(CGI) and Perl

klipitiklopwarrenSoftware and s/w Development

Nov 7, 2013 (3 years and 7 months ago)

63 views

1

Ch27
-

Common Gateway Interface (CGI) and
Perl


Outline


Server
-
side processing


Common Gateway Interface (CGI)


Other server
-
side programming technologies


(Active Server Pages (ASP))


Java Servlets and Java Server Pages (JSP)


PHP Hypertext Processor


Python


Perl


Simple Perl examples


Handling HTTP Requests


GET and POST


CGI Environment Variables


Viewing CGI Environment Variables in Perl


Using Perl DBI to Connect to a Database

2

Web Programming Technologies

CLIENT

SERVER

Web

Browser

HTML Pages

Web

Server

Content

Authoring:

HTML

Protocols:

HTTP

Client Scripts:

JavaScript

Client Programs:

Java Applets

Server Scripts:

Perl, ASP,

PHP, JSP

Server Programs:

Java Servlets

HTTP Request

HTML Page

Protocols:

CGI

Server Side Processing

Client Side Processing

HTTP Response

3

What is server
-
side processing?


The use of programs on the server
-
side to process client input
and produce client output


Generates custom responses for clients


Has access to server
-
side software that extend server functionality


Provides programmers greater flexibility


Contains greater programmatic capabilities than client
-
side equivalents


There are several technologies that can be used to create server
-
side scripts


Common Gateway Interface (CGI)


Microsoft Active Server Pages (ASP)


HTML embedding VBScript


PHP Hypertext Processor (PHP)


Java Servlets and Java Server Pages (JSP)


Common script languages


Perl, VBScript, Python, Java

4

Common Gateway Interface (CGI)


A standard for how a web server interact and transfer information
to an application program (called CGI script)


Application is responsible for generating some dynamic content


Application can call database


Extend servers beyond simple HTML file serving


CGI = Common Gateway Interface.


Common
-

supported by almost all web servers, can be used by many
platforms and
programming languages such as Perl, C, C++, VBScript,
etc


Gateway
-

pathway between server and application programs


Interface
-

provides a well
-
defined way to call up its features


CGI is Not…


a programming language

5






Client

(Browser)

Web Server

1. Sends

HTTP
-
request

6. Sends

HTTP
-
response

(HTML Page)

Environment

variables

2. Sets data

CGI script

3. Calls

script

4. Reads data

5. Returns

output

CGI at work


Read explicit data (form data) and implicit data (request headers) sent
by client













Generate the results and send explicit data (HTML)

and implicit data (status code and response headers)

back to client

Internet

Database


HTML
-

Form


6

CGI Advantages and Disadvantages


Advantages


Web server and language independence (such as C/C++ or Perl)


Wide acceptance.

De facto
standard (One of the earliest server
-
side
options). Many free example CGI scripts


Simple to use


Disadvantages


Each request starts up a new process of the CGI script


Stateless protocol. Can’t retain information between requests


Communication to application must go through the web server

7

Java Servlets
and Java Server Pages (JSP)


Java servlet is like an applet that runs inside a web server,
extending the servers functionality


A web server must provide an API so Java servlets can be written


JSP is part of the servlet API that allows Java to be embedded
inside HTML


Same concept as ASP


Advantages of servlets and JSP


When written in Java, servlets and JSP are plattform independent


Wide support: from Netscape, Sun, Apache, Oracle, IBM


Servlets and JSPs are compiled, loaded once at server startup, and
service Web requests using separate lightweight threads


Java Servlets and JSP are part of
Java 2 Enterprise Edition
(J2EE)
, a collection of enterprise APIs


8

PHP Hypertext Preprocessor


PHP is a script language in Web programming, which is platform
independent but used primarily on Linux Web servers


Initials come originally from the earliest version of the program, which was called
"Personal Home Page Tools“. Now acronym for
PHP Hypertext Preprocessor


PHP is free and offered under an open source license. The latest version is PHP4.


