程序代写代做代考 scheme CGI COMP284 Scripting Languages – Handouts

COMP284 Scripting Languages – Handouts

COMP284 Scripting Languages
Lecture 8: Perl (Part 7)

Handouts

Ullrich Hustadt

Department of Computer Science
School of Electrical Engineering, Electronics, and Computer Science

University of Liverpool

Contents

1 CGI
Overview
CGI I/O

2 The Perl module CGI.pm
Motivation
HTML shortcuts
Forms

COMP284 Scripting Languages Lecture 8 Slide L8 – 1

CGI Overview

Common Gateway Interface — CGI

The Common Gateway Interface (CGI) is a standard method
for web servers to use an external application, a CGI program,
to dynamically generate web pages

1 A web client generates a client request,
for example, from a HTML form, and sends it to a web server

2 The web server selects a CGI program to handle the request,
converts the client request to a CGI request, executes the program

3 The CGI program then processes the CGI request and
the server passes the program’s response back to the client

COMP284 Scripting Languages Lecture 8 Slide L8 – 2

CGI CGI I/O

Client requests

In the following we focus on client requests that are generated
using HTML forms

My HTML Form

COMP284 Scripting Languages Lecture 8 Slide L8 – 3

CGI CGI I/O

Client requests

In the following we focus on client requests that are generated
using HTML forms

My HTML Form



COMP284 Scripting Languages Lecture 8 Slide L8 – 4

CGI CGI I/O

Encoding of input data

• Input data from an HTML form is sent URL-encoded as sequence of
key-value pairs: key1=value1&key2=value2&…

Example:
username=dave&fullname=David%20Davidson

• All characters except A-Z, a-z, 0-9, -, _, ., ∼ (unreserved characters)
are encoded

• ASCII characters that are not unreserved characters are represented
using ASCII codes (preceded by %)

• A space is represented as %20 or +
• + is represented as %2B
• % is represented as %25

Examples:
username=cath&fullname=Catherine+O%27Donnell

COMP284 Scripting Languages Lecture 8 Slide L8 – 5

CGI CGI I/O

Request methods: GET versus POST

The two main request methods used with HTML forms
are GET and POST:

• GET:

• Form data is appended to the URI in the request
“://” “:”

“?”

• Form data is accessed by the CGI program via environment variables

Example:

GET /cgi -bin/cgiwrap/ullrich/demo?username=dave&

fullname=David+Davidson HTTP /1.1

Host: cgi.csc.liv.ac.uk

COMP284 Scripting Languages Lecture 8 Slide L8 – 6

CGI CGI I/O

Request methods: GET versus POST

The two main request methods used with HTML forms
are GET and POST:

• POST:

• Form data is appended to end of the request (after headers and blank line)
• Form data can be accessed by the CGI program via standard input
• Form data is not necessarily URL-encoded (but URL-encoding is the default)

Example:

POST /cgi -bin/cgiwrap/ullrich/demo HTTP /1.1

Host: cgi.csc.liv.ac.uk

username=dave&fullname=David+Davidson

COMP284 Scripting Languages Lecture 8 Slide L8 – 7

CGI CGI I/O

Environment variables: GET

Env variable Meaning

QUERY_STRING The query information passed to the program

REQUEST_METHOD The request method that was used

PATH_INFO Extra path information passed to a CGI program

PATH_TRANSLATED Translation of PATH_INFO from virtual to physical
path

SCRIPT_NAME The relative virtual path of the CGI program

SCRIPT_FILENAME The physical path of the CGI program

Example (1):
GET http ://cgi.csc.liv.ac.uk/cgi -bin/cgiwrap/ullrich/demo/more/dirs?

username=dave&fullname=David+Davidson

QUERY_STRING username=dave&fullname=David+Davidson

REQUEST_METHOD GET

PATH_INFO /more/dirs

PATH_TRANSLATED /users/www/external/docs/more/dirs

SCRIPT_NAME /cgi -bin/cgiwrap/ullrich/demo

SCRIPT_FILENAME /users/loco/ullrich/public_html/cgi -bin/demo

STDIN

# empty

COMP284 Scripting Languages Lecture 8 Slide L8 – 8

CGI CGI I/O

Environment variables: GET

Env variable Meaning

QUERY_STRING The query information passed to the program

REQUEST_METHOD The request method that was used

PATH_INFO Extra path information passed to a CGI program

PATH_TRANSLATED Translation of PATH_INFO from virtual to physical
path

SCRIPT_NAME The relative virtual path of the CGI program

SCRIPT_FILENAME The physical path of the CGI program

Example (2):
GET http ://cgi.csc.liv.ac.uk/cgi -bin/cgiwrap/ullrich/demo/more/dirs?

