What is CGI
CGI is currently maintained by NCSA, and NCSA defines CGI as follows:
CGI (Common Gateway Interface), a universal Gateway interface, is a program that runs on a server such as an HTTP server, providing an interface with the client HTML page.
Web browsing
To get a better idea of how CGI works, we can click on a link or URL from the Web page:
1. Use your browser to access the URL and connect to the HTTP Web server.
2. When the Web server receives the request information, it resolves the URL and finds whether the file accessed exists on the server and returns an error message if there is the contents of the returned file.
3. The browser receives the information from the server and displays the received file or error message.
CGI programs can be Python scripts, Perl scripts, shell scripts, C or C + + programs, and so on.
CGI Frame composition
Web server support and configuration
Before you perform CGI programming, make sure that your Web server supports CGI and a CGI-configured handler.
All HTTP server execution CGI programs are saved in a pre-configured directory. This directory is called the CGI directory and, by convention, it is named the/var/www/cgi-bin directory.
CGI files with the. cgi,python extension can also use the. py extension.
By default, the Linux server configuration runs in the Cgi-bin directory as/var/www.
If you want to specify other directories that run CGI scripts, you can modify the httpd.conf configuration file as follows:
<directory "/var/www/cgi-bin" >
AllowOverride None
Options execcgi
Order Allow,deny
Allow from all
</Directory>
<directory "/var/www/cgi-bin" >
Options All
</Directory>
The first CGI program
We use Python to create the first CGI program, the file name is hellp.py, the file is in the/var/www/cgi-bin directory, the content is as follows, the permission to modify the file is 755:
#!/usr/bin/python
Print "content-type:text/html\r\n\r\n"
print '
print '
print ' <title>hello word-first CGI program</title> '
print '
print ' <body> '
print '
print ' </body> '
print '
The above program in the browser access displays the results as follows:
Hello word! This is my first CGI program
This hello.py script is a simple Python script where the first output of the script "content-type:text/html\r\n\r\n" is sent to the browser and tells the browser that the content type shown is "text/html".
HTTP Header
The "content-type:text/html\r\n\r\n" in the contents of the hello.py file is part of the HTTP header, which is sent to the browser to tell the browser the content type of the file.
The HTTP header format is as follows:
HTTP Field Name: Field contents
For example
content-type:text/html\r\n\r\n
The following table describes the frequently used information in the HTTP header in CGI programs:
Head
Describe
Content-type: The requested MIME information that corresponds to the entity. Example: content-type:text/html
Expires:date the date and time the response expires
The Location:url is used to redirect the receiver to the location of the non-request URL to complete the request or identify the new resource
Last-modified:date last modified time to request resources
Content-length:n the requested content length
Set-cookie:string Setting HTTP Cookies
CGI Environment variables
All CGI programs receive the following environment variables, which play an important role in CGI programs:
Variable name
Describe
Content_Type the value of this environment variable indicates the MIME type of the information being passed. Currently, the environment variable content_type is generally: application/x-www-form-urlencoded, who says the data comes from an HTML form.
Content_length if the server and CGI program information is passed as post, this environment variable is the number of bytes of valid data that can be read from the standard input stdin. This environment variable must be used when reading the input data.
Http_cookie the COOKIE content within the client.
Http_user_agent provides customer browser information that contains a version number or other proprietary data.
Path_info the value of this environment variable represents the other path information immediately following the CGI program name. It often appears as a parameter to a CGI program.
Query_string if the server and CGI program information is passed in a get, the value of this environment variable even if the information is passed. This information is followed by the CGI program name, with a question mark '? ' in between. Separated.
REMOTE_ADDR the value of this environment variable is the IP address of the client sending the request, such as 192.168.1.67 above. This value is always present. And it is a unique identifier that Web clients need to provide to the Web server, which can be used in a CGI program to differentiate between different Web clients.
Remote_host the value of this environment variable contains the host name of the client that sent the CGI request. If you do not support the query, you do not need to define this environment variable.
