1 / 27

Internet / Intranet Spring 2000

Internet / Intranet Spring 2000. Class 8 Perl / CGI Scripting. Class 8 Agenda. Homework Discussion : Milestone #3 Presentations CGI Scripting Perl Telnet / UNIX Lab Work Telnet Basic UNIX Perl. CGI / Scripting. Scripts are Programs Run By the Server CGI – Common Gateway Interface

majed
Télécharger la présentation

Internet / Intranet Spring 2000

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Internet / IntranetSpring 2000 Class 8 Perl / CGI Scripting

  2. Class 8 Agenda • Homework Discussion : Milestone #3 • Presentations • CGI Scripting • Perl • Telnet / UNIX • Lab Work • Telnet • Basic UNIX • Perl Brandeis University Internet/Intranet Spring 2000

  3. CGI / Scripting • Scripts are Programs Run By the Server • CGI – Common Gateway Interface • Methodology For Server/Script Communication • Can Be Written in Any Language Supported By the Server • UNIX Origins • PERL is Most Common • Script Output is Returned to the Browser • Alternative Methodologies Exist • CGI is the Most Portable • PERL – Practical Extraction and Reporting Language • UNIX Based Scripting Language • Ported to Multiple Platforms • How Does Browser Know to Execute a Program? • Program is in a Script Directory • Typically cgi-bin (Apache) • Or By Extension (e.g. .pl, .cgi) • Scripts Must Have Executable Permissions Brandeis University Internet/Intranet Spring 2000

  4. Scripting Features • Scripts Can Have Input Parameters • Passed as Part of URL : ? Argument (Query String) • Special Characters Passed as % Ascii Hex Values • Name/Value Pairs : Separated by & • Variable • Passed in HTTP Header • Name/Value Pairs • Method = Post • HTML Forms • Passed in Cookies • Netscape Origins, Now Widely Adopted • Name/Value Pairs Associated With a URL • Stored on Client Computer • Users May Turn off Cookies • Scripts Must Be Aware of How Parameters are Being Passed • Different Methodology to Access Each Method • Parameters Also Used to Maintain State Information • Help Track a “Session” Brandeis University Internet/Intranet Spring 2000

  5. Scripting Issues • Security Concerns • No Limits on What CGI Scripts May Access • Potential to Execute Any System Command • Hacker Can Cause Serious and Unforeseen Problems • Potential to Affect More Than Just Your Web Site • Many ISP’s Limit CGI Capabilities • Performance Concerns • CGI Scripts are Run as a Standalone Process • E.g. Interpreter is Loaded and Initialized Each Time • Alternative to Posting Forms • Mailto Option Brandeis University Internet/Intranet Spring 2000

  6. Perl • Why Should I Learn Perl? • S/W Engineers Need to Be Adept at Picking Up New Languages • Need a “Comfort Level” of Expertise • Ability to Write Basic Code • Ability to View/Modify Existing Code • Ability to Learn More as Needed • Develop Reference “Library” • Develop “Guru” Network • Large Public Archives of Perl Scripts • Perl Basics • Interpreted • Originally Used Primarily By UNIX Sys-Admins • “Public Domain” • The preferred language for CGI Scripts • PERL is Relatively Portable • Activestate ActivePerl (Windows / IIS) • UNIX specific scripts dominate (Uses UNIX O/S Commands) Brandeis University Internet/Intranet Spring 2000

  7. Perl 101 • C-like • Lines end with ; • Syntax of Print statement is very similar • Pointers and indirection • VB-like • Untyped (except for arrays) • Associative arrays • UNIX-like • “Tricks” • e.g. $a = <> retrieves a line of input from stdin • support for regular expressions • doublequotes vs. singlequotes • all examples must contain foo • Perl-Like • Variables begin with $ • Comments begin with # • Subroutines Begin with & • Associative Arrays Begin with % Brandeis University Internet/Intranet Spring 2000

  8. Perl 102 • Powerful Features • Can run “command line” commands on O/S (system, `xxx`) • Can create code on the fly (eval) • Subroutine Libraries • Powerful Features Make it a Target of Hackers • Print is the Most Important Command • Generate HTML Using Print Statements • print “text to print \n” • Don’t forget carriage returns: \n • First Line: #! /usr/local/bin/perl • Output has Mime content-type as first line, blank line • print “Content-type: text/html \n\n”; Brandeis University Internet/Intranet Spring 2000