username =2%60n+d%2Bt+e+s%27t&fullname=Peter+Newton

QUERY_STRING username =2%60n+d%2Bt+e+s%27t&fullname=Peter+Newton

REQUEST_METHOD GET

PATH_INFO /more/dirs

PATH_TRANSLATED /users/www/external/docs/more/dirs

SCRIPT_NAME /cgi -bin/cgiwrap/ullrich/demo

SCRIPT_FILENAME /users/loco/ullrich/public_html/cgi -bin/demo

STDIN

# empty

COMP284 Scripting Languages Lecture 8 Slide L8 – 9

CGI CGI I/O

Environment variables: POST

Env variable Meaning

QUERY_STRING The query information passed to the program

REQUEST_METHOD The request method that was used

SCRIPT_NAME The relative virtual path of the CGI program

SCRIPT_FILENAME The physical path of the CGI program

Example:
POST /cgi -bin/cgiwrap/ullrich/demo

Host: cgi.csc.liv.ac.uk

username =2%60n+d%2Bt+e+s%27t&fullname=Peter+Newton

QUERY_STRING

# empty

REQUEST_METHOD POST

SCRIPT_NAME /cgi -bin/cgiwrap/ullrich/demo

SCRIPT_FILENAME /users/loco/ullrich/public_html/cgi -bin/demo

STDIN username =2%60n+d%2Bt+e+s%27t&fullname=Peter+Newton

COMP284 Scripting Languages Lecture 8 Slide L8 – 10

CGI CGI I/O

More environment variables

Env variable Meaning

HTTP_ACCEPT A list of the MIME types that the client can accept

HTTP_REFERER The URL of the document that the client points
to before accessing the CGI program

HTTP_USER_AGENT The browser the client is using to issue the request

REMOTE_ADDR The remote IP address of the user making the
request

REMOTE_HOST The remote hostname of the user making the re-
quest

SERVER_NAME The server’s hostname

SERVER_PORT The port number of the host on which the server
is running

SERVER_SOFTWARE The name and version of the server software

COMP284 Scripting Languages Lecture 8 Slide L8 – 11

The Perl module CGI.pm Motivation

CGI programs and Perl

• CGI programs need to process input data from environment variables
and STDIN, depending on the request method
; preferably, the input data would be accessible by the program

in a uniform way

• CGI programs need to process input data that is encoded
; preferably, the input data would be available in decoded form

• CGI programs need to produce HTML markup/documents as output
; preferably, there would be an easy way to produce HTML markup

In Perl all this can be achieved with the use of the CGI.pm module
http://perldoc.perl.org/CGI.html

COMP284 Scripting Languages Lecture 8 Slide L8 – 12

http://perldoc.perl.org/CGI.html

The Perl module CGI.pm HTML shortcuts

CGI.pm HTML shortcuts

• CGI.pm provides so-called HTML shortcuts that create HTML tags

a address applet b body br center code

dd div dl dt em font form

h1 h2 h3 h4 h5 h6 head header

html hr img li ol p pre strong

sup table td th tr title tt ul

• HTML tags have attributes and contents

This is a paragraph

• HTML shortcuts are given
• HTML attributes in the form of a hash reference as the first argument
• the contents as any subsequent arguments

p({-align=>right},”This is a paragraph”)

COMP284 Scripting Languages Lecture 8 Slide L8 – 13

The Perl module CGI.pm HTML shortcuts

CGI.pm HTML shortcuts: Examples

Code: print p();

Output:

Code: print p(’’);

Output:

Code: print p({-align=>right},”Hello world!”);

Output:

Hello world!

Code: print p({-class=>right_para ,-id=>p1},”Text”);

Output:

Text

COMP284 Scripting Languages Lecture 8 Slide L8 – 14

The Perl module CGI.pm HTML shortcuts

CGI.pm HTML shortcuts: Nesting vs Start/End

• Nested HTML tags using nested HTML shortcuts

Code: print p(em(“Emphasised”).” Text”), “\n”;

Output:

Emphasised Text

• Nested HTML tags using start_tag and end_tag:

use CGI qw(-utf8 :all *em *p);

print start_p(), start_em(), “Emphasised”, end_em(),

” Text”, end_p(), “\n”;

Output:

Emphasised Text

The following start_tag/end_tag HTML shortcuts are generated
automatically by CGI.pm:

start_html (), start_form (), start_multipart_form ()

end_html(), end_form () end_multipart_form ()

All others need to be requested by adding *tag to the CGI.pm import list
COMP284 Scripting Languages Lecture 8 Slide L8 – 15

The Perl module CGI.pm Forms

CGI.pm Forms

• HTML forms are created using start_form and end_form
print start_form ({-method=>request_method ,

-action=>uri});

form_elements

print end_form;

• HTML form elements are again created using HTML shortcuts

textfield textarea password_field

filefield hidden scrolling_list

popup_menu optgroup

image_button checkbox checkbox_group

radio_group reset submit

• optgroup creates an option group within a popup menu
; optgroup occurs nested inside popup_menu

• All other HTML shortcuts for HTML form elements will occur
independently of each other within a form