Request_method provides the method that the script is called. For scripts that use the http/1.0 protocol, only get and POST make sense.
Full path to the Script_filename CGI script
Script_name the name of the CGI script
Server_Name This is the host name, alias, or IP address of your WEB server.
Server_software the value of this environment variable contains the name and version number of the HTTP server that called the CGI program. For example, the value above is apache/2.2.14 (Unix)
The following is a simple CGI script that outputs CGI environment variables:
#!/usr/bin/python
Import OS
print "content-type:text/html\r\n\r\n";
Print "<font size=+1>environment</font><\br>";
For Param in Os.environ.keys ():
Print "<B>%20S</B>:%s<\br>"% (param, Os.environ[param])
Get and Post methods
The browser client passes information to the server in two ways, both the GET method and the POST method.
Using the Get method to transfer data
The Get method sends the encoded user information to the server side, and the data information is included on the URL of the request page with "?". The number is divided as follows:
Http://www.test.com/cgi-bin/hello.py?key1=value1&key2=value2
Some additional comments about the GET request:
Get requests can be cached
GET requests remain in browser history
Get requests can be bookmark-Favorites
GET requests should not be used when handling sensitive data
Get request has a length limit
GET requests should only be used to retrieve data
Simple URL instance: Get method
Here is a simple URL that uses the Get method to send two parameters to a hello_get.py program:
/cgi-bin/hello_get.py?first_name=zara&last_name=ali
The following is the code for the hello_get.py file:
#!/usr/bin/python
# CGI Processing module
Import CGI, CGITB
# Create an instantiation of a fieldstorage
form = CGI. Fieldstorage ()
# Get Data
first_name = Form.getvalue (' first_name ')
last_name = Form.getvalue (' last_name ')
Print "content-type:text/html\r\n\r\n"
Print "
Print "
Print "<title>hello-second CGI program</title>"
Print "
Print "<body>"
Print "
Print "</body>"
Print "
Browser Request output:
Hello ZARA ALI
Simple Form instance: Get method
Here is an HTML-based form that uses the Get method to send two data to the server, and the submitted server script is also a hello_get.py file with the following code:
<form action= "/cgi-bin/hello_get.py" method= "Get" >
First Name: <input type= "text" name= "first_name" > <br/>
Last Name: <input type= "text" name= "last_name"/>
<input type= "Submit" value= "Submit"/>
</form>
Passing data using the Post method
Using the Post method to pass data to the server is more secure and reliable, such as sensitive information such as user passwords and the need to use post to transmit data.
The following is also hello_get.py, which can also handle post form data submitted by the browser:
#!/usr/bin/python
# Introduction of CGI Modules
Import CGI, CGITB
# Create Fieldstorage instances
form = CGI. Fieldstorage ()
# get form data
first_name = Form.getvalue (' first_name ')
last_name = Form.getvalue (' last_name ')
Print "content-type:text/html\r\n\r\n"
Print "
Print "
Print "<title>hello-second CGI program</title>"
Print "
Print "<body>"
Print "
Print "</body>"
Print "
Here is how the form submits data to the server script hello_get.py via the Post method:
<form action= "/cgi-bin/hello_get.py" method= "POST" >
First Name: <input type= "text" name= "first_name" ><br/>
Last Name: <input type= "text" name= "last_name"/>
<input type= "Submit" value= "Submit"/>
</form>
Passing checkbox data through a CGI program
The checkbox is used to submit one or more option data with the following HTML code:
<form action= "/cgi-bin/checkbox.cgi" method= "POST" target= "_blank" >
<input type= "checkbox" Name= "Maths" value= "on"/> Maths
<input type= "checkbox" Name= "Physics" value= "on"/> Physics