Interpreter is freely available.


An alternative
and works similar to

ASP technology


LAMP
-

Linux, Apache, MySQL and PHP. Four parts to build fast, robust Web
applications. PHP is a project of the Apache Software Foundation.


As with ASP, the PHP script is embedded within a Web page along with its HTML.
Before the page is sent to a user that has requested it, the Web server calls PHP
to interpret and perform the operations called for in the PHP script.


An HTML page that includes a PHP script is typically given a file name suffix of
".php" ".php3," or ".phtml".


Like ASP, PHP can be thought of as "dynamic HTML pages," since content will
vary based on the results of interpreting the script.

9

Perl


Perl (Practical Extraction Report Language) is
an interpreted
language (not compiled, like Java) which is ideally suited for CGI
programming.


written by Larry Wall in 1987. Combines syntax from several UNIX utilities
and languages.


has also been adapted to non
-
UNIX platforms. ActivePerl, the standard
Perl implementation for Windows
is freely available


Perl is a text processing language that provides comprehensive
string handling functions


designed to handle a variety of system administrator functions


It is widely used to write Web server programs for such tasks as


automatically updating user accounts and newsgroup postings


processing removal requests


synchronizing databases and generating reports

10

Python


An interpreted, object
-
oriented programming language
developed by Guido van Rossum.


Can be used to write:


CGI
-
scripts


ASP
-
scripts


Large
-
scale Internet search engines


Small administration scripts


GUI applications


Python is very portable since Python interpreters are available
for most operating system platforms.


Although Python is copyrighted, the source code is freely
available, and unlike GNU software, it can be commercially re
-
sold.

11















Perl
-

Simple Example

#!/usr/bin/perl







$name=“Foo”;

$friends=1;


#I only have one friend

#$friends=2;


#actually, I have 2 friends

#$friends=“many;”

#I have too many friends


if ($friends == 1)


{


print “$name, you are my best friend.”;

}


The “shebang” construct (
#!
)
indicates the path to the Perl
interpreter on Unix systems.

Function
print

writes the string to
the screen.

12

Data Types in Perl

Data type

Format for
variable names
of this type

Description

Scalar

$
scalarname

Can be a string, an integer number, a

floating
-
point number or a reference.

Array

@
arrayname

An ordered list of scalar variables that can
be accessed using integer indices.

Hash

%
hashname

An unordered set of scalar variables
whose
values
are accessed using unique
scalar
values
(i.e., strings) called
keys
.

Fig. 27.3

Perl data types.


13

Client
-
Server Interaction


HTTP is a request
-
response protocol.
Client sends request, server
responds.


HTTP Request (Client is sending request message to Server ):



When a client sends a request, it consists of three parts:


Request line:

(
e.g. POST /im269/w7.html HTTP/1/1
)


HTTP method type (GET or POST)


Resource name (URL)


Protocol/version



Header:

contains browser information (optional)


Message body:

in POST method request information is stored here (optional)


HTTP Response (Server is sending response message to Client):


The response sent by the server also consists of three parts:


Response line:

(server protocol and status code)


Header:

specifies the type of output (content
-
type such as text/html, location such as
http://www.xxx.com, or no response such as 204 No Response)


Message body
:
(the actual data, such as sending back a Web page or a file to the
user)

14

HTTP Response from a CGI script


A CGI script that produces a HTTP response.
CGI responds to
the server via standard output


Example CGI scripts:

1. Return content to user

print (“Content
-
type: text/html”);

print (““);

print (“<HEAD>”);

print (“<TITLE>CGI script output</TITLE>”);

print (“</HEAD>”);

print (“<BODY>”);

print (“<H1>Output from a CGI script</H1>”);

...

print (“</BODY>”);





2. Return a location to user


Location: http://www.xxx.com

3. Return no response


Status: 204 No Response

15

GET and POST request methods


Most common ways to send data from client to server:


GET

request


Retrieves appropriate resource from Web server


Form contents are appended as a querystring to the URL


Limits query to 1024 characters stored in request line


Browsers cache (save on disk) HTML pages


Allows for quick reloading


Cache responses to get request


Do not cache responses to post request


POST
request


Updates contents of Web server (posting new messages to forum)


The data is sent as part the message body of the request
.


