;while(($var1,$var2,$var3)=$sth->fetchrow){use variables$dbh->disconnect}
![Page 33: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/33.jpg)
33
Thank You!
Please ask any questions you may have.
![Page 34: CGI (Common Gateway Interface)](https://reader033.vdocuments.us/reader033/viewer/2022061607/56814462550346895db0f824/html5/thumbnails/34.jpg)
34
İyi Bayramlar!