This lecture is divided into hyperlinked sections
Introduction
Dynamic Interaction
with Users
Use of CGI
CGI and its
Effect on the Server
Static and Dynamic
Web Pages
Example of
CGI use in a Database
Security and CGI
Language Options
for CGI
C/ C++
PHP
Fortran
PERL
TCL
UNIX Shells
Visual Basic
AppleScript
Programming Languages
Scripting Languages
Conclusion
Resources
CGI is an abbreviation of Common Gateway Interface. This
is a specification for transferring information between a World Wide Web
server and a CGI program.
A CGI program is any program designed to accept and return
data that conforms to the CGI specification. The program could be written
in any programming language, including C, Perl, Java, or Visual Basic.
Dynamic Interaction with Users
CGI programs are the most common way for Web servers to interact dynamically with users, however the use of Java applets is increasing and these can perform the same functions as CGI.
The major difference between the use of CGI and Java applets is that in the case of CGI, the processing takes place on the server. For Java applets, the processing takes place on the client. It is necessary to consider the use to which your active web page will be put in order to decide whether to implement either a CGI or Java solution.
Any CGI application will involve the latency of message transfer across the Internet, whereas the Java solution runs immediately on the client machine. However, if the server is a database, it may be wiser to run CGI as the information that the client may need will be held on the server machine.
Some HTML pages contain forms and these may make use of a CGI program to process the data on the form once the user has submitted it to the server. Another increasingly common way to provide dynamic feedback for Web users is to include scripts or programs that run on the user's machine rather than the Web server. These programs can be Java applets, Java scripts, or ActiveX controls. These technologies are known collectively as client-side solutions, while the use of CGI is a server-side solution because the processing occurs on the Web server.
CGI and its Effect on the Server
One problem with CGI is that each time a CGI script is executed on the web server, a new process is started. For busy Web sites, this can slow down the server noticeably. A more efficient solution, but one that it is also more difficult to implement, is to use the server's API, such as ISAPI or NSAPI. Another increasingly popular solution is to use Java servlets (c.f. applets), which are Java programs designed to run on the server machine.
CGI is a standard for interfacing external applications with information servers, such as HTTP or Web servers. A plain HTML document that the Web daemon retrieves is static, which means that it exists in a constant state. A static page is merely a text file that never changes until the web site designer rewrites the page.
A CGI program, on the other hand, is executed in real-time, so that it can output dynamic information.
Example of CGI use in a Database
A computer may contain a database. A database is a controlled pool of data that may be electronically interrogated to provide information. A website designer may wish that his or her website contains a database that is connected to the Internet in such a way that it allows people from all over the world to query it.
In order to implement this it is necessary to create a CGI program that the Web daemon will execute to extract the required information from the server hard disks and pass it to the database engine. The CGI program must also be able to deal with these results in such a way that they can then be transmitted to the client for display. This is an example of a gateway, and this is where CGI got its name from.
The database example is a simple idea, but can be rather difficult to implement. There really is no limit as to what you can use the Web to perform for you. The only thing that should be remembered is that whatever your CGI program does, it should not take too long to process the data and return the results to the client program. If the program takes too long to execute the user will just be staring at his/ her browser waiting for something to happen and may give up and browse another site instead.
Since a CGI program is executable, it is basically the equivalent of letting the world run a program on your system, which may not be the safest thing to do. Therefore, there are some security precautions that need to be implemented when it comes to using CGI programs.
One thing that should be done is to allow the CGI programs to reside in a special directory known as /cgi-bin. CGI programs are placed here so that the Web server knows to execute the program rather than just transmit it to the client which will attempt to display it in the browser.
The CGI directory is usually under direct control of the webmaster and the cgi-bin directory is assigned permissions that prohibit anybody accessing the database from creating their own CGI programs.
There are other ways to allow access to CGI scripts, but it is up to the webmaster to set these up. If your web server does not allow you to run CGI scripts at all, they can be placed on a different machine on the Internet and referred to in the web page that resides on the web server that does not allow CGI to be used. This is one way round the restriction.
A CGI program can be written in any language that may be executed on the system that contains the cgi-bin directory. Some of the options available are:
C/ C++
PHP
Fortran
PERL
TCL
Any Unix shell
Visual Basic
AppleScript
The choice of scripting language depends upon what you have available on your system and what function you wish the program to perform.
C++ is a high level object oriented programming language that is suitable for graphical applications and is suited to windowed environments.
