chapter 9
DESCRIPTION
Chapter 9. Using Perl for CGI Programming. 9.1 The Common Gateway Interface. Computation is required to support sophisticated web applications Computation can be done by the server or the client (browser) or both - PowerPoint PPT PresentationTRANSCRIPT
Chapter 9
Using Perl for CGI
Programming
9.1 The Common Gateway Interface
Computation is required to support sophisticated web applications
Computation can be done by the server or the client (browser) or both
The Common Gateway Interface (CGI) is a protocol describing a standard way of providing server-side active web content Under circumstances determined by the server, an
HTTP request will cause a program to run The output from the program will be the response
returned to the client making the request Data from forms will be encoded in a request
sent do the server This data can be used by a CGI program
9.1 Other Approaches
ASP.NET from Microsoft Executable code embedded in web
pages Java Servlets and Java Server
Pages Servlets are executable code in Java Java server pages (JSP) are
executable code embedded in web pages
9.2 CGI Linkage
There are several common ways a web server can use to determine if a web request should cause a CGI program to execute
Usually, the determination is based on the target of the request Certain directories can be designated as
containing CGI programs Often cgi-bin is used
Certain file extensions can be designated as signifying a CGI program
.pl usually identifies a Perl script
9.2 CGI Linkage
A request for a CGI program to executed can be made with a simple link (<a> tag in HTML) This method is limited Any data sent must be hard-coded
into the link The usual way for invoking CGI
programs is through the action attribute of a form Data from the form is then encoded
and sent with the request
9.2 CGI Program Action
The CGI program generally creates the response by sending output to the standard output stream Using print in Perl
The CGI program will usually have to provide the content-type header Content-type: text/html This will be the last line of the response
headers and must be followed by a blank line The rest of the response is created by
printing the HTML code desired to standard output
9.3 Query String Format
Both GET and POST requests under HTTP can be used to carry form data from the browser to the server
The data is formatted into a query string Each form of request includes the
information in a different way In a GET request, the query string is appended to
the URL of the request, with a question mark used to separate it from the first part of the URL
In a POST request, the query string is sent as the data part of the request
In both cases, the query string is formatted the same
9.3 Query String Format
Each unit of data sent is encoded as name = value
The name is usually the value of a name attribute of a form widget
The value is the string representation of the widget value
Several units are combined by separating them with ampersands, &
Special characters in name and value are encoded The code is a percent sign, %, followed by the
hexadecimal code for the character A space is encoded as %20 Some browsers will encode spaces as +
9.3 Query String Access
When the POST method is used, the query string can be read from standard input The CONTENT_LENGTH
environment variable tells how many characters can be read
When The GET method is used, the query string is given by the value of the environment variable QUERY_STRING
9.4 The CGI.pm Module
Writing a CGI program from scratch is very tedious Creating HTML requires numerous print
statements Retrieving data from the query strings is
tricky One of the reasons for Perl’s popularity for CGI
programming is the powerful pattern matching facilities which greatly ease the task of parsing a query string
The Perl module CGI.pm provides numerous functions to help with both of these problems
9.4 Shortcut Functions in CGI.pm
Shortcut functions return string values containing HTML code Note, the string must be printed out to actually
become part of the response Some functions take no arguments print br; puts the tag <br/> into the response Some functions can be given a single argument
which becomes the content of the tag print h1(“A Header”) puts <h1>A Header</h1> into the response
9.4 Tag Attributes in Shortcut Functions
Attributes for tags are provided as attribute/value pairs in the argument list of the shortcut function The arguments are provided in the form of a literal
hash Attribute names are preceded by a hyphen, -
print textarea(-name => "Description", -rows => "2", -cols => "35"); produces this in the response <textarea name="Description"
rows="2" cols="35"> </textarea>
9.4 Attributes and Content
Attributes and content can both be provided to a shortcut by giving the attributes explicitly as a hash reference
print a({-href => "fruit.html"}, Press here for fruit descriptions"); produces this in the response <a href="fruit.html"> Press here
for fruit descriptions </a> If an array reference is provided for the
content, a tag is created for each item, giving the tag all the specified attributes
9.4 More Shortcuts
The head shortcut function provides a standard header
The start_html function provides the beginning part of an HTML document, through the <body> start tag The function takes one argument,
the document title
9.4 Accessing Form Data
The param function takes a name as an argument
The function returns the value associated to the name, if any, in the request
9.4 A Complete Form Example
The example includes an HTML page, popcorn.html, for placing an order
Also it includes a Perl CGI program for processing the data, popcorn.cgi
Note, to run this example, you must have a web server configured to run CGI programs, you cannot simply browse to the file on your local system
9.5 A Survey Example
The survey example is keeps track of data from a simple survey
There are three components conelec.html presents the form and
links conelec1.cgi processes a survey conelec2.cgi presents a summary of
the results
9.5 Saving the Data
A file is used to store a summary of the data
The file is updated by conelec1.cgi after each survey is submitted Care must be taken that two simultaneous
requests do not interfere with each other Both CGI programs will use the Perl flock
function that will allow only one program at a time access to the file
The file is accessed by coneclec2.cgi for each request for a summary
9.5 Table Shortcut Functions
The Tr function will create a sequence of table rows from an argument that is a reference to a list Tr is capitalized to distinguish it
from the transliterate function tr Similarly, the th and td functions
will produce a sequence of tags from a reference to a list
9.5 Table Example
Note the period between the th and td function calls, this concatenates the results in order to make a single row
table({-border => "border"},caption("Sales Figures"),Tr(
[th(["Salesperson", "Mon", "Tues", “Wed", "Thu", "Fri"]),
th("Mary").td(\@marysales), th("Freddie").td(\@freddiesales),
th("Spot").td(\@spotsales),]
));
9.5 Table Example Results
9.6 Cookies
HTTP is a stateless protocol, that is, the server treats each request as completely separate from any other
This, however, makes some applications difficult A shopping cart is an object that must be maintained
across numerous requests and responses The mechanism of cookies can be used to help
maintain state by storing some information on the browser system
A cookie is a key/value pair that is keyed to the domain of the server This key/value pair is sent along with any request made
by the browser of the same server A cookie has a lifetime which specifies a time at
which the cookie is deleted from the browser
9.6 Cookies and Security
Cookies are only returned to the server that created them
Cookies can be used to determine usage patterns that might not otherwise be ascertained by a server
Browsers generally allow users to limit how cookies are used Browsers usually allow users to remove all
cookies currently stored by the browser Systems that depend on cookies will
fail if the browser refuses to store them
9.6 Cookie Functions
The cookie function takes a hash with three keys for the name, value and expiration time of a cookie
The cookie value produced by this function must be passed to the header function using the –cookie key
header(-cookie => $a_cookie) Calling the cookie function with no
arguments produces a hash of all cookies from the current request
The day_cookie.pl example illustrates using a cookie to store the last time the page was visited