Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules."— Presentation transcript:

1 Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules in your perl program Able to use Split function to extract information Understand what is CGIWRAP

2 CGI Environment Variables Environment variables is a set of hidden values that Web server sends to every CGI you run. You CGI program can parse them, and use the data you send Environment variables are stored in a hash called %ENV The %ENV hash is automatically set for every CGI, and you can use any or all of it as needed

3 CGI Environment variables Environment variables are a series of hidden values that the web server sends to every CGI you run. Your CGI can parse them, and use the data they send. Variable Name Value DOCUMENT_ROOT The root directory of your server HTTP_COOKIE The visitor’s cookie, if one is set HTTP_HOST The hostname of your server HTTP_REFERER The URL of the page that called your script HTTP_USER_AGENT The browser type of the visitor HTTPS "on" if the script is being called through a secure server PATH The system path your server is running under QUERY_STRINGThe query string (see GET, below) REMOTE_ADDRThe IP address of the visitor

4 CGI Environment variables REMOTE_HOST The hostname of the visitor (if your server has reversename-lookups on; otherwise this is the IP address again) REMOTE_PORT The port the visitor is connected to on the web server REMOTE_USERThe visitor’s username (for.htaccess-protected pages) REQUEST_METHOD GET or POST REQUEST_URI The interpreted pathname of the requested document or CGI (relative to the document root) SCRIPT_FILENAME The full pathname of the current CGI SCRIPT_NAME The interpreted pathname of the current CGI (relative to the document root) SERVER_ADMIN The email address for your server’s webmaster SERVER_NAME Your server’s fully qualified domain name SERVER_PORT The port number your server is listening on SERVER_SOFTWARE The server software you’re using (such as Apache 1.3)

5 Examples of useful Environment variables (env.cgi) #!/usr/bin/perl print "Content-type:text/html\n\n"; print <<EndOfHTML; Print Environment EndOfHTML foreach $key (sort(keys %ENV)) { print "$key = $ENV{$key} \n"; } print " ";

6 DOCUMENT_ROOT = /users/csd/csd/spider/sbu GATEWAY_INTERFACE = CGI/1.1 HTTP_ACCEPT = image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */* HTTP_ACCEPT_LANGUAGE = en-gb HTTP_CACHE_CONTROL = max-age=259200 HTTP_CONNECTION = keep-alive HTTP_HOST = www.sbu.ac.uk HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) HTTP_VIA = 1.0 cache2-eth0.sbu.ac.uk:8080 (Squid/2.3.STABLE4) HTTP_X_FORWARDED_FOR = unknown PATH = /usr/local/etc/httpd:/sbin:/usr/sbin:/usr/bin PATH_INFO = PATH_TRANSLATED = /users/eee/eee/zhaoza/.public_html/cgi-bin/env.pl QUERY_STRING = REMOTE_ADDR = 136.148.1.94 REMOTE_HOST = cache2-eth0.sbu.ac.uk REMOTE_PORT = 2833 REQUEST_METHOD = GET REQUEST_URI = /cgi-bin/cgiwrap/~zhaoza/env.pl SCRIPT_FILENAME = /usr/local/apache/share/cgi-bin/cgiwrap SCRIPT_NAME = /cgi-bin/cgiwrap/zhaoza/env.pl SERVER_ADDR = 136.148.1.1 SERVER_ADMIN = webmaster@sbu.ac.uk SERVER_NAME = www.sbu.ac.uk SERVER_PORT = 80 SERVER_PROTOCOL = HTTP/1.0 zSERVER_SIGNATURE = SERVER_SOFTWARE = Apache/1.3.12 (Unix)

7 Remote Host ID (rhost.cgi) #!/usr/bin/perl print "Content-type:text/html\n\n"; print <<EndHTML Hello! Hello! Welcome, visitor from $ENV{'REMOTE_HOST'}! EndHTML

8 #!/usr/bin/perl print "Content-type:text/html\n\n"; print <<EndHTML Hello! Hello! Welcome, visitor from $ENV{'REMOTE_ADDR'}! EndHTML

9

10 Checking Browser Type (browser.cgi) #!/usr/bin/perl print "Content-type:text/html\n\n"; print " Welcome \n"; print " \n"; print "Browser: $ENV{'HTTP_USER_AGENT'} \n"; if ($ENV{'HTTP_USER_AGENT'} =~ /MSIE/) { print "You seem to be using Internet Explorer! \n"; } elsif ($ENV{'HTTP_USER_AGENT'} =~ /Mozilla/) { print "You seem to be using Netscape! \n"; } else {print "You seem to be using a browser other than Netscape or IE. \n"; } print " \n";

11

12 A simple Query Form When GET method is used to send data from an HTML form to CGI, the input values from the form are saved in the QUERY_STRING environment variable. In the Get method, the input values from the form are sent as part of the URL. The values ( saved in query_string) appears after the question mark in the URL itself. The query_string is organised in some way called URL encoding.