PHP Hypertext Preprocessor is a server-side, HTML embedded scripting language that has a similar syntax to that of Perl or C. It is used to create dynamic Web pages.
In an HTML document, PHP script is enclosed within special PHP tags.
Because PHP is embedded within tags, the author can jump between HTML and PHP (similar to ASP and Cold Fusion) instead of having to rely on heavy amounts of code to output HTML. Another useful feature of PHP is that the client cannot view the PHP code because PHP is executed on the server.
PHP can perform any task any CGI program can do, but its
strength lies in its compatibility with many types of databases. Also,
PHP can talk across networks using many different networking protocols
such as IMAP, SNMP, NNTP, POP3, or HTTP.
PHP was created during 1994 by Rasmus Lerdorf. During
mid 1997, PHP version 3 (PHP3) was released. Today, PHP is shipped as standard
with a number of Web servers, including RedHat Linux.
FORTRAN is the oldest high-level programming language available. It was designed by John Backus for IBM in the late 1950s,and it is still popular today, particularly for scientific applications that require extensive mathematical computations.
Short for Practical Extraction and Report Language, Perl is a programming language that was developed by Larry Wall. It was especially designed for processing text.
Because of its strong text processing abilities, Perl has become one of the most popular languages for writing CGI scripts. Perl is an interpretive language (similar to BASIC), which makes it easy to build and test simple programs.
Tool Command Language is a powerful interpreted programming language developed by John Ousterhout. One of the main strengths of TCL is that it can be easily extended through the addition of custom TCL libraries. It is used for prototyping applications as well as for developing CGI scripts, though it is not as popular as Perl for the latter.
Sometimes called command shell, a shell is the command processor interface. The command processor is the program that executes operating system commands. The shell, therefore, is the part of the command processor that accepts commands.
Every operating system has a command processor. When the command prompt is displayed, the command processor is waiting for a command. After the user has entered a command, the command processor analyses the syntax to make sure the command is valid, and then either executes the command or issues an error warning. After verifying that the commands are valid, the shell sends the user’s commands to another part of the command processor to be executed.
UNIX systems offer a choice between several different shells, the most popular being the Cshell, the Bourne shell, and the Korn shell. Each offers a somewhat different command language.
VB is a programming language and environment that was developed by Microsoft especially for use in their windowed operating systems. Based on the BASIC language, Visual Basic was one of the first products to provide a graphical programming environment and a paint metaphor for developing user interfaces.
Although not a true object-oriented programming language in the strictest sense, Visual Basic nevertheless has an object-oriented philosophy. It is sometimes called an event-driven language because each object can react to different events such as a mouse click. It is useful because it allows programmers to quickly build prototype applications.
A scripting language developed by Apple Computer that is integrated into the MacOS starting with System 7.5. AppleScript provides an easy way to automate common tasks. AppleScript is also powerful enough to automate complex tasks and to customize the way applications behave.
AppleScript can be extended through Scripting Additions called OSAX. These add-on modules provide special resources and commands not available in the basic version of the language.
If the choice for CGI is a programming language like C, C++ or Fortran, it is necessary to compile the program before it will run. The compiled executable is then placed in the cgi-bin directory.
There is often another directory known as /cgi-src directory within which the source code for some of the CGI programs resides.
If the choice for CGI is one of the scripting languages instead, such as PERL, TCL, or a Unix shell, the script itself only needs to reside in the /cgi-bin directory, since there is no associated source code. This means that the script is interpreted rather than compiled into an executable file.
Many people prefer to write CGI scripts instead of programs, since they are easier to debug, modify, and maintain than a typical compiled program.
CGI was the first method by which dynamic interaction could be added to web pages. A directory known as cgi-bin contains programs or scripts which are referred to by links within web pages and activated by the user of the client program.
CGI provides a server-side method of giving extra functionality to web pages. CGI scripts or programs will slow the server’s performance and it may be wiser to employ client-side applications instead such as Java Applets.
There are many options available for use in CGI applications, each having its own specialism.
The major difference between these options is that the application languages need to be compiled and then placed into the cgi-bin directory. The processor can then run the program.
The scripting languages are interpreted, i.e. interpreted a line at a time and this can be helpful when debugging the scripts.
http://webopedia.internet.com/TERM/C/CGI.html
http://www.w3.org/CGI/
http://hoohoo.ncsa.uiuc.edu/cgi/intro.html