Cgi common gateway interface
Sponsored Links
This presentation is the property of its rightful owner.
1 / 34

CGI (Common Gateway Interface) PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

CGI (Common Gateway Interface). CmpE 587 Emir Bayraktar Onur Bük. Overview. What is CGI ? How it works Perl Language Cgi Environment Variables Get & POST Methods Server-Side Includes (SSI). What is CGI ?. It stands for Common Gateway Interface It is a way of programming for the web

Download Presentation

CGI (Common Gateway Interface)

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Cgi common gateway interface

CGI(Common Gateway Interface)

CmpE 587

Emir Bayraktar

Onur Bük



  • What is CGI ?

  • How it works

  • Perl Language

  • Cgi Environment Variables

  • Get & POST Methods

  • Server-Side Includes (SSI)

What is cgi

What is CGI ?

  • It stands for Common Gateway Interface

  • It is a way of programming for the web

  • It is a server-side technology

  • It makes web-pages dynamic

Basics of cgi

Basics of CGI

  • CGI can be written with many languages

  • Most popular are PERL and C

  • Our choose is PERL because...

    • PERL is standard on UNIX systems

    • PERL is very easy and robust

    • It also runs on WindowsNT

How it works

How it works ?

  • CGI combines HTML tags with program statements

  • HTML tags are for appearance and visuality

  • PERL codes are for functionality

  • The result are functional and nice web-pages

Before we begin

Before we begin

  • PERL is an interpreted language

  • You write the script and it runs

  • But only if it is error-free

  • A simple text editor is enough

  • No additional software required

Let s begin with the first script

Let’s begin with the first script

  • We need to know where PERL runs

    • %>whereis perl or %> which perl

    • /usr/bin/perl

  • The first line of our script would be

    • #!/usr/bin/perl

  • As the result must be an HTML code

    • print “Content-type:text/html\n\n”;

Default first script hello world

Default First Script : “HELLO WORLD”


print “Content-type:text/html\n\n”;

print “<html><head><title>HELLO


print “<body>\n”;

print “<h2>HELLO WORLD</h2>\n”;

print “</body></html>\n”;

Perl variables

PERL Variables

  • Like many other programming languages, PERL has different kinds of variables

    • SCALAR VARIABLES ==> $scalar

    • ARRAY VARIABLES ==> @array

    • HASH VARIABLES ==> %hash

Scalar variables

Scalar Variables

  • A scalar variable stores a scalar value. They have the prefix $. They can contain any kind of data like numbers, characters or a string.

    • $num=5; $name=“John”;

  • You can input data to a scalar variable with

    • $name=<STDIN>;

Array variables

Array Variables

  • An array stores list of information. They have the prefix @. The arrays start with the index 0. If you refer to a single element of the array, you use the prefix $ with the index. For example

    • @city=(“ist”,“ankara”,“izmir”);

    • $city[0] =“ist” $city[2] =“izmir”

Hash variables

Hash Variables

  • Hash variables are a special kind of arrays. They contain paired groups of elements. Each pair consists of a key and data value. They have the prefix %.

    • %pages = (

      ”Yahoo" => "",

      ”Mail" => "",

      ”Uni" => "“);

Cgi environment variables

CGI Environment Variables

  • These are a series of hidden values that the web server sends to every CGI you run. They are stored in a hash called %ENV. Some of them are…

    • DOCUMENT_ROOT:The root directory of your server

    • HTTP_HOST:The hostname of your server

    • REMOTE_ADDR:The IP address of the visitor

    • REMOTE_HOST:The hostname of the visitor

    • SERVER_NAME:Your server's qualified domain name

Properties of env

Properties of %ENV

  • The %ENV hash is set for every CGI, and you can use any or all of it as needed. For example, you can write the IP address of the visitor with the command:

    • print “Your IP


    • print “Your Port =$ENV{‘REMOTE_PORT’}\n”;

    • print “Your Browser =$ENV{‘HTTP_USER_AGENT’}\n”;

Some examples using env

Some examples using %ENV

  • Let’s find the IP address of the visitor...


    print “Content-type:text/html\n\n”;

    print <<Finish



    Your IP address: $ENV{‘REMOTE_ADDR’}



Get and post


  • We use GET and POST in order to send data from an HTML document to a CGI program.

