book

CGI Programming with Perl, 2nd Edition

by Scott Guelich, Shishir Gundavaram, Gunther Birznieks

June 2000

Intermediate to advanced

470 pages

14h 14m

English

O'Reilly Media, Inc.

Read now

Unlock full access

CGI Programming with Perl, 2nd Edition
A Note Regarding Supplemental Files
Preface
What’s in the BookWhat You Are Expected to Know Before ReadingOverview of the BookConventions in This BookHow to Contact UsAcknowledgmentsAcknowledgments from the First Edition
1. Getting Started
HistoryHow CGI Is Used TodayIntroduction to CGISample CGIInvoking CGI ScriptsAlternative TechnologiesWhy Perl?Alternatives to CGIWeb Server ConfigurationConfiguring CGI ScriptsConfiguring by directoryConfiguring by extension
2. The Hypertext Transport Protocol
URLsElements of a URLAbsolute and Relative URLsURL EncodingHTTPThe Request and Response CycleHTTP HeadersHTTP 1.1 and HTTP 1.0Browser RequestsThe Request LinePUT and DELETEGETHEADPOSTRequest Header Field LinesHostContent-LengthContent-TypeAuthorizationUser-AgentAcceptRefererCookiesServer ResponsesThe Status LineServer HeadersContent-BaseContent-LengthContent-TypeDateETagLast-ModifiedLocationServerSet-CookieWWW-AuthenticateProxiesIdentifying ClientsCachingContent NegotiationMedia TypeInternationalizationEncodingSummary
3. The Common Gateway Interface
The CGI EnvironmentFile HandlesSTDINSTDOUTSTDERREnvironment VariablesCGI Environment VariablesExamining Environment VariablesCGI OutputPartial HeadersOutputting documentsForwarding to another URLSpecifying status codesComplete (Non-Parsed) HeadersExamplesCheck the Client BrowserUser Authentication and IdentificationRestricting Image Hijacking
4. Forms and CGI
Sending Data to the ServerForm TagsQuick Reference to Form TagsThe <FORM> TagThe <INPUT> TagText fieldsPassword fieldsHidden fieldsCheckboxesRadio buttonsSubmit buttonsReset buttonsImage buttonsPlain buttonsThe <SELECT> TagThe <OPTION> tagThe <TEXTAREA> TagDecoding Form Input
5. CGI.pm
OverviewDenial of Service AttacksThe Kitchen SinkStandard and Object-Oriented SyntaxHandling Input with CGI.pmEnvironment InformationAccepthttphttpsquery_stringself_urlurlvirtual_hostAccessing ParametersModifying parametersPOST and the query stringIndex queriesSupporting image buttons as submit buttonsExporting Parameters to a NamespaceFile Uploads with CGI.pmGenerating Output with CGI.pmControlling HTTP Headers with CGI.pmMedia typeStatusCachingSpecifying an alternative targetRedirectionOther headersStarting and Ending Documentsstart_htmlend_htmlStandard HTML ElementsForm ElementsAlternatives for Generating OutputLots of print StatementsHere DocumentsHandling ErrorsDying GracefullyTrapping dieCGI::CarpError SubroutinesCustom Module
6. HTML Templates
Reasons for Using TemplatesRolling Your OwnServer Side IncludesConfigurationFormatEnvironment VariablesTailoring SSI OutputIncluding BoilerplatesExecuting CGI ProgramsCommon ErrorsHTML::TemplateSyntaxLoopsConditionalsIncluding other filesSummaryEmbperlConfigurationExecutemod_perlembpcgi.plSyntaxEmbperl code blocksVariable scopeMeta-commandsHTML LogicTablesList elementsForm input elementsGlobal VariablesExampleEmbperl handlerSummaryMasonA Component Approach
7. JavaScript
BackgroundHistoryCompatibilityFormsInput ValidationValidating elementsValidating submitsValidation exampleValidating twiceData ExchangeWDDXExampleBookmarkletsBookmarklet BasicsCompatibilityBookmarklets and CGI

