1 / 22

Comp2513 Forms and CGI Server Applications

Comp2513 Forms and CGI Server Applications. Daniel L. Silver, Ph.D. Objectives. To discuss HTML Forms and CGI Scripts To introduce the concept of server applications and discuss their use as a part of an E-Commerce infrastructure References: Ch. 2 Sharma (p.38-41), DDEA p.115-124.

dyre
Download Presentation

Comp2513 Forms and CGI Server Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comp2513Forms and CGI Server Applications Daniel L. Silver, Ph.D.

  2. Objectives • To discuss HTML Forms and CGI Scripts • To introduce the concept of server applications and discuss their use as a part of an E-Commerce infrastructure • References: Ch. 2 Sharma (p.38-41), DDEA p.115-124 Daniel L. Silver

  3. Outline • HTML Forms • HTTP GET and POST Methods • CGI ServerApplications • Drawbacks of CGI • Forms and Javascript • Cookies Daniel L. Silver

  4. HTML Forms • Forms are part of an HTML document <FORM ACTION =‘someApplication’> .. input elements like text fields, radio buttons, etc .. .. one or more submit buttons .. </FORM> • Simple form example: greet_shell2.html • User enters data, selects options • User sends request by clicking on a submit button • Data is processed by Javascript or sent back to client for processing using a CGI script • The results returned to the browser as HTML Daniel L. Silver

  5. CGI – Common Gateway Interface • CGI is a standard for HTTP client to server application communications that defines: • How a client can request to run an application on a server and use specified input data • How the data is passed to the server application • How the server application can pass the response back to the client • CGI is NOT a programming langauge Daniel L. Silver

  6. Forms and CGI: Examples • A barebones CGI request for execution of a sever application: Hello_time.html • Passing parameters to a program on a server via the CGI protocol: greet_shell.html • Combining forms and CGI: greet_shell2.html Daniel L. Silver

  7. How is User Data Passed to the Server? • Either GET or POST HTTP method is used • See the forms tutorial • The default and the one used in the previous example is GET • Recall … the HTTP Request Header GET /demo/Hello.html HTTP 1.0 Accept: text/plain Accept: text/html User-Agent: Mozilla/2.0 <CR/LF> Daniel L. Silver

  8. How is User Data Passed to the Server? • With the GET method, the browser appends a “?” to the URL followed by the user entered FORM data. So you see: http://eagle.acadiau.ca/demo/cgi-bin/greet_shell.cgi?name=Danny • The server reads the data following the “?” and makes it available in the form of environment variable, QUERY_STRING • The CGI application on the server must read and parse this environment variable Daniel L. Silver

  9. How is User Data Passed to the Server? • With the POST method, the browser creates a message containing the user entered FORM data. • The message is sent to the server and forwards it on to the requested application in the form of an “input stream” • The CGI application on the server must read and parse the input stream • An example: RequestParamExample.html, RequestParamExample.java Daniel L. Silver

  10. POST versus Get Methods • Advisable to use POST • GET is limited to 1024 characters (restricted by the environment variable size limits) • POST provides a first order level of security • Why? Daniel L. Silver

  11. Other Data Available at Server • The server application that reads the FORM data can also access other information provided by the CGI standard: • REMOTE_ADDR – the IP address of the client • REMOTE_HOST – fully qualified URL of host • CONTENT_LENGTH – length of FORM data • Checkout “Request Info” and “Request Headers” : http://eagle.acadiau.ca:8080/examples/servlets/ Daniel L. Silver

  12. CGI Server Applications • A CGI Script can be any program that can execute on the server • Shell script, Perl script, C, C++ • Perl Example: perl_greeting.html • Perl code: perl_greeting.cgi • NOTE: to see Perl code open in source view Daniel L. Silver

  13. Drawbacks of CGI • Each time a CGI application is requested by an HTML page the server is requested to start a separate process • This is true even if it is a Java program doThis.cgi : #!/bin/sh java doThis.class • A new JVM is started each time • Takes time to set up and take down • Uses memory resources on the server Daniel L. Silver

  14. Forms and Javascript • Javascript was introduced by NetScape • A client-side language • Provides program logic embedded in HTML for generation of dynamic webpages and minor computation • Manipulation of objects in HTML page including the creation and movement of browser windows • Most importantly allows validation of entered FORM data: calculator, greet_javascript Daniel L. Silver

  15. Cookies • Recall the problem of web sessions being connectionless • TCP/IP is connection oriented but each HTTP request/response uses one such connection and then terminates • State is not maintained from page to page • Each item you order is a separate request • So how does a E-Comm site know how to accumulate orders for you? Daniel L. Silver

  16. What’s a Cookie • A Cookie is a small piece of data placed on a client system that is used by the server to identify the client • Client, about to make a request to a server, checks to see if it has an associated cookie • If cookie, then send it with the request • Server checks for cookie in request • If cookie, then pass it to any applications called • Server may create a new cookie and return it with the response to the client • Client receives response and checks for new cookie • If cookie, then it saves it for this server URL Daniel L. Silver

  17. Cookies are not programs … • Contain 4K of text or less • There limits stored by a browser (default: 20 per site, 300 in total, oldest are deleted) • Only the originating domain can ever use the contents of their cookies • Written with or without an expiry date • Turn on your browser’s cookie warnings to observe how frequent they are used Daniel L. Silver

  18. Break down of a Cookie • C:\Program Files\Netscape\ Users\defaultuser\cookies.txt • www.goto.com FALSE / FALSE 1293231196 UserID 7481BA1DC3F68F71 • First Boolean value (FALSE) indicates whether the cookie is available throughout the domain, the second denotes whether the cookie data should be transmitted only over secure channels • 1293231196 is the expiry date = milliseconds since 1970 • UserID is the cookie name • 7481BA1DC3F68F71 is the cookie data Daniel L. Silver

  19. Cookies are Useful • Saving user preferences and profile • Remembering pages visited and when • Greeting people by name • Notifying visitor of changes since last visit • Retaining data from one page (or frame) to another • Using server side code cookie data can be used track user visits and movement patterns Daniel L. Silver

  20. Cookie Examples • Javascript (client controlled) example: Samplecookie1.htm • Java servlet (server controled) example: Servercookies.html Daniel L. Silver

  21. Web References • http://www.jmarshall.com/easy/cgi/ • http://www.library.uq.edu.au/quik-it/pub_adv.html#forms • http://www.nlc-bnc.ca/pubs/netnotes/notes19.htm • http://hoohoo.ncsa.uiuc.edu/cgi/ • http://www.cgidir.com/ • http://cgi.resourceindex.com/ Daniel L. Silver

  22. THE ENDdanny.silver@acadiau.ca

More Related