CGI Developer's Guide
CGI Developer's Guide
by Eugene Eric Kim
Chapter 1 Common Gateway Interface (CGI)
Chapter 2 The Basics
- Hello, World!
- Outputting CGI
- Installing and Running Your CGI Program
- A Quick Tutorial on HTML Forms
- Accepting Input from the Browser
- A Simple CGI Program
- General Programming Strategies
Chapter 3 HTML and Forms
- A Quick Review of HTML
- Some Examples
Chapter 4 OutPut
- Header and Body: Anatomy of Server Response
- Formatting Output in CGI
- Dynamic Pages
- A "Counter" Example
- No-Parse Header
Chapter 5 Input
- How CGI Input Works
- Parsing Strategies and Tools
- An Example: Guestbook
Chapter 6 Programming Strategies
- CGI Strategies
- An Enhanced Guestbook
- Practical Programming
Chapter 7 Testing and Debugging CGI
Chapter 8 Client/Server Issues
- Client Versus Server
- HTTP: The Web Server Protocol
- Extending the Web Server
- Extending the Web Client
Chapter 9 CGI Security
- Basic Security Issues
- Writing Secure CGI Programs
- Secure Transactions
Chapter 10 Basic Applications
- Two Small Programs
- Generic Form Parser
Chapter 11 Gateway
- Using Existing Network Applications
- True Client/Server Gateways
- E-Mail Gateway
Chapter 12 Databases
- What Is a Database?
- Database Implementations
- Search and Retrieval
- Online Video Library
Chapter 13 Multipart Forms and Maintaining State
- Multipart Forms
- Shopping Carts
Chapter 14 Proprietary Extensions
- HTML Extensions
- Server-Side Push
- File Upload
- Maintaining State with Cookies
Chapter 15 Imagemaps
- Server or Client?
- Imagemaps Using Forms
Appendix A CGI Reference
Appendix B HTML Guide
- General Structure
- Text Formatting
- Physical Formatting
- Inline Multimedia
- Special Characters
Appendix C Server-Side Includes
Appendix D cgi-lib.pl Reference Guide
- Using cgi-lib.pl
- Routines and Variables
- Source Code
Appendix E cgihtml Reference Guide
- Getting Started
- Using cgihtml
- Source Code
Copyright © 1996 by Sams.net Publishing
All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Neither is any liability assumed for damages resulting from the use of the information contained herein. For information, address Sams.net Publishing, 201 W. 103rd St., Indianapolis, IN 46290.
International Standard Book Number: 1-57521-087-8
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Sams.net Publishing cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.
|President, Sams Publishing||Richard K. Swadley|
|Publishing Manager||Mark Taber|
|Managing Editor||Cindy Morrow|
|Marketing Manager||John Pierce|
|Assistant Marketing Manager||Kristina Perry|
|Acquisitions Editor||Brad Jones, Sharon||Development Editor||Angelique Brittingham|
|Software Development Specialist||Steve Straiger||Production Editor||Tonya R. Simpson|
|Copy Editor||Bart Reed, Kris Simmons, Stacey Houston, Beth Spencer, Anne Owen, Chuck Hutchinson|
|Technical Reviewer||Justin Bell, Kelly Held, Ian Anderson||Editorial Coordinator||Bill Whitmer|
|Technical Edit Coordinator||Lynette Quinn||Resource Coordinator||Deborah Frisby|
|Formatter||Frank Sinclair||Editorial Assistants||Carol Ackerman, Andi Richter, Rhonda Tinch-Mize,|
|Cover Designer||Alyssa Yesh||Book Designer||Alyssa Yesh|
|Copy Writer||Peter Fuller||Production Team Supervisor||Brad Chinn|
|Production||Gina Brown, Mona Brown, Michael Brumitt, Jeanne Clark, Michael Dietsch, Sonja Hart, Mike Henry, Louisa Klucznik, Ayanna Lacey, Chris Livengood, Steph Mineart|
The physicist and Nobel Laureate Richard Feynman once tried to prepare a freshman lecture on an obscure topic in physics. Feynman was unable to come up with a satisfactory lecture and suggested that because he was unable to teach it, he really did not understand it. Writing this book helped reveal my own weaknesses and knowledge deficiencies, and I hope I was able to adequately overcome them and write a concise and useful resource.