<input type= "Submit" value= "Select Subject"/>
</form>
The following is the code for the checkbox.cgi file:
#!/usr/bin/python
# Introduction of CGI Processing module
Import CGI, CGITB
# Create an instance of Fieldstorage
form = CGI. Fieldstorage ()
# Receive field data
If Form.getvalue (' Maths '):
Math_flag = "On"
Else
Math_flag = "OFF"
If Form.getvalue (' Physics '):
Physics_flag = "On"
Else
Physics_flag = "OFF"
Print "content-type:text/html\r\n\r\n"
Print "
Print "
Print "<title>checkbox-third CGI program</title>"
Print "
Print "<body>"
Print "
Print "
Print "</body>"
Print "
Passing radio data through a CGI program
Radio only passes one data to the server, the HTML code is as follows:
<form action= "/cgi-bin/radiobutton.py" method= "post" target= "_blank" >
<input type= "Radio" name= "subject" value= "maths"/> Maths
<input type= "Radio" name= "Subject" value= "Physics"/> Physics
<input type= "Submit" value= "Select Subject"/>
</form>
The radiobutton.py script code is as follows:
#!/usr/bin/python
# Import modules for CGI handling
Import CGI, CGITB
# Create instance of Fieldstorage
form = CGI. Fieldstorage ()
# Get data from fields
If Form.getvalue (' Subject '):
Subject = Form.getvalue (' subject ')
Else
Subject = "Not set"
Print "content-type:text/html\r\n\r\n"
Print "
Print "
Print "<title>radio-fourth CGI program</title>"
Print "
Print "<body>"
Print "
Print "</body>"
Print "
Passing Textarea data through a CGI program
TextArea passes multiple lines of data to the server, with the following HTML code:
<form action= "/cgi-bin/textarea.py" method= "post" target= "_blank" >
<textarea name= "Textcontent" cols= "+" rows= "4" >
Type your text here ...
</textarea>
<input type= "Submit" value= "Submit"/>
</form>
The textarea.cgi script code is as follows:
#!/usr/bin/python
# Import modules for CGI handling
Import CGI, CGITB
# Create instance of Fieldstorage
form = CGI. Fieldstorage ()
# Get data from fields
If Form.getvalue (' Textcontent '):
Text_content = Form.getvalue (' textcontent ')
Else
Text_content = "Not entered"
Print "content-type:text/html\r\n\r\n"
Print "
print "
Print "<title>text area-fifth CGI program</title>"
Print "
Print "<body>"
Print "
Print "</body>"
Passing pull-down data through a CGI program
The HTML drop-down box code is as follows:
<form action= "/cgi-bin/dropdown.py" method= "post" target= "_blank" >
<select name= "Dropdown" >
<option value= "Maths" selected>maths</option>
<option value= "Physics" >Physics</option>
</select>
<input type= "Submit" value= "Submit"/>
</form>
The dropdown.py script code looks like this:
#!/usr/bin/python
# Import modules for CGI handling
Import CGI, CGITB
# Create instance of Fieldstorage
form = CGI. Fieldstorage ()
# Get data from fields
If Form.getvalue (' dropdown '):
Subject = Form.getvalue (' dropdown ')
Else
Subject = "Not entered"
Print "content-type:text/html\r\n\r\n"
Print "
Print "
Print "<title>dropdown box-sixth CGI program</title>"
Print "
Print "<body>"
Print "
Print "</body>"
Print "
Using cookies in CGI
In the HTTP protocol a big drawback is not to make the user's identity judgment, so that the programmer to bring great inconvenience,
The advent of the cookie function compensates for this shortcoming.
All cookies are written on the client's hard drive through the client's browser while the client accesses the script, and when the next client accesses the script, it retrieves the data information, which is used in the password judgment.
The syntax of a cookie
HTTP cookie is sent through the HTTP header to achieve, he was earlier than the file transfer, the head Set-cookie syntax as follows:
Set-cookie:name=name;expires=date;path=path;domain=domain;secure
Name=name: The value of the cookie needs to be set (name cannot use ";" and ","), with multiple name values separated by ";" For example: Name1=name1;name2=name2;name3=name3.
