Document 7186381

Download Report

Transcript Document 7186381

CGI with Perl

Darby Tien-Hao Chang (a.k.a. dirty) Department of Electrical Engineering, National Cheng Kung University

A typical Perl CGI session goes something like this:

hello.pl

          #!/usr/bin/perl print "Content-type: text/html\r\n\r\n"; print "\n"; print "Hello World!\n"; print "\n"; print "

Hello World!

\n"; print "\n"; print "\n"; exit (0);

Anatomy of a CGI program

 A CGI program always has 3 basic parts:  MIME type  HTML document  Return value

MIME type

  Content-type: text/html The "\r\n\r\n" is required by the MIME standards (it stands for CRLF CRLF, for those that are curious)     text/plain Plain text, not processed as HTML by the browser text/tab-separated-values Data that will be loaded into a spreadsheet-like program image/jpeg, image/png The data will be displayed as an image application/pdf The document should be viewed by a PDF reader

HTML document

 You know that

Return value

    After a CGI program ends, the web server collects the "return value" of the program so that it knows if there was an error or not This is sometimes useful for debugging purposes because the programmer is allowed to determine the meaning of non-zero return values In Perl, you can specify what the return value of the CGI program is with the exit keyword:   exit (0); # normal exit code exit (1): # something bad happened Change the return value in your hello.pl to a '1' and see if you can find the resulting error code in your web server's error log.

Let

s see the log of your httpd

hello.pl with CGI.pm

                #!/usr/bin/perl # It's always a good idea to use the strict pragma while developing # Perl code, it makes Perl warn about dangerous code use strict; # We're also going to include the CGI module, so that we can take # advantage of other programmer's efforts (One of Larry Wall's basic # tennants is that programmers are fundamentally lazy -- he's probably # right, but I can't be bothered to prove it right now) use CGI; # instantiate a new CGI object my $cgi = new CGI; # perform a single print statement, with liberal use of the perl # string concatenator "." and some CGI methods print   $cgi->header . $cgi->start_html('Hello World!') .

$cgi->h1('Hello World!') . $cgi->end_html; # Tell the webserver everything is fine exit (0);

Where is my CGI.pm?

 Hey, TA

About HTML forms

    An HTML

 tag is the foundation of a user input section on a web page.

Everything following that tag through the corresponding elements such as these:          

A Text Input Box

A Radio Button

A Hidden Varible

A Submit Button

tag can contain Where each element has a

name

and an associated

value

.

The value may be included with the tag itself (see the radio and hidden examples above), and/or it can be supplied by the user.

Names

  Variable names can be any legal HTML identifier and are almost always supplied via the

name

property of an HTML tag:      Once the form above is sent to the web server, the CGI program will be able to access these elements by those names:      my $foo = $cgi->param('foo'); my $bar = $cgi->param('bar'); my $hair_index = $cgi->param('Desired Hair Color'); my $date = new Date($cgi->param('Date')); my $name = $cgi->param('First Name');

Values

 A value can either be a string (as shown above), or it can be an array of items  How do you access the variables in the case that you have a series of checkboxes?

 my @values = $cgi->param('listOfStuff');

POST and GET

 Let's take a closer look at the

tag:   The

action

attribute is a path to your CGI program, but what does the

method

attribute do?

 There are two different ways that an HTTP request can send CGI variables to a server, GET and POST

GET

    A GET request is encoded in the URL of an HTTP request by using the question-mark (?) delimiter:  http://somserver/cgi-bin/foo.pl?fname=Craig&lname=Kelley Everything after the question mark is the query in the format of name=value A typical CGI program for the above request:    my $first_name = $cgi->param('fname'); my $last_name = $cgi->param('lname'); print "$first_name $last_name"; And the result will be:  Craig Kelley   You can see the variables and their values in the location bar of most web browsers You should always keep GET requests under 1024 characters, otherwise you may run into problems with older browsers

POST

     A POST request is sent along what is known as an out-of-band (OOB) channel that does not utilize the URL, but rather a special network pipe of its own The advantage of this method over the GET method is that a lot of data can be sent without cluttering up the URL A POST request will look like any other request:  http://someserver/cgi-bin/my_script.pl

But the browser will tell the web server that it has additional variable information, and it will be sent along the same connection that the URL is sent Many web applications that deal in a lot of data are well served with POST sessions

Which to Use?

 It is good practice to use the GET method whenever you are able to because the POST method is more difficult for a user to manage, and it doesn't function well with a browser's back or history button  On the other side, it's a good idea to use the POST method when something secure or private is being sent such as a password or a credit card number

Sample HTML and CGI program

 http://dirty.csie.org/form_example.html

 http://dirty.csie.org/lesson2.pl

Using cookies

  What is a Cookie?