I could not write this book without the aid of many, many others. First, the countless and relatively anonymous souls on the Internet are largely responsible for my knowledge on the topic. Without the help of the many who read the newsgroups (especially comp.infosystems.www.authoring.cgi), who provide references on their own World Wide Web sites, and who contribute freely available code for everyone to use, I would never have learned so much so quickly about both the Web and CGI programming.
First, I must thank my acquisitions editor at Sams Publishing, Brad Jones, who so patiently put up with my odd and very busy schedule and some late deadlines. Without his patience and belief in me, I would never have had the opportunity to write this book nor the faith to finish it. Thanks to the many others at Sams Publishing as well for their hard work in making this publication a reality.
Many odd chains of events led to my interest in this subject and the publication of this book. I must first thank the hard-working student members of the Harvard Computer Society (HCS) for providing me with the resources and opportunity to pursue my interest. Thanks also to the people at the Harvard Arts and Sciences Computer Services (HASCS), especially Mike Burner and Richard Steen, for hiring me to work on the Web at Harvard at a time when the Web was a new and unpredictable technology.
Thanks to Steve Brenner, former president of the Harvard Computer Society and the author of the widely used cgi-lib.pl Perl library for first introducing me to the Web, as well as providing guidance and advice throughout my four years in college. Thanks as well to many other members of the Harvard Computer Society for the excellent discussion; I learned much from my peers here.
Thanks to Ray Valdes, formerly the senior editor of Dr. Dobb's Journal, who realized the widespread interest in CGI programming and gave me my first opportunity to publish an article on an interesting and useful topic. Too many people to mention here contributed to my book in many ways; however, I must thank Ben Laurie-the author of the apache-ssl Web server-for helping me with technical matters, John Stafford for his review and extremely helpful comments on the database chapter, and Matt Howitt for his willingness to review and criticize the entire book.
Special thanks go to Greg Corbett, who both proofread some chapters and put up with me for four long, exciting years of college; Jay Sutaria, my programming partner in crime who helped refine my own knowledge of computer science and programming and also taught me the importance of sleep (or lack thereof); David Holland, to whom I almost always consulted to discuss complex technical and programming issues; and Terry Burnham, who rebuilt my confidence, helped prepare me to face the world and its many challenges, and provided constant advice and encouragement.
Finally, thanks and much love go to my mother, father, Sujean, and Jessica. I could not have accomplished this and many other things without their support and constant love.
Sams.net Publishing would like to thank Eric Garrison, Ian Anderson, and Christopher Stone for their last-minute help on this project.
About the Author
Eugene Eric Kim is a graduate of Harvard University. He has done programming work that ranges from working with neural networks to predicting the secondary structure of DNA to designing and implementing object-oriented, client/server systems using Perl. Mr. Kim, a published writer in magazines such as Dr. Dobb's Sourcebook, brings his vast knowledge of the Common Gateway Interface to bear as he shows you how to develop CGI applications.
I received my first Internet account in the summer of 1992, having just graduated from high school. E-mail, I discovered, was a wonderful thing, and when I enrolled in college in the fall, the first thing I did was get an e-mail account. My freshman year in college, I fell in love with the open environment of the Internet and the free sharing of ideas.
Circumstances led me to discover the World Wide Web before its explosion. I was fortunate enough to be around people who were familiar with the Web, to have the resources to access the Web, and to know how to find information on the Internet. Becoming knowledgeable in the topic meant scrounging for information anywhere I could find it. It was all freely available on the Internet, but it was completely disorganized.
There is a great need for a comprehensive book on CGI programming that gathers all of the freely available information from the Internet into one convenient reference. Additionally, one thing that is difficult to obtain over the Internet is a very focused commentary on CGI programming based on much experience programming real applications.
This book is a comprehensive guide on programming CGI applications. I have included complete details on CGI and related protocols, as well as detailed explanations. I have also included some conceptual chapters, including information about client/server applications, network security, and databases.
I am not a programmer by training. I believe strongly in learning by doing and by looking at other people's work. Consequently, most of this book is devoted to source code and examples. I highly encourage you to work through each example, and try duplicating some of these examples from scratch. Much of the book will become more meaningful as you gain experience programming CGI applications.
