| ASP |
| CGI |
| FrontPage |
| HTML |
| Java |
| JavaScript |
Visit the Mortgage Loan Place for Home Loans and also click here to find VA Loans on our site. 
|
This is part of a series of articles discussing CGI processing.
Part I introduces the basic HTML elements
that are used to create a form. Part II
discusses how those elements are transferred to the web server
and processed by a CGI program. Part III
discusses the difference between POST and GET. Finally,
Part IV shows how data collected by a CGI program can be stored
on the server.
Part IV: Back End Processing
After the form data has been sent to the web server, a CGI program will have the opportunity process and save the data. CGI programs can connect to databases, local text files, and even other web sites. In fact, a CGI program can do anything that a normal program can do. On Unix machines, the httpd (web server) often runs with few permissions (usually as "nobody") and therefore has only limited access to read and write files on the local system. This is important because it minimizes the security risks that are taken.The simplest method of saving data from a form is to write it to a local file. This file, however, must have read/write permissions available to the web server daemon (httpd). As mentioned earlier, it often runs as "nobody" and therefore any files that you want to read or write will have to be marked as writable to the world -- chmod o+w filename. Look at the highlighted permissions from the output from ls -l:
-rw-rw-r-- 1 dzs users 14191 Oct 24 17:50 msft.txtIn the example above, the file msft.txt can be read and written owned by user dzs. Anyone in the group users can also read and write the file. However, everyone else can read the file but cannot write to it. After typing chmod o+w msft.txt, the permissions have changed:
-rw-rw-rw- 1 dzs users 14191 Oct 24 17:50 msft.txtNow, everyone can read a write the file -- this includes the httpd and your CGI programs -- and everyone else. It's probably a better idea to create a separate group for httpd and users who will be writing CGI programs.
The following sample script writes all the data that it collects in a form to a local file.
The script can accept both POST and GET methods for sending CGI data. When things go wrong, however, it's always a good idea to have some debugging tools available. This script can accept CGI parameters on its command line. So, for instance, from a Unix shell:
./fileform.pl in=Hello+There this=that button=SubmitThe example above is the same as entering a URL like the following:
.../cgi-bin/fileform.pl?in=Hello+There&this=that&button=SubmitWhen entering data on the Unix shell command line, remember that characters like & and ; are special and need to be escaped with \ first -- \& and \;
Also, because this CGI program writes to a local file, you'll need to make sure that the permissions are set correctly before running it (see above). In other words, if it runs fine in your Unix shell but then chokes when run from the web browser, there's probably something wrong with the file's permissions or possibly the environment, such as the PATH.
Performing debugging can be quite a chore. So, check out the CGI debugger, available here. There is a lot of good information available to help you learn about CGI programming. I encourage you to check out the links below to learn more.
Learning more about CGI Forms
- Part I: Introduction
- Part II: Sending Form Data
- Part III: Post vs Get
- Part IV: Back End Processing - this document
Author: Doug Steinwand
Date: [02/17/98]
More articles about CGI
More articles by Doug Steinwand
Author Biography
