1 / 73

Lecture 15 CGI Sessions Perl

Lecture 15 CGI Sessions Perl. CPE 401 / 601 Computer Network Systems. slides are modified from Dave Hollinger and Shwen Ho. Sessions. Many web sites allow you to establish a session. you identify yourself to the system.

sahkyo
Télécharger la présentation

Lecture 15 CGI Sessions Perl

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 15CGI SessionsPerl CPE 401 / 601Computer Network Systems slides are modified from Dave Hollinger and Shwen Ho

  2. Sessions • Many web sites allow you to establish a session. • you identify yourself to the system. • now you can visit lots of pages, add stuff to shopping cart, establish preferences, etc. CGI Sessions

  3. State Information • Remember that each HTTP request is unrelated to any other • as far as the Web server is concerned • Each new request to a CGI program starts up a brand new copy of the CGI program. • Providing sessions requires keeping state information. CGI Sessions

  4. Session Conversation Client Server Hi! I'm Joe. CGI1 Hi Joe (it's him again) Welcome Back... I wanna buy a cookie. CGI2 OK Joe, it will be there tomorrow. CGI Sessions

  5. Hidden Field Usage • One way to propagate state information is to use hidden fields. • User identifies themselves to a CGI program • fills out a form • CGI sends back a form that contains hidden fields that identify the user or session. CGI Sessions

  6. Revised Conversation Initial form has field for user name. GET /cgi1?name=joe HTTP/1.0 CGI1 creates order form with hidden field. GET/cgi2?name=joe&order=cookie HTTP/1.0 CGI Sessions

  7. Session Keys • Many Web based systems use hidden fields that identify a session. • When the first request arrives, the system generates a unique session key and stores it in a database. • The session key can be included in all forms/links generated by the system • as a hidden field or embedded in a link CGI Sessions

  8. Session Key Properties • Must be unique. • Should expire after a while. • Should be difficult to predict. • typically use a pseudo-random number generator seeded carefully. CGI Sessions

  9. Pizza Server Session Keys • We define a server to use session keys: <INPUT TYPE=HIDDEN NAME=sessionkey VALUE=HungryStudent971890237> • A request to order a pizza might look like this • all on one line GET /pizza.cgi?sessionkey= HungryStudent971890237&pizza=cheese&size=large HTTP/1.0 CGI Sessions

  10. HTTP Cookies • A "cookie' is a name,value pair that a CGI program can ask the client to remember. • The client sends this name,value pair along with every request to the CGI. • We can also use "cookies" to propagate state information. CGI Sessions

  11. Cookies are HTTP • Cookies are HTTP headers. • A server (CGI) can give the browser a cookie by sending a Set-Cookie header line with the response. • A client can send back a cookie by sending a Cookie header line with the request. CGI Sessions

  12. Set-Cookie Header Options The general form of the Set-Cookie header is: Set-Cookie: name=value; options The options include: expires=... domain=... path=... CGI Sessions

  13. Setting a cookie HTTP/1.0 200 OK Content-Type: text/html Set-Cookie: customerid=0192825 Content-Length: 12345 ... CGI Sessions

  14. expires Option • This tells the browser how long to hang on to the cookie. • The time/date format is very specific! expires=Friday 29-Feb-2000 00:00:00 GMT Weekday, Day-Month-Year Hour:Minute:Second GMT CGI Sessions

  15. Default expiration • If there is no expires option on the Set-Cookie header line, • the browser does not save the cookie to disk. • In this case, when the browser is closed it will forget about the cookie. CGI Sessions

  16. domain Option domain=.unr.edu • The domain option tells the browser the domain(s) to which it should send the cookie. • Domains as in DNS. • The domain must start with "." and contain at least one additional "." CGI Sessions

  17. Domain option rules • The server that sends the Set-Cookie header must be in the domain specified. • If no domain option is in the header, the cookie will only be sent to the same server. Default Behavior : CGI Sessions

  18. path Option path=/ or path=/~mgunes/cpe401 • The path option tells the browser what URLs the cookie should be sent to. CGI Sessions

  19. path default • If no path is specified in the header, • the cookie is sent to only those URLs that have the same path as the URL that set the cookie. • A path is the leading part of the URL • does not include the filename CGI Sessions

