The Common Gateway InterfaceComputation is required to support sophisticated web
applicationsComputation can be done by the server or the client
(browser) or bothThe Common Gateway Interface (CGI) is a protocol
describing a standard way of providing server-side active web contentUnder circumstances determined by the server, an HTTP
request will cause a program to runThe output from the program will be the response
returned to the client making the requestData from forms will be encoded in a request sent do
the serverThis data can be used by a CGI program
CGI LinkageThere are several common ways a web
server can use to determine if a web request should cause a CGI program to execute
Usually, the determination is based on the target of the requestCertain directories can be designated as
containing CGI programsOften cgi-bin is used
Certain file extensions can be designated as signifying a CGI program.pl usually identifies a Perl script
CGI LinkageA request for a CGI program to executed
can be made with a simple link (<a> tag in HTML)This method is limitedAny data sent must be hard-coded into the
linkThe usual way for invoking CGI programs is
through the action attribute of a formData from the form is then encoded and sent
with the request
CGI Program ActionThe CGI program generally creates the
response by sending output to the standard output streamUsing print in Perl
The CGI program will usually have to provide the content-type headerContent-type: text/htmlThis will be the last line of the response headers
and must be followed by a blank lineThe rest of the response is created by printing
the HTML code desired to standard output
Query String FormatBoth GET and POST requests under HTTP can
be used to carry form data from the browser to the server
The data is formatted into a query stringEach form of request includes the information
in a different wayIn a GET request, the query string is appended to
the URL of the request, with a question mark used to separate it from the first part of the URL
In a POST request, the query string is sent as the data part of the request
In both cases, the query string is formatted the same
Query String FormatEach unit of data sent is encoded as
name = valueThe name is usually the value of a name attribute of a
form widgetThe value is the string representation of the widget
valueSeveral units are combined by separating them
with ampersands, &Special characters in name and value are encoded
The code is a percent sign, %, followed by the hexadecimal code for the character
A space is encoded as %20Some browsers will encode spaces as +
Query String AccessWhen the POST method is used, the query
string can be read from standard inputThe CONTENT_LENGTH environment variable
tells how many characters can be readWhen The GET method is used, the query
string is given by the value of the environment variable QUERY_STRING
The CGI.pm ModuleWriting a CGI program from scratch is very
tediousCreating HTML requires numerous print
statementsRetrieving data from the query strings is tricky
One of the reasons for Perl’s popularity for CGI programming is the powerful pattern matching facilities which greatly ease the task of parsing a query string
The Perl module CGI.pm provides numerous functions to help with both of these problems
Shortcut Functions in CGI.pmShortcut functions return string values
containing HTML codeNote, the string must be printed out to actually
become part of the responseSome functions take no arguments
print br;puts the tag <br/> into the response
Some functions can be given a single argument which becomes the content of the tag
print h1(“A Header”)puts
<h1>A Header</h1>into the response
Tag Attributes in Shortcut FunctionsAttributes for tags are provided as attribute/value
pairs in the argument list of the shortcut functionThe arguments are provided in the form of a literal
hashAttribute names are preceded by a hyphen, -
print textarea(-name => "Description",
-rows => "2",-cols => "35");
produces this in the response<textarea name="Description" rows="2"
cols="35"></textarea>
Attributes and ContentAttributes and content can both be provided to a
shortcut by giving the attributes explicitly as a hash reference
print a({-href => "fruit.html"},
Press here for fruit descriptions");
produces this in the response<a href="fruit.html"> Press here for
fruit descriptions </a>If an array reference is provided for the content,
a tag is created for each item, giving the tag all the specified attributes
More ShortcutsThe head shortcut function provides a
standard headerThe start_html function provides the
beginning part of an HTML document, through the <body> start tagThe function takes one argument, the
document titleThe param function takes a name as an
argumentThe function returns the value associated
to the name, if any, in the request
Table Shortcut FunctionsThe Tr function will create a sequence of
table rows from an argument that is a reference to a listTr is capitalized to distinguish it from the
transliterate function trSimilarly, the th and td functions will
produce a sequence of tags from a reference to a list
Table Example table({-border => "border"},
caption("Sales Figures"),Tr([th(["Salesperson", "Mon", "Tues", “Wed",
"Thu", "Fri"]), th("Mary").td(\@marysales),
th("Freddie").td(\@freddiesales), th("Spot").td(\@spotsales),]
));
Note the period between the th and td function calls, this concatenates the results in order to make a single row
CookiesHTTP is a stateless protocol, that is, the server
treats each request as completely separate from any other
This, however, makes some applications difficultA shopping cart is an object that must be maintained
across numerous requests and responsesThe mechanism of cookies can be used to help
maintain state by storing some information on the browser system
A cookie is a key/value pair that is keyed to the domain of the serverThis key/value pair is sent along with any request
made by the browser of the same serverA cookie has a lifetime which specifies a time at
which the cookie is deleted from the browser
Cookies and SecurityCookies are only returned to the server
that created themCookies can be used to determine usage
patterns that might not otherwise be ascertained by a server
Browsers generally allow users to limit how cookies are usedBrowsers usually allow users to remove all
cookies currently stored by the browserSystems that depend on cookies will fail if
the browser refuses to store them
Cookie FunctionsThe cookie function takes a hash with three
keys for the name, value and expiration time of a cookie
The cookie value produced by this function must be passed to the header function using the –cookie key
header(-cookie => $a_cookie)Calling the cookie function with no
arguments produces a hash of all cookies from the current request