  9. A Simple Perl Example #! /usr/local/bin/perl # First Perl $myname=“Evan”; print <<END; Content-type: text/html <HTML> <HEAD> <TITLE> </TITLE> </HEAD> <BODY> END print “<H1>This is $myname ’s Test Perl Script.</H1>\n”; print “<H2>Hello World</H2>\n”; print “</BODY>\n”; print “</HTML>\n”; Brandeis University Internet/Intranet Spring 2000

  10. Class Exercise: First Perl • Save This Locally as perl1.pl • Open a Command Prompt: • perl.exe perl1.pl • Once You Are Satisfied With the HTML Produced • Upload This via FTP to public_html/cgi-bin in your ShoreNet Account • Remember to Transfer this In ASCII Mode! • Give the Script Execute Permissions For All • Right Button Click / chmod in WS_FTP • http://shell3.shore.net/~brinetxx/cgi-bin/perl1.pl Brandeis University Internet/Intranet Spring 2000

  11. Advanced Exercise • Create a Script Like the One in Stein p.481 • Typo: for each should be foreach • Put it On Your Web Site • Remember to Give the Script the Appropriate Permissions • OPTIONAL Homework: Install a Perl Interpreter On Your Local Machine • Read Stein Chapter 9. Skim Chapter 8. Brandeis University Internet/Intranet Spring 2000

  12. Telnet • Telnet is a Remote Login Protocol • Terminal Emulation • All Processing Occurs on Host • Command Line Interface • Port 23 • Used Extensively for UNIX Machines / Multiuser Systems • Why Do We Care? • Remote Administration of Web Site • Configuring Web Servers, Setting Permissions Brandeis University Internet/Intranet Spring 2000

  13. Sample Telnet Session telnet world.std.com Trying 192.74.137.5... Connected to world.std.com. Escape character is '^]'. UNIX System V.4 (world) login: evan Password: xxxxx Last login: Sun Jan 23 16:03:36 from fxtc2-c.std.com Welcome to The World! A 24 x 250MHZ CPU 2.5GB SGI Challenge XL world% DNS Resolves the Name to an IP Address Found the Telnet Server at This IP Address Host Information Login Successful UNIX Command Prompt Brandeis University Internet/Intranet Spring 2000

  14. UNIX - Background • UNIX Developed at AT&T Bell Labs – 1969 • Multi-User / Multi-Tasking • Many Other Proprietary Operating Systems Existed • Schools Adopted UNIX as “Teaching” Environment • Schools Made Significant Additions and Changes • Standardization Efforts • Culture of Sharing / Helping / Working Together • Free Software Foundation, etc. • Put Source-Code in Public Domain • Many Other “Free” Add-Ons / Extensions • LINUX UNIX Expects Technical Competence Brandeis University Internet/Intranet Spring 2000

  15. UNIX File Structure • Forward Slashes (/) to Separate Filenames, Directories • Case Sensitive File Names • Windows is Not • No Limit on Filename Size / Extensions • Extensions are by Convention • Root is “/” • User Home Directory is: “~/” • Symbolic Links / Aliases • Directories Can Be Spread Over Multiple Drives • Can Create Non-Hierarchical Structure • File Permissions • Read, Write, Execute • Separate Permissions for Owner, Group, All • Directories are Special Cases of Files • Execute Permissions = Able to Browse Directory Brandeis University Internet/Intranet Spring 2000

  16. Common Basic UNIX Commands • pwd : List the current working directory • More filename : List the Contents of a File • ls : Lists the files in a directory • ls –l • Permissions: drwxrwxrwx • d – If this is a directory • r,w,x – Read, Write, Execute • Owner, Group, Public • Owner, Filesize, Timestamp, Filename • cd – change directory • cd ~/ • Change to Your Root Directory • chmod • Changes Permissions • Don’t Use This Command Until You’re Sure About It • Can Open Up Serious Security Holes Brandeis University Internet/Intranet Spring 2000

  17. More Unix Commands • man command • UNIX help • e.g. man ls • cat filename • List a file • command | more • All Output can be “piped” to Display one Screen at a Time • e.g. cat filename | more • Carriage return – next page • q – quit • cp path1 path2 • Copy a File • mv path1 path2 • Move a File. Useful for Renaming a file Brandeis University Internet/Intranet Spring 2000

  18. The UNIX chmod Command • “UNIX” Mode • chmod abc filename • Where a,b,c are digits from 0 to 7 (Bit Mask) • 4 – Read, 2 – Write, 1 – Execute • a – owner, b – group, c- others • e.g. chmod 711 myscript.cgi • Sets permissions on file myscript.cgi so that: • It is readable, writable, and executable by owner • It is executable by all others. • An “Easier” Way • chmod u=rwx,g=x,o=x • u – owner (user), g – group, o – other (Not Owner!) • r – read, w –write, x – execute Brandeis University Internet/Intranet Spring 2000