Who Should Read This Book
I wrote this book for the enthusiastic and the curious. You do not have to be an expert computer scientist or programmer to learn and master CGI programming. However, you must know at least one programming language and should have some basic programming experience. Your ability as a CGI programmer reduces to your ability as a programmer in general. After you learn the basic concepts and begin programming, you will rapidly gain the necessary knowledge and instincts to write effective applications.
Although the concepts in this book apply to any programming language, the examples are limited to C and Perl. C and Perl are two very popular CGI programming languages with different things to offer. It is useful to look at both C and Perl examples for similar tasks in order to understand some of the subtle distinctions between the different languages.
Most of the examples use the cgihtml library for C programs and cgi-lib.pl for Perl. My Perl examples are written in Perl 4. I chose not to use Perl 5 because proper Perl 5 programming requires some understanding of object-oriented programming and other advanced features. Instead of distracting you with the nuances of Perl 5, I decided to use Perl 4 examples (which are compatible with the Perl 5 interpreter). If you know and are familiar with Perl 5, I highly recommend you look at Lincoln Stein's CGI.pm module, an excellent programming library for CGI applications. This and other libraries are included on the CD-ROM that accompanies this book.
Although knowing at least one programming language (preferably either C or Perl) is required, sometimes books like this are useful tools for learning how to program in a language. You should not use this book as a beginner's guide to C or Perl, but I hope your programming skills in either language are strengthened by going through the examples and applying some of the concepts on your own.
Finally, this book is centered largely around UNIX, although again, most of the concepts and code are portable to all platforms. I have tried to keep as many examples as possible fairly general so that they apply to all platforms. Some of the more advanced topics and examples required a focus on at least one platform. In these cases, my discussion is based on the UNIX environment. On other, rarer occasions, I also include more advanced information on both the Windows and Macintosh environments. I include some references to more information regarding these other platforms in the reference section at the end of this book.
How to Use This Book
CGI Developer's Guide is divided into three sections. The first part is an introductory section, the second is devoted to a conceptual discussion of CGI programming, and the final section covers several real applications. This book is rated as an intermediate to advanced book, although again, the only real requirements are enthusiasm and curiosity (and at least one programming language).
If you are new to the Web or to CGI programming, I recommend you read all of Parts I and II. Those of you who are familiar with the Web or who just don't like reading books should read Chapter 1, "Common Gateway Interface (CGI)," and Chapter 2, "The Basics." Chapter 2 is a fairly comprehensive introduction with a slant on quickly applying the concepts. You should be able to write CGI applications after reading only Chapter 2. If you are already somewhat familiar with CGI programming, I recommend reading the chapters in Part II for a thorough conceptual discussion on CGI to reinforce your practical knowledge. You might also want to compare your own experiences with some of the code in Part III.
For most readers, I recommend beginning with Chapters 1 and 2. After trying some of the examples, read Chapter 10, "Basic Applications," and see how much you understand. Read Part II to reinforce your understanding of CGI. If you have a specific project in mind, you might want to try it at this point. Finally, go through each chapter in Part III thoroughly.
Conventions Used in This Book
This book uses certain conventions that make it easier for you to use.
- A monospaced font is used to identify program code.
- An italic monospaced font is used to identify placeholders used in CGI syntax descriptions.
Notes are used to call your attention to information that is important to understanding the material covered.
Tips like this are used to identify ways to do things more efficiently.
Cautions like this are used to help you avoid common problems you might encounter and to keep you clear of potential programming difficulties.
In order to help you understand where you are going and where you have been, each chapter begins with a short description of the information that is presented and ends with a summary of the material that has been covered.
I have tried to make this book as comprehensive, useful, up-to-date, and accurate as possible. However, there might be some errors or new information. As a supplement to this book, you should check its Web page at URL:http://hcs.harvard.edu/~eekim/cgibook/. Additionally, you can subscribe to a mailing list for announcements and updates. To subscribe, send e-mail to firstname.lastname@example.org with the following body:
I have included a comprehensive list of references at the end of this book that contains both the primary source for most of this book as well as many excellent secondary sources. It also contains a list of sites on which you can obtain the latest versions of the software described in this book. Many software packages and all of the source code in this book are on the included CD-ROM as well, although some of these packages might be outdated by the time this book is printed.