Not part of URL and cannot be seen by user


Has no limit for length of query


Posts data to server
-
side form handler


Note that the client don’t always need to send data to server to generate a
response

16

Ways to call Server
-
Side Scripts


The URL specifies a script called “program”

to be executed Instead of an HTML
file.

http://some.machine/cgi
-
bin/program.pl


Sending data directly to a script (
using the GET
-
method)

http://www.google.com/search?hl=en&q=CGI


Invoking can also be done through a link.
A hypertext reference can refer to
:


An exutable script


<a href=http://domain_name/cgi
-
bin/scriptname>


An exutable script with arguments
(
using the GET
-
method)


<a href=http://domain_name/cgi
-
bin/scriptname?arg1+arg2>


An Active Server Page


<a href=http://domain_name/catalog.asp>


It is much easier provide user input from an HTML form:

<FORM ACTION=“http:// http://www.google.com/search”>


Input elements go here

</FORM>

17

Encoding User Input from Forms


HTML
-
forms are used to provide input to CGI scripts. The
<FORM> tag requires two arguments:


ACTION


the URL representing the script which is to receive the form information


METHOD


either GET or POST


represents the way in which the information will get passed to the script


Using METHOD=“GET”.

1.
FORM elements’ names are paired with their contents ie.

<input type=“text” size=“9” maxlength=“9” name=“zip”>

User inputs 10003, then zip=10003

2.
All such name/value pairs are joined together with an ‘&’

3.
The entire input data string is URL encoded ie.
name=Jane+Doe&address=35+W%27+4th+St%27&zip=10003



On the server end the data is placed in the environment variable
QUERY_STRING


18

Three ways to
pass data to
CGI scripts


1.
Environment variables (When the GET method is used in an HTML form)


Data is encoded as part of the URL


Portions of the URL are assigned to the environment variables QUERY_STRING,
PATH_INFO, and SCRIPT_NAME:

http://www.usc.edu/cgi
-
bin/scriptname/extrapath/afile?input_data


QUERY_STRING

is assigned

input_data


PATH_INFO is assigned

extrapath/afile


SCRIPT_NAME is assigned

cgi
-
bin/scriptname

2.
Standard input (When the POST method
is used)


The data is given in the message body of the HTTP request



Web server forwards message body to the script via the standard input stream

3.
Command

line arguments


For example, to pass arg1 and arg2 to a script:


<a href=http://domain/cgi
-
bin/copy?arg1+arg2>

19

CGI Environment Variables


CGI environment variables are used to pass information about
the context of execution.

These variables are global, and
accessible to all running programs


Programs
-
> programs


Variables are text strings (name and value pairs)


Can be classified into two major categories


Nonrequest specific


Request specific


Nonrequest
-
specific environment variables


These variables are set for all requests


SERVER_SOFTWARE

The name and version of the information server
software answering the request


SERVER_NAME

The server's hostname, DNS alias, or IP address


GATEWAY_INTERFACE

The revision of the CGI specification to which this
server complies.

20

Request
-
specific environment variables

(1)



These variables are set depending on the request being fulfilled
by the CGI script:


SERVER_PROTOCOL

The name and revision of the information protocol this
request came in with. Format: protocol/revision


SERVER_PORT

The port number to which the request was sent.


REQUEST_METHOD

The method with which the request was made. For HTTP,
this is "GET", "POST", etc.


