ch09-cbsx

hopeacceptableSoftware and s/w Development

Oct 28, 2013 (4 years and 16 days ago)

105 views

Chapter 9

Using Perl


for CGI
Programming


Computation is required to support sophisticated web
applications


Computation can be done by the server or the client
(browser) or both


The Common Gateway Interface (CGI) is a protocol
describing a standard way of providing server
-
side active
web content


Under circumstances determined by the server, an HTTP
request will cause a program to run


The output from the program will be the response returned to
the client making the request


Data from forms will be encoded in a request sent do the
server


This data can be used by a CGI program


ASP.NET from Microsoft


Executable code embedded in web pages


Java Servlets and Java Server Pages


Servlets are executable code in Java


Java server pages (JSP) are executable code
embedded in web pages


There are several common ways a web server
can use to determine if a web request should
cause a CGI program to execute


Usually, the determination is based on the
target of the request


Certain directories can be designated as
containing CGI programs


Often cgi
-
bin is used


Certain file extensions can be designated as
signifying a CGI program


.pl usually identifies a Perl script


A request for a CGI program to executed can
be made with a simple link (<a> tag in
HTML)


This method is limited


Any data sent must be hard
-
coded into the link


The usual way for invoking CGI programs is
through the action attribute of a form


Data from the form is then encoded and sent
with the request


The CGI program generally creates the response
by sending output to the standard output stream


Using print in Perl


The CGI program will usually have to provide
the content
-
type header


Content
-
type: text/html


This will be the last line of the response headers and
must be followed by a blank line


The rest of the response is created by printing
the HTML code desired to standard output


Both GET and POST requests under HTTP can be
used to carry form data from the browser to the server


The data is formatted into a query string


Each form of request includes the information in a
different way


In a GET request, the query string is appended to the
URL of the request, with a question mark used to
separate it from the first part of the URL


In a POST request, the query string is sent as the data
part of the request


In both cases, the query string is formatted the same


Each unit of data sent is encoded as




name = value


The name is usually the value of a name attribute of a
form widget


The value is the string representation of the widget value


Several units are combined by separating them with
ampersands, &


Special characters in name and value are encoded


The code is a percent sign, %, followed by the
hexadecimal code for the character


A space is encoded as %20


Some browsers will encode spaces as +


When the POST method is used, the query
string can be read from standard input


The CONTENT_LENGTH environment
variable tells how many characters can be read


When The GET method is used, the query
string is given by the value of the
environment variable QUERY_STRING


Writing a CGI program from scratch is very
tedious


Creating HTML requires numerous print
statements


Retrieving data from the query strings is tricky


One of the reasons for Perl’s popularity for CGI
programming is the powerful pattern matching
facilities which greatly ease the task of parsing a query
string


The Perl module CGI.pm provides numerous
functions to help with both of these problems


Shortcut functions return string values containing HTML
code


Note, the string must be printed out to actually become part of
the response


Some functions take no arguments




print br;



puts the tag <br/> into the response


Some functions can be given a single argument which
becomes the content of the tag




print h1(“A Header”)



puts




<h1>A Header</h1>



into the response


Attributes for tags are provided as attribute/value
pairs in the argument list of the shortcut function


The arguments are provided in the form of a literal hash


Attribute names are preceded by a hyphen,
-




print textarea(
-
name => "Description",







-
rows => "2",







-
cols => "35");



produces this in the response




<textarea name="Description" rows="2"



cols="35">




</textarea>


Attributes and content can both be provided to a
shortcut by giving the attributes explicitly as a
hash reference




print a({
-
href => "fruit.html"},




Press here for fruit descriptions");



produces this in the response




<a href="fruit.html"> Press here for



fruit descriptions </a>


If an array reference is provided for the content,
a tag is created for each item, giving the tag all
the specified attributes


The head shortcut function provides a
standard header


The start_html function provides the
beginning part of an HTML document,
through the <body> start tag


The function takes one argument, the document
title


The param function takes a name as an
argument


The function returns the value associated to
the name, if any, in the request


The example includes an HTML page,
popcorn.html, for placing an order


Also it includes a Perl CGI program for
processing the data, popcorn.cgi


Note, to run this example, you must have a
web server configured to run CGI programs,
you cannot simply browse to the file on your
local system


The survey example is keeps track of data
from a simple survey


There are three components


conelec.html presents the form and links


conelec1.cgi processes a survey


conelec2.cgi presents a summary of the results


A file is used to store a summary of the data


The file is updated by conelec1.cgi after each
survey is submitted


Care must be taken that two simultaneous
requests do not interfere with each other


Both CGI programs will use the Perl flock
function that will allow only one program at a
time access to the file


The file is accessed by coneclec2.cgi for each
request for a summary


The Tr function will create a sequence of
table rows from an argument that is a
reference to a list


Tr is capitalized to distinguish it from the
transliterate function tr


Similarly, the th and td functions will produce
a sequence of tags from a reference to a list


Note the period between the
th

and td
function calls, this concatenates the results in
order to make a single row

table({
-
border => "border"},

caption("Sales Figures"),

Tr
(


[
th
(["Salesperson", "Mon", "Tues", “Wed",




"Thu", "Fri"]),



th
("Mary").td(
\
@
marysales
),




th
("Freddie").td(
\
@
freddiesales
),



th
("Spot").td(
\
@
spotsales
),


]


)

);


HTTP is a stateless protocol, that is, the server treats each
request as completely separate from any other


This, however, makes some applications difficult


A shopping cart is an object that must be maintained across
numerous requests and responses


The mechanism of cookies can be used to help maintain
state by storing some information on the browser system


A cookie is a key/value pair that is keyed to the domain of
the server


This key/value pair is sent along with any request made by the
browser of the same server


A cookie has a lifetime which specifies a time at which the
cookie is deleted from the browser


Cookies are only returned to the server that
created them


Cookies can be used to determine usage
patterns that might not otherwise be ascertained
by a server


Browsers generally allow users to limit how
cookies are used


Browsers usually allow users to remove all cookies
currently stored by the browser


Systems that depend on cookies will fail if the
browser refuses to store them


The cookie function takes a hash with three
keys for the name, value and expiration time of a
cookie


The cookie value produced by this function
must be passed to the header function using the

cookie key




header(
-
cookie => $a_cookie)


Calling the cookie function with no arguments
produces a hash of all cookies from the current
request


The day_cookie.pl example illustrates using a
cookie to store the last time the page was visited