  • GET: The input values are sent as part of the URL, saved in the QUERY_STRING environment variable.

  • POST: Data are sent as input stream to the program

A simple example with get

A simple example with GET

  • We will write a simple CGI script which takes data input from and sends the data with the ‘QUERY_STRING’. The working part of the code is as follows:


    print “Content-type:text/html\n\n”

    print <<Finish



A simple example with get cont d

A simple example with GET (cont’d)

<h2>This page collects info about you</h2>

<form action:“” method=“GET”>

Name:<input type=“text” name=“name” size=20>


Surname:<input type=“text” name=“sname” size=30><p>

<input type=“submit” value=“submit”>


A simple example with get cont d1

A simple example with GET (cont’d)

There are two important results

There are two important results

  • If we look at the %ENV variable we would see that

    • $ENV{‘QUERY_STRING’}= name=Ali+Veli&sname=Yilmaz

  • The second result is that the address bar of the result page would look like

How to filter unwanted characters

How to filter unwanted characters

  • There are some unwanted characters in the string: “=” , “+” and “&”. “+” stands for space and “&” separates input values.

    • name=Ali+Veli&sname=Yilmaz

  • First we have to split “name” and “sname”. Fortunately, PERL has a “split” command.

    • @val=split(/&/,$ENV{‘QUERY_STRING’})

    • @val=(“name=Ali+Veli”,”sname=Yilmaz”)

How to filter unwanted characters cont d

How to filter unwanted characters (cont’d)

  • We have now an array variable. We use the split command for the second time in order to filter “=“ character. As we have many input values we use such a code:

    • foreach $ran (@val) {

      ($field, $value)=split(/=/,$ran);

      print “$field = $value\n”;}

Advantages and disadvantages of get

Advantages and disadvantages of GET

  • It is very simple to collect data and process it. You can make forms very easily. This is an advantage.

  • It is not secure. The data that will be sent is a part of the URL. It can be easily obtained by others.

An example with post

An example with POST

  • POST is another method of sending data but it is much more secure than GET. Data will be sent after encoding. It can also send more data according to GET. Encoding requires decoding and this increases the complexity of the script.

  • The decoding tasks are performed by PERL with some simple commands.

Decoding commands

Decoding Commands

  • There are two basic decoding commands. These are substituteand translate.

  • The syntax for substitute is:

    $varia =~s/pattern/replacement

  • An example clears all:

    $greeting =“Hello name.\n”;

    $greeting =~s/name/Ali/;

    print $greeting;

Decoding commands1

Decoding Commands

  • The syntax for translate is:

    $varia =~tr/searchlist/replacelist

  • The translate command turns every character in the searchlist to its corresponding character in the replacelist

  • The upper&lower case transformation can easily be done with

    $lower =~ tr/[A-Z]/[a-z]

    $upper =~ tr/[a-z]/[A-Z]

How to decode data streams

How to decode data streams

  • We have seen how to split a data stream. Now , we have to decode the stream with translate and substitute.

    $value =~ tr/+/ /;

    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;

How we get post data

How we get POST data



Foreach $pair(@pairs){


$value =~ tr/+/ /;

$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;



Server side includes ssi

Server-Side Includes(SSI)

  • Embedded code section in an HTML document.

  • Dependent on type of server

  • Server

    • parses SSI code

    • executes it

    • sends the results to the client

Server side includes cont d

Server-Side Includes (cont’d)

  • How does the server understand that the HTML file contains SSI code?

  • The file extension is converted to shtml or

  • The access rights for the file is 755 (in UNIX environment)

Ssi structure

SSI Structure

  • <!--#element property=value property=value -- >

  • Ex:

    • <!--#include file=“bodybar” -- >

    • <!--#flatsmode virtual=“/includes/” -- >

    • <!--#exec cgi=“/cgi-bin/a.cgi” -- >

Database connectivity

Database Connectivity

  • Uses Perl’s DBI Module

  • Ex (pseudocode):

    use DBI;


    $sth=$dbh->prepare(“sql query”);



    use variables



Thank you

Thank You!

Please ask any questions you may have.

Yi bayramlar

İyi Bayramlar!

  • Login