PATH_INFO

The extra path information, as given by the client. E.g.
http://www.usc.edu/cgi
-
bin/scriptname/extrapath/afile?input_data


PATH_TRANSLATED

the PATH_INFO path translated into an absolute document
path on the local system, which takes the path and does any virtual
-
to
-
physical
mapping to it.


SCRIPT_NAME

A the path and the name of the script being executed, as
referenced in the URL.


QUERY_STRING

The information which follows the ? that referenced this script.

21

Request
-
specific environment variables

(2)


REMOTE_HOST

The Internet domain name making the request.


REMOTE_ADDR The IP address of the remote host making the request.


AUTH_TYPE If the server supports user authentication, and the script is
protects, this is the protocol
-
specific authentication method used to
validate the user.


REMOTE_USER the username that server and script have authenticated.


REMOTE_IDENT the remote user name retrieved by the server using
inetd identification (RFC 931),


CONTENT_TYPE For queries which have attached information, such as
POST
-
method, this is the MIME
-
content type of the data.


CONTENT_LENGTH The length of the content as given by the client.


22

Perl script to display CGI environment variables

#!/usr/bin/perl

2 # Fig. 27.11: fig27_11.pl

3 # Program to display CGI environment variables.

4

5 use CGI qw( :standard );

6

7 $dtd =

8 "
-
//W3C//DTD XHTML 1.0 Transitional//EN
\
"

9
\
"http://www.w3.org/TR/xhtml1/DTD/xhtml1
-
transitional.dtd";

10

11 print( header() );

12

13 print( start_html( { dtd => $dtd,

14 title => "Environment Variables..." } ) );

15

The

use

statement

instructs

Perl

programs

to

include

the

contents

(e
.
g
.
,

functions)

of

predefined

packages

called

modules
.

The

import

tag

:
standard

imports

a

predefined

set

of

standard

functions
.

The

start_html

function

prints

the

document

type

definition

for

this

document,

as

well

as

several

opening

XHTML

tags

(
<html>
,

<head>
,

<title>
,

etc
.
,

up

to

the

opening

<body>

tag)
.

23

Perl script to display CGI environment variables, cont.


16
print( "<table style =
\
"border: 0; padding: 2;

17

font
-
weight: bold
\
">" );

18

19
print( Tr( th( "Variable Name" ),

20

th( "Value" ) ) );

21

22
print( Tr( td( hr() ), td( hr() ) ) );

23

24
foreach $variable ( sort( keys( %ENV ) ) ) {

25

26

print( Tr( td( { style => "background
-
color: #11bbff" },

27

$variable ),

28

td( { style => "font
-
size: 12pt" },

29

$ENV{ $variable } ) ) );

30

31

print( Tr( td( hr() ), td( hr() ) ) );

32
}

33

34
print( "</table>" );

35
print( end_html() );

The

%
ENV

hash

is

a

built
-
in

table

in

Perl

that

contains

the

names

and

values

of

all

the

environment

variables
.

Function

keys

returns

an

unordered

array

containing

all

the

keys

in

the

%
ENV

hash
.

sort

orders

the

array

of

keys

alphabetically
.

The

foreach

loop

iterates

sequentially

through

the

array

returned

by

sort,

repeatedly

assigning

the

current

key’s

value

to

scalar

$
variable
.


Hash

values

are

accessed

using

the

syntax

$
hashName{

keyName

}
.

In

this

example,

each

key

in

hash

%
ENV

is

the

name

of

an

environment

variable

name

(e
.
g
.
,

HTTP_HOST
)
.

Function

end_html

returns

the

closing

tags

for

the

page

(
</body>

and

</html>
)
.