  19. A Caveat • UNIX Culture – Developer Oriented • Read Access Often Given For Non-Confidential Files • User Responsibility to Not Abuse It • Be Respectful When Not in Your User Directory Brandeis University Internet/Intranet Spring 2000

  20. Lab Work: Telnet • From a command prompt type: telnet • Connect/Remote System • Host Name: users.shore.net • Login: brinetxx [Your Shorenet Login] • Password: [Your Shorenet password] • ls –l • cd public_html • ls –l • cd bin • chmod perl1.pl 600 • Try to access the Script Now • chmod perl1.pl 755 • ls -l • cd ~/ • ls –l • logout Brandeis University Internet/Intranet Spring 2000

  21. Reference Material • CGI / PERL • Stein Chapter 9 • http://www.activestate.com/ActivePerl • Freeware ActivePerl Interpreter For Microsoft Platforms • http://www.shore.net/techtalk/referenceold/cgi.html • ShoreNet’s CGI Reference Page • http://www.webdeveloper.com/cgi-perl • CGI/Perl Portal • http://agora.leeds.ac.uk/Perl/start.html • A Perl tutorial • http://worldwidemart.com/scripts/ • Free CGI Scripts (Matt’s Script Archive) Brandeis University Internet/Intranet Spring 2000

  22. Processing Forms – The Server Side • Target of Forms is Usually a CGI Script • Script Requirements • 1. Parse the Data • 2. Process the Data • 3. Return Data to the User • Raw HTML or Another Form • Data Flow Options • Each Script Handles a Specific Form • Form in Plain HTML • Script in Perl • One Script Handles Multiple Forms • Selects Action Based on Data Passed In • All in Perl Brandeis University Internet/Intranet Spring 2000

  23. Scripting – Parsing Data • GET vs. PUT • Each Requires Different Logic • Parsing is Not Trivial • All Parameters Passed in On One Line • Each Name/Value Pair Separated by & • Name Separated From Value by = • Special Character Encoding Complicates It • E.g. Value May Contain &,= • Error Handling • Typically Use a Library to Parse Data • Public Domain • Cgi.pm – Perl5 Object Oriented • Used by Stein • Cgi-lib.pl – Basic Perl • Used by Schapiro • Others Brandeis University Internet/Intranet Spring 2000

  24. CGI-LIB • http://cgi-lib.berkeley.edu/ • Using This Library in Perl • Download Library From Website • Version 2.18 – Latest Version • More Robust • Supports Saving File Uploads as Files • Version 1.14 – Easier to Understand • Use This Version to Understand cgi-lib Code • Install it in cgi-bin Directory • Perl Code: • require (“cgi-lib.pl”); • &ReadParse(); • More Perl Info • require – Includes Another File • %varname – Associative Arrays • Use Braces {} to Index, $ prefix • e.g. $varname { ‘keyname’ } Brandeis University Internet/Intranet Spring 2000

  25. ReadParse Subroutine in cgi-lib • ReadParse Subroutine • Reads in Both Get and Put Data • Converts Encoding to Plain Text • Puts Key/Value Pairs in %in • %in is an Associative Array • To Access a Value: • $in { ‘keyname’ } • To Access Each Key/Value Pair foreach $keyname (sort keys (%in)) print “$keyname $in {$keyname }; } Example Brandeis University Internet/Intranet Spring 2000

  26. In Class Exercise • Modify Last Weeks Script to Accept User Name via a Form • Step 1: Install cgi-lib in Your bin Directory • Make Sure to Set Permissions Correctly • Step 2: Make a Copy of perl1.pl • Name it perl2.pl • Step 3: Edit perl2.pl • Add these lines: require (“cgi-lib.pl”); &ReadParse(); • Replace $myname=‘xxx’; with $myname = $in { ‘username’ }; • Copy it to Your Shorenet cgi-bin directory Brandeis University Internet/Intranet Spring 2000

  27. In Class Exercise (2) • Step 4: Create a Simple Form To Accept User Name <html><head></head><body> <form method=“post” action=http://users.shore.net/~brinetxx/cgi-bin/perl2.pl> Enter name: <input type=“text” name=“username” value=“default”><br> <input type=“submit” Value=“submit”> </form> </body></html> • Copy it to Your Shorenet Public_html Directory • Step 5: Try It! • When You Are Done • Review Sample Scripts / Demos Brandeis University Internet/Intranet Spring 2000

More Related