13 If I include the form in my html document in the following way Enter some test here My name is When click on the submit query button, the URL should look like this: http://www.sbu.ac.uk/cgi-bin/cgiwrap/~zhaoza/test.cgi?sample_text= This+is+a+22%test22%&myname=zhao

14

15 URL Encoding rules Values appears immediately after a ? Mark Items(values) are separated by &. For each item(value), the value on the left of = is the actual name of the form field. The value on the right is whatever you typed into the input box. Space is replaced with +. Other special non- alphanumeric characters aer escaped out with a %- code

16 Normal Character URL Encoded String \t (tab) %09 \n (return) %0A / %2F ~ %7E : %3A ; %3B @ %40 & %26

17 Split function In this example $ENV{‘QUERY_STRING’}= sample_text= This+is+a+22%test22%&myname=zhao Example to use split function: @values = split(/&/,$ENV{'QUERY_STRING'}); foreach $i (@values) { ($varname, $mydata) = split(/=/,$i); print "$varname = $mydata\n"; }

18 CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail.

Download ppt "Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules."

Similar presentations

Web forms and CGI scripts Dr. Andrew C.R. Martin

Web forms and CGI scripts Dr. Andrew C.R. Martin
CGI & HTML forms -05-. CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.

CGI & HTML forms CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.
CGI Scripting and Vulnerabilities COEN 351: E-commerce Security  Thomas Schwarz, S.J. 2006.

CGI Scripting and Vulnerabilities COEN 351: E-commerce Security  Thomas Schwarz, S.J
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.

Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.
JavaScript Forms Form Validation Cookies CGI Programs.

JavaScript Forms Form Validation Cookies CGI Programs.
How does the server format the information it gives to the appln program? As environment variables and in standard input.

How does the server format the information it gives to the appln program? As environment variables and in standard input.
Configuring Apache Server and Perl for CGI T.A. Maisa Khudair Dr. Qusai Abu Ein.

Configuring Apache Server and Perl for CGI T.A. Maisa Khudair Dr. Qusai Abu Ein.
CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.

CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.
CGI. XML2 Common Gateway Interface n Georgia Tech 1995 Web Usage Survey –Perl - 46.7% –C - 12.5% –Shell Scripts - 8.1% –Tcl - Tool Commercial Language.

CGI. XML2 Common Gateway Interface n Georgia Tech 1995 Web Usage Survey –Perl % –C % –Shell Scripts - 8.1% –Tcl - Tool Commercial Language.
CGI & Perl Programming Language What is CGI? Introduction of Perl Programming Language –Simple Peal program –Perl variables –Perl Operators –Flow Controls.

CGI & Perl Programming Language What is CGI? Introduction of Perl Programming Language –Simple Peal program –Perl variables –Perl Operators –Flow Controls.
CSE 190: Internet Commerce Lecture 4: Web Servers.

CSE 190: Internet Commerce Lecture 4: Web Servers.
What is CGI? The Common Gateway Interface (CGI) is a mechanism that allows Web clients to execute programs on a Web server and to receive their output.

What is CGI? The Common Gateway Interface (CGI) is a mechanism that allows Web clients to execute programs on a Web server and to receive their output.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
Common Gateway Interface

Common Gateway Interface
1 ‘Dynamic’ Web Pages So far, we have developed ‘static’ web-pages, e.g., cv.html, repair.html and order.html. There is often a requirement to produce.

1 ‘Dynamic’ Web Pages So far, we have developed ‘static’ web-pages, e.g., cv.html, repair.html and order.html. There is often a requirement to produce.
CGI Common Gateway Interface. CGI is the scheme to interface other programs to the Web Server.

CGI Common Gateway Interface. CGI is the scheme to interface other programs to the Web Server.
1 Homework / Exam Exam 3 –Solutions Posted –Questions? HW8 due next class Final Exam –See posted schedule Websites on UNIX systems Course Evaluations.

1 Homework / Exam Exam 3 –Solutions Posted –Questions? HW8 due next class Final Exam –See posted schedule Websites on UNIX systems Course Evaluations.
NETWORK CENTRIC COMPUTING (With included EMBEDDED SYSTEMS)

NETWORK CENTRIC COMPUTING (With included EMBEDDED SYSTEMS)

Similar presentations

Ads by Google