24

Program Output

25

Introduction to DBI


Databases part of distributed applications


Divides work across multiple computers


Retrieves result set and displays results


Driver


Helps programs access databases


Each database can have different syntax


Each database requires its own driver


Interface


Provides uniform access to all database systems


Database interface


Programmatic library for accessing relational database

26

Perl Database Interface


Perl DBI


Enables users to access relational databases from Perl programs


Database independent


Most widely used interface in Perl


Uses handles (Fig. 22.29)


Object
-
oriented interfaces


Driver handles, database handles, statement handles


Each connection into the database is identified by a handle whose
methods are called by Perl scripts


Data Object Handles

Description

Driver Handles

Encapsulates the driver for the database; rarely used in a Perl script.

Database Handles

Encapsulates a specific connection to a database; can send SQL
statements to a database.

Statement Handles

Encapsulat
es specific SQL statements and the results returned from
them.

Fig. 22.29

Data object handles for Perl DBI.



27

MySQL


Pronounced “My Ess Que Ell”


Robust and scalable RDBMS


Multiuser, multithreaded server


Performs multiple commands concurrently


Uses SQL to interact with data


Supports various programming languages


C, C++, Java, Python, Perl, PHP, etc


Supports various operating systems


Windows, Linux and Unix


Access multiple databases with single query

28

Fig27_19.pl

1
#!/usr/bin/perl

2
# Fig. 27.19: fig27_19.pl

3 #

CGI program that generates a list of authors
.

4

5
use CGI qw( :standard );

6
use DBI;

7
use DBD::mysql;

8

9
$dtd =

10
"
-
//W3C//DTD XHTML 1.0 Transitional//EN
\
"

11

\
"http://www.w3.org/TR/xhtml1/DTD/xhtml1
-
transitional.dtd";

12

13
print( header() );

14

15
print( start_html( { dtd => $dtd,

16

title => "Authors" } ) );

17

18
# connect to "books" database, no password needed

19
$databaseHandle = DBI
-
>connect( "DBI:mysql:books",

20

"root", "", { RaiseError => 1 } );

21

22
# retrieve the names and IDs of all authors

23
$query = "SELECT FirstName, LastName, AuthorID

24

FROM Authors ORDER BY LastName";

25

26
# prepare the query for execution, then execute it

27
# a prepared query can be executed multiple times

28
$statementHandle = $databaseHandle
-
>prepare( $query );

29
$statementHandle
-
>execute();

30

31
print( h2( "Choose an author:" ) );

32

33
print( start_form( { action => 'fig27_20.pl' } ) );

34

35
print( "<select name =
\
"author
\
">
\
n" );


The

Perl

DBI

module

and

the

MySQL

driver,

DBD
::
mysql

are

required
.

Connect

to

the

database

by

calling

DBI

method

connect
.

If

the

connection

succeeds,

function

connect

returns

a

database

handle

that

is

assigned

to

$
databaseHandle
.

The

database

handle

is

used

to

prepare

the

query

(using

the

method

prepare
)
.

This

method

prepares

the

database

driver

for

a

statement,

which

can

be

executed

multiple

times
.

Method

execute

executes

the

query
.

29

Fig27_19.pl

36

37
# drop
-
down list contains the author and ID number

38
# fetchrow_array returns a single row from the result

39
while ( @row = $statementHandle
-
>fetchrow_array() ) {

40

print( "<option>" );

41

print( "$row[ 2 ]. $row[ 1 ], $row[ 0 ]" );

42

print( "</option>" );

43
}

44

45
print( "</select>
\
n" );

46

47
print( submit( { value => 'Get Info' } ) );

48
print( end_form(), end_html() );

49

50
# close the statement and database handles

51
$databaseHandle
-
>disconnect();

52
$statementHandle
-
>finish();

Method

fetchrow_array

accesses

the

results

of

the

query
.

Each

call

to

this

function

returns

the

next

set

of

data

in

the

resulting

table

until

there

are

no

data

sets

left
.

Each

row

is

returned

as

an

array

and

assigned

to

@row
.


Each

value

is

print
ed

as

a

list

option
.

Close

the

database

connection

(using

method

disconnect
),

and

specify

that

the

query

is

finished

by

calling

method

finish

Program Output