COMP284 Scripting Languages Lecture 8 Slide L8 – 16

The Perl module CGI.pm Forms

CGI.pm Forms: Examples

print textfield ({-name=>’username ’,

-value=>’dave’,

-size=>100,

-maxlength = >500});

• -name specifies the name of the text field
and is the only required argument of textfield

• -value specifies a default value that will be shown in the text field
• -size is the size of the text field in characters
• -maxlength is the maximum number of characters that the text field

will accept

Output:

COMP284 Scripting Languages Lecture 8 Slide L8 – 17

The Perl module CGI.pm Forms

CGI.pm Forms: Examples

print submit({-name=>’submit ’,

-label=>’Click for response ’});

• -name is an optional argument that allows to distinguish submit buttons
from each other

• -label or -value is an optional argument that determines the label
shown to the user and the value passed to the CGI program

Output:

COMP284 Scripting Languages Lecture 8 Slide L8 – 18

The Perl module CGI.pm Forms

CGI.pm Forms: Example

#!/usr/bin/perl

use CGI qw(-utf8 :all);

print header(-charset=>’utf -8’),

start_html ({-title=>’My HTML Form’,

-author=>’u.hustadt@liverpool.ac.uk’,

-style=>’style.css’});

print start_form ({-method=>”GET”,

-action=>”http :// cgi.csc.liv.ac.uk/”.

“cgi -bin/cgiwrap/ullrich/demo”});

print textfield ({-name=>’username ’,

-value=>’dave’,

-size = >100});

print br();

print textfield ({-name=>’fullname ’,

-value=>’Please enter your name’,

-size = >100});

print br();

print submit({-name=>’submit ’,

-value=>’Click for response ’});

print end_form , end_html;

COMP284 Scripting Languages Lecture 8 Slide L8 – 19

The Perl module CGI.pm Forms

Making it work

For CGI programs to work on our systems you must proceed as follows:

1 Your home directory must be ‘world executable’

2 You must have a directory
$HOME/public_html/cgi-bin/

Your public_html and cgi-bin directory must be both readable and
executable by everyone

3 Your CGI script must be placed in
$HOME/public_html/cgi-bin/

and must be executable by everyone

4 The CGI script can then be accessed using the URL
http://cgi.csc.liv.ac.uk/cgi-bin/cgiwrap//

for username, would redirect the browser to malware_site.
• Check whether the data has the format expected

if (param(’username ’) !∼ /^[a-zA -Z0 -9]+$/s) {

print "Not a valid user name"

} else {

print "The value of username is ",param(’username ’),"\n";

}

or sanitise the input using the CGI.pm routine escapeHTML:

print "The value of username is ",

escapeHTML(param(’username ’)),"\n";

or even better, do both

COMP284 Scripting Languages Lecture 8 Slide L8 – 25

The Perl module CGI.pm Forms

CGI.pm Scripts: Example (Part 1)

use CGI qw(-utf -8 :all *table);

binmode(STDOUT , ":encoding(utf -8)");

print header(-charset=>’utf -8’), "\n",

start_html ({-title=>’Form Processing ’,

-author=>’u.hustadt@liverpool.ac.uk’});

if (! defined(param(’username ’))) {

# This branch is executed if the user first visits this page/script

print start_form ({-method=>"POST"});

print textfield ({-name=>’username ’, -value=>’dave’,

-size =>100}), "\n";

print br(), "\n";

print textfield ({-name=>’fullname ’,

-value=>’Please enter your name’,

-size =>100}), "\n";

print br(), "\n";

print submit({-name=>’submit ’,

-value=>’Click for response ’}), "\n";

print end_form;

} else {

# This branch is executed if the client request is generated

# by the form

COMP284 Scripting Languages Lecture 8 Slide L8 – 26

The Perl module CGI.pm Forms

CGI.pm Scripts: Example (Part 2)

# (We are in the else -branch now)

print start_table ({-border = >1});

print caption("Inputs");

foreach $key (param ()) {

print Tr(td(’PARAM ’),td($key),td(escapeHTML(param($key ))));

}

foreach $key (keys %ENV) {

print Tr(td(’ENV’),td($key),td(escapeHTML($ENV{$key })));

}

print end_table;

}

print end_html;

COMP284 Scripting Languages Lecture 8 Slide L8 – 27

The Perl module CGI.pm Forms

CGI.pm Scripts: Example (Part 3)

Page produced on the first visit

Page produced on submission of the form

COMP284 Scripting Languages Lecture 8 Slide L8 – 28

The Perl module CGI.pm Forms

Revision

Read

• Chapter 11: Perl Modules

of

R. L. Schwartz, brian d foy, T. Phoenix:
Learning Perl.
O’Reilly, 2011.

• http://perldoc.perl.org/CGI.html

COMP284 Scripting Languages Lecture 8 Slide L8 – 29

http://perldoc.perl.org/CGI.html

Lecture 1
CGI
Overview
CGI I/O

The Perl module CGI.pm
Motivation
HTML shortcuts
Forms