Expires=date:cookie expiration date, format: expires= "wdy,dd-mon-yyyy HH:MM:SS"
Path=path: Sets the path supported by the cookie, if path is a path, then the cookie takes effect for all files and subdirectories in this directory, for example: Path= "/cgi-bin/", if path is a file, the cookie means that the file is in effect, For example: Path= "/cgi-bin/cookie.cgi".
Domain=domain: The domain name that is valid for the cookie, for example: domain= "www.chinalb.com"
Secure: If this flag is given, it means that the cookie can only be passed through an HTTPS server on the SSL protocol.
The receipt of a cookie is implemented by setting the environment variable Http_cookie, which can be retrieved by the CGI program to obtain cookie information.
Cookie settings
Cookies are very simple to set up, and cookies are sent separately in the HTTP header. The following example sets the UserID and Password in the cookie:
<pre>
#!/usr/bin/python
Print "set-cookie:userid=xyz;\r\n"
Print "set-cookie:password=xyz123;\r\n"
Print "Set-cookie:expires=tuesday, 31-dec-2007 23:12:40 GMT"; \ r \ n "
Print "set-cookie:domain=www.ziqiangxuetang.com;\r\n"
Print "set-cookie:path=/perl;\n"
Print "content-type:text/html\r\n\r\n"
........... Rest of the HTML Content ....
The above example uses the Set-cookie header information to set the cookie information, optionally setting the other attributes of the cookie, such as expiration time expires, domain name, path. This information is set before "content-type:text/html\r\n\r\n".
Retrieving cookie Information
The Cookie Information retrieval page is very simple and the cookie information is stored in the CGI environment variable Http_cookie, which is stored in the following format:
Key1=value1;key2=value2;key3=value3 ....
The following is a simple CGI procedure for retrieving cookie information:
#!/usr/bin/python
# Import modules for CGI handling
From OS import environ
Import CGI, CGITB
If Environ.has_key (' Http_cookie '):
For cookies in map (strip, Split (environ[' Http_cookie '), '; ')):
(key, value) = Split (cookie, ' = ');
If key = = "UserID":
user_id = value
If key = = "Password":
Password = value
Print "User ID =%s"% user_id
Print "Password =%s"% Password
The above script output results are as follows:
User ID = XYZ
Password = XYZ123
File Upload instance:
HTML Settings The form of the upload file needs to be set enctype property to Multipart/form-data, as shown in the code below:
<body>
<form enctype= "Multipart/form-data"
action= "save_file.py" method= "POST" >
<p>file: <input type= "File" name= "filename"/></p>
<p><input type= "Submit" value= "Upload"/></p>
</form>
</body>
The save_file.py script file code is as follows:
#!/usr/bin/python
Import CGI, OS
Import CGITB; Cgitb.enable ()
form = CGI. Fieldstorage ()
# Get file name
Fileitem = form[' filename ']
# detect if files are uploaded
If Fileitem.filename:
# Set File path
fn = Os.path.basename (fileitem.filename)
Open ('/tmp/' + FN, ' WB '). Write (Fileitem.file.read ())
Message = ' The file ' ' + fn + ' was uploaded successfully '
Else
message = ' No file ' was uploaded '
print "" \
Content-type:text/html\n
<body>
<p>%s</p>
</body>
"" "% (message,)
If the system you are using is Unix/linux, you must replace the file delimiter, and only use the open () statement under window:
fn = Os.path.basename (fileitem.filename.replace ("\ \", "/"))
File Download dialog box
If we need to provide users with a file download link, and after the user click the link to pop up the file Download dialog box, we set the HTTP header information to implement these functions, the function code is as follows:
#!/usr/bin/python
# HTTP Header
print "Content-type:application/octet-stream; Name=\ "filename\" \ r \ n ";
print "content-disposition:attachment; Filename=\ "filename\" \r\n\n ";
# Actual File Content would go hear.
fo = open ("Foo.txt", "RB")
str = Fo.read ();
Print str
# Close Opend File
Fo.close ()