8. Security
The Importance of Web SecurityHandling User InputCalling External ApplicationsUser Input and the ShellSecurity Strategiesfork and execTrusting the BrowserEncryptionMD5SHA-1Perl’s Taint ModeHow Taint WorksWhat Is Monitored by Taint ModeHow Taintedness Is RemovedAllowing versus disallowingWhy Use Taint Mode?Common Problems with Taint ModeData StorageDynamic FilenamesLocation of FilesFile PermissionsSummary
9. Sending Email
SecurityMailers and ShellsFalse IdentitiesSpamEmail AddressesValidating SyntaxStructure of Internet EmailsendmailCommand-Line OptionsMail Queuemailx and mailPerl MailersprocmailAutoreply from nobodyForwarding to Another User
10. Data Persistence
Text FilesLockingflockManual lock filesWrite PermissionsTemporary FilesAnonymous temporary filesNamed temporary filesDelimitersDBD::CSVDBM FilesDB_FileMLDBMIntroduction to SQLCreating a DatabaseInserting DataAccessing DataUpdating DataDeleting DataDBIUsing DBIConnecting to DBIDatabase manipulationDatabase queryingDBI Address BookAddress book database creation scriptAddress book CGI script
11. Maintaining State
Query Strings and Extra Path InformationHidden FieldsClient-Side CookiesSetting CookiesTesting for Cookies
12. Searching the Web Server
Searching One by OneSearching One by One, Take TwoRegex-Based Search EngineInverted Index SearchSearch Application
13. Creating Graphics on the Fly
File FormatsGIFThe LZW patentPNGJPEGPDFOutputting Image DataAn ExamplebinmodeIncluding Dynamic Images in HTMLRedundant path informationPreventing cachingGenerating PNGs with GDInstallationUsing GDAdditional GD ModulesGD::TextGD::Text::AlignGD::GraphGD::Graph3DPerlMagickInstallationRequirementsEnabling LZW compressionConverting PNGs to GIFs or JPEGsPDF and PostScript SupportImage Processing
14. Middleware and XML
Communicating with Other ServersSocketsIO::SocketLWPAn Introduction to XMLDocument Type DefinitionWriting an XML ParserCGI Gateway to XML Middleware
15. Debugging CGI Applications
Common ErrorsApplication PermissionsThe Pound-BangLine Endings“Malformed” HeaderPerl Coding TechniquesUse strictCheck Status of System CallsIs It Open?Trap dieFile LockingUnbuffer Output StreamUse binmodeDebugging ToolsCheck SyntaxCheck Error LogsRunning Scripts from the Command LineDumping VariablesDebuggersThe Perl debuggerptkdbActiveState Perl debugger
16. Guidelines for Better CGI Applications
Architectural GuidelinesPlan for Future GrowthUse Directories to Organize Your ProjectsUse Relative URLsSeparate Configuration from Your Primary CodeSeparating Display from Your Primary CodeSeparating Storage from Your Primary CodeNumber of Scripts per ApplicationUsing one CGI program rather than many for each major applicationUsing multiple CGI scripts for each major applicationUsing Submit Buttons to Control FlowCoding Guidelines
17. Efficiency and Optimization
Basic Perl Tips, Top TenBenchmark Your CodeBenchmark Modules, TooLocalize Variables with myAvoid Slurpingundef Versus ( )SelfLoaderautouseAvoid the ShellFind Existing Solutions for Your ProblemsRegular ExpressionsFastCGIInstalling FastCGImod_perlInstallation and Configurationmod_perl Considerations
A. Works Cited and Further Reading
ReferencesAdditional ReadingRFCsOther SpecificationsProject Home PagesNewsgroups
B. Perl Modules
CPANInstalling Modulesperldoc
Index
About the Authors
Colophon
Copyright

Content preview from CGI Programming with Perl, 2nd Edition

Chapter 4. Forms and CGI

HTML forms are the user interface that provides input to your CGI scripts. They are primarily used for two purposes: collecting data and accepting commands. Examples of data you collect may include registration information, payment information, and online surveys. You may also collect commands via forms, such as using menus, checkboxes, lists, and buttons to control various aspects of your application. In many cases, your forms will include elements for both: collecting data as well as application control.

A great advantage of HTML forms is that you can use them to create a frontend for numerous gateways (such as databases or other information servers) that can be accessed by any client without worrying about platform dependency.

In order to process data from an HTML form, the browser must send the data via an HTTP request. A CGI script cannot check user input on the client side; the user must press the submit button and the input can only be validated once it has travelled to the server. JavaScript, on the other hand, can perform actions in the browser. It can be used in conjunction with CGI scripts to provide a more responsive user interface. We will see how to do this in Chapter 7.

This chapter covers:

How form data is sent to the server
How to use HTML tags for writing forms
How CGI scripts decode the form data

Sending Data to the Server

In the last couple of chapters, we have referred to the options that a browser can include with an HTTP request. In the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 1565924193Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

CGI Programming with Perl, 2nd Edition

by Scott Guelich, Shishir Gundavaram, Gunther Birznieks

Chapter 4. Forms and CGI

Sending Data to the Server

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.