cgi-bin Programming

[diagram of client server communication]

cgi: Common Gateway Interface

cgi-bin programs are run on the server to generate HTML, or other content, dynamically. This requires transmission of data from the client to the server and back again, and also places a computational load on the server. Security is also an issue.

cgi-bin programs can be written in any programming language. Simple operations can be performed as shell scripts. Perl is popular for text transformations. C, Pascal and other programming languages can also be used.

cgi-bin Anchors:

cgi-bin programs can be invoked from ordinary HTML anchors. For example the following link runs the program `glookbib' which performs a bibliography search for the query Fisher statistics book

The raw HTML is:
<A HREF="http://www.csse.monash.edu.au/cgi-bin/glookbib?Fisher%20statistics%20book+~lloyd/public_html/INDEX"> Fisher statistics book</A>

Broken down into components the anchor consists of:

HTML	Comment
<A HREF="...	start the anchor
http://www. ... /	the server
cgi-bin/	the directory of cgi-bin programs on the server
glookbib	the program's name
?	introduces the parameters
Fisher%20statistics%20book	parameter_1, the search string, with the spaces coded as %20
+	separates parameters
~lloyd/.../INDEX	parameter_2, here the file name of an index
"> ... </A>	rest of the anchor syntax

We cannot leave cgi-bin anchors without mentioning the remarkable [postmodernism generator].

Forms and cgi-bin Programs:

Forms frequently activate cgi-bin programs. The bibliography search can be performed from the form below. Its `action' is to run another cgi-bin program `glookbib_search'. If you click on the `submit' button, the result of the search will be returned. The result's URL will be displayed in the browser's `location' window and should include parameter=value pairs separated by `&' and with spaces replaced by `+'.

Example Form
Search String:

How it is done:

HTML Comment

HTML	Comment
<FORM action=".../cgi-bin/glookbib_search" METHOD=GET> ... form elements ... </FORM>	There is an introduction to forms [here]. Note also that the index file parameter is of `TYPE=hidden`, which means that it is not displayed by the browser.

<FORM action=".../cgi-bin/glookbib_search"
 METHOD=GET>
 ...
 form elements
 ...
</FORM>

There is an introduction to forms [here].

Note also that the index file parameter is of TYPE=hidden, which means that it is not displayed by the browser.

<FORM ... METHOD="GET">

The form above uses the `get' method to give parameters to the cgi-bin program (get is the default). Get causes the parameters of the program to be supplied on its `command line'. It should therefore only be used when such parameters are "short".

<FORM ... METHOD="POST">

The second way of passing parameters to a cgi-bin program is by METHOD=POST. Here the parameters are available on the program's `standard input'. In this case the parameters can be arbitrarily long. For example the `echo' program on the forms page uses the post method. Parameter values do not appear in the URL when post is used.

Data Conversion

Parameters are encoded before being transmitted from a form to a cgi-bin program. This involves each space being replaced by a `+' and some characters (including a "real" +) being encoded in hexa-decimal (%dd). The parameters must be decoded by the cgi-bin program.

The following form is used elsewhere in some material on the Lambda Calculus. Using it, a simple interpreter can be run over the internet.

Example Form
let rec factorial = lambda n. if n=0 then 1 else n*factorial(n-1) in factorial 4

The form's action is

`cgiwrap' is the cgi-bin program that is initially called. It runs programs as an individual user, rather than as the web server itself. So, the program `lambda' is run. In this case `lambda' consists of the following shell-script:

#! /bin/csh
/bin/echo Content-type: text/plain
/bin/echo

limit cputime   1
limit filesize  0M
limit datasize  1M
limit stacksize 2M
limit coredumpsize 0M
limit memorysize 3M

/u/web/homes/lloyd/cgi-bin/convert | ....../Lambda/Lazy.out

if( $status != 0 ) then
/bin/echo '\
------------------------------------------------------------------------------\
Limits were exceeded - your program *might* be looping, possibly deliberately,\
(the web interpreter is limited to very small short runs)'
else
/bin/echo '\
------------------------------------------------------------------------------'
endif

/bin/echo '\
L.Allison, Department of Computer Science, Monash University, Australia 3168\
http://www.csse.monash.edu.au/~lloyd/'
/bin/date
exit 0

The shell script first echoes the mime-type of the material that will be returned to the browser, in this case text/plain:

/bin/echo Content-type: text/plain
/bin/echo

Note the blank line (second echo) that must follow.

The heart of the shell script is to run `convert', which undoes the parameter encoding, and pipe the result to the standard input of `Lazy.out', the interpreter.

The source code of the decoding program, convert.c, is [here]. The details of Lazy.out do not matter here; it is sufficient to know that it is a program that reads text from standard input and writes text to standard output.