   A cookie is a text-only string that gets entered into the memory of your browser This value of a variable that a website sets If the lifetime of this value is set to be longer than the time you spend at that site, then this string is saved to file for future reference Why do sites use Cookies    These range from the ability to personalize information (like on My Yahoo or Excite), or to help with on-line sales/services (like on Amazon Books or eBay), or simply for the purposes of collecting demographic information (like DoubleClick) Cookies also provide programmers with a quick and convenient means of keeping site content fresh and relevant to the user's interests The newest servers use cookies to help with back-end interaction as well, which can improve the utility of a site by being able to securely store any personal data that the user has shared with a site (to help with quick logins on your favorite sites, for example)

Let

s see how many cookies in your browser

Using cookies

 Set cookies   $cgi->header(   ) -cookie => new CGI::Cookie(     -name => 'Monster', -value => $cgi->param('Monster'), -expires => '+3d', domain => 'inconnu.isu.edu‘ )  Get cookies  $cgi->cookie('Monster')

Database CGI

     # setup database connection variables my $user = "some username goes here"; my $password = "some password goes here"; my $host = "the host you want to connect to"; my $driver = "mysql";    # connect to database my $dsn = "DBI:$driver:database=cis430;host=$host"; my $dbh = DBI->connect($dsn, $user, $password);

Some notes about the program

    There is no HTML file for this program All of the necessary document data is contained within the CGI program, and a default page is displayed when there is no form data to show directly from the program Results are shown only when the submit button was pressed  if ($cgi->param('Query')) +----------+--------------+ | Field | Type | +----------+--------------+ | filename | varchar(255) | | artist | varchar(64) | | song | varchar(64) | | album | varchar(64) | | track | int(11) | +----------+--------------+

Basic Perl syntax guide - variables: scalars, arrays, hashes

 The scalar can hold one specific piece of information at a time, such as a string, integer, or reference  All variables, whether they be a scalar, array, hash, or other type, are CASE-SENSITIVE , meaning that $myvar and $MYVAR are treated as two different variables

Variable scope

  Whenever you first define either a scalar, array, or hash, use the my keyword to denote that it belongs to a particular scope Scope is a particular area inside opening and closing brackets, and defines where a variable is accessible from     my $string = ‘David’; {  $string = ‘John’; } print $string; # this will print the text “John”

Variable scope

    } { my $string = ‘David’;  my $string = ‘John’; print $string;   $string = ‘David’; print $string;    {  my $string = ‘John’; } print $string;

Single/double quote

   my $text = ‘cool guy’; my $string = ‘some $text’; print $string; # prints literally “some $text”;    my $text = ‘cool guy’; my $string = “some $text”; print $string; # prints literally “some cool guy”;    my $email = ‘[email protected]’; # fine – no error my $email = “[email protected]”; # an error message my $email = “david\@somehost.net”; # fine – no error

Array

   Arrays are simply a list of scalar variables Arrays begin with an @ sign instead of a dollar ($) sign  my @array = (“string 1”, “string 2”, “string 3”); To access an array    } { foreach my $value (@array)  print $value . “\n”;     print $array[0] . “\n”; print $array[1] . “\n”; print $array[2] . “\n”; So when you’re referencing an individual element of an array, you use a dollar sign, not the @ sign

Hash

     A hash is a list of name value pairs To define a hash, use this syntax (the percent sign):  my %hash; To add new values to a hash, use this syntax:    $hash{‘key1’} = ‘value1’; $hash{‘key2} = ‘value2’; $hash{‘key3’} = ‘value3’; To access hash elements, simply reference the hash key name:  print $hash{‘key1’}; # prints “value1” To loop through all elements in a hash:    { while (my($key, $value) = each(%hash))  print $key . ‘ – ‘ . $value . “\n”; }   } foreach my $key (keys(%hash)) {  print $key, “ – “, $hash{$key}, “\n”;

Accessing the file system with Perl

       Create an empty file:  open(FILEHANDLE, “ > /path/to/my/file.txt”) || die (‘cannot open file: ‘ . $!

);  close(FILEHANDLE); A greater than sign “>” means open in write mode, erasing any previous contents of the file Two greater than signs “>>” mean open in append mode, meaning add our new data to the file after the data that already existed You can almost always get the path to your document root (where your web server serves its initial index.html file from) by using this syntax:  my $document_root = $ENV{‘DOCUMENT_ROOT’}; The die function prints an error message if what we tried to do didn’t succeed The $! Variable is a special perl variable which contains the last error the perl program had before it exited Writing data to a file (in write mode – existing data in file is erased):  print FILEHANDLE ‘some data is now in this file, and if any data was already in the file, it is now gone.’;  close(FILEHANDLE);

Reading data from a file

        open(FILEHANDLE, “/path/to/my/file.txt”) || die(‘cannot open file: ‘ . $!); # this will only print the first line of the file: print $_; # this will print all lines of data in the file: } { while()  print $_; close(FILEHANDLE);

Exercise

 Counter  With cookies  With a text file  With MySQL

Remember our wonderful program?

 A step-by-step wrapping/deployment procedure

A program without input (parameter)

 Write your program  Compile it  Write a CGI program  Call your program from the CGI program  Parse the output of your program and then generate a HTML view  Make sure other users could access your CGI program from browser

A program with input (parameters)

       Write your program Compile it Write a HTML to provide users a interface for input Write a CGI program to receive user input Call your program from the CGI program with user input Parse the output of your program and then generate a HTML view Make sure other users could access your CGI program from browser

Now, what CGI is?

 A interface  We use Perl to implement this interface  Two sides of this interface, HTML and your program, don’t care about CGI too much  HTML-CGI program  Very simple!

 CGI program-your program  Depends on yourself

Exercise

 Choose one program and give it a web dressing