  20. Default Path Example If the cookie is sent from: /~mgunes/cpe401/pizza/pizza.cgi it would also be sent to /~mgunes/cpe401/pizza/blah.cgi but not to /~mgunes/cpe401/soda/pizza.cgi CGI Sessions

  21. Set-Cookie Fields • Many options can be specified. • Things are separated by ";" Set-Cookie: a=blah; path=/; domain=.cse.unrr.edu; expires=Thursday, 21-Feb-2002 12:41:07 2002 All must be on one line! CGI Sessions

  22. CGI cookie creation • A CGI program can send back any number of HTTP headers. • can set multiple cookies • Content-Type is required! • Blank line ends the headers! CGI Sessions

  23. C Example printf("Content-Type: text/html\r\n"); printf("Set-Cookie: prefs=nofrms\r\n"); printf("Set-Cookie: Java=yes\r\n"); printf("\r\n"); … now sends document content CGI Sessions

  24. Getting HTTP Cookies • The browser sends each cookie as a header: Cookie: prefs=nofrms Cookie: Java=OK • The Web server gives the cookies to the CGI program via an environment variable. CGI Sessions

  25. Multiple Cookies • There can be more than one cookie. • The Web Server puts them all together like this: prefs=nofrms; Java=OK and puts this string in the environment variable: HTTP_COOKIE CGI Sessions

  26. Cookie Limits • Each cookie can be up to 4k bytes. • One "site" can store up to 20 cookies on a user's machine. CGI Sessions

  27. Cookie Usage • Create a session. • Track user browsing behavior. • Keep track of user preferences. • Avoid logins. CGI Sessions

  28. Cookies and Privacy • Cookies can't be used to: • send personal information to a web server without the user knowing about it. • be used to send viruses to a browser. • find out what other web sites a user has visited.* • access a user's hard disk * although they can come pretty close to this one! CGI Sessions

  29. Some Issues • Persistent cookies take up space on user's hard disk. • Can be used to track your behavior within a web site. • This information can be sold or shared. • Cookies can be shared by cooperating sites • advertising agencies do this. CGI Sessions

  30. Perl • Practical Extration and Reporting Language • a high-level programming language • whose semantics are largely based on C • Designed for text manipulation • Very fast to implement • particularly strong at process, file and text manipulation • Runs on many different platform • Windows, Mac, Unix, Linux, Dos, etc Perl

  31. Running Perl • Perl scripts do not need to be compiled • interpreted at the point of execution • do not necessarily have a particular file extension • “.pl” is used commonly • Executing it via the command line command line> perl script.pl arg1 arg2 ... • Or add the line "#!/usr/bin/perl" to the start of the script if you are using unix/linux ./perlscript.pl • Remember to set the correct file execution permissions before running it Perl

  32. Beginning Perl • Every statement end with a semi colon ";" • Comments are prefixed at the start of the line with a hash "#" • Variables are assigned a value using the "=" • Variables are not statically typed, • No need to declare what kind of data you want to hold in them. • Variables are declared the first time you initialize them and they can be anywhere in the program. Perl

  33. Scalar Variables • Contains single piece of data • '$' character shows that a variable is scalar • Scalar variables can store • number • string • a chunk of text surrounded by quotes $name = "paul"; $year = 1980; print "$name is born in $year"; output: paul is born in 1980 Perl

  34. Arrays Variables (List) • Ordered list of data, separated by commas • '@' character shows that a variable is an array Array of numbers @year_of_birth = (1980, 1975, 1999); Array of string @name = ("Paul", "Jake", "Tom"); Array of both string and numbers @paul_address = (14,"Cleveland St","NSW",2030); Perl

  35. Retrieving data from Arrays • Printing Arrays @name = ("Paul", "Jake", "Tom"); print "@name"; • Accessing individual elements in an array @name = ("Paul", "Jake", "Tom"); print "$name[1]"; • What has changed? @name to $name • To access individual elements use the syntax $array[index] • Why did $name[1] print the second element? • index 0 represents the first element. Perl

  36. Arrays … @name = ("Paul", "Jake", "Tom"); Perl

  37. Basic Arithmetic Operators + Addition - Subtraction * multiplication / division ++ adding one to the variable -- subtracting one from the variable $a += 2 incrementing variable by 2 $b *= 3 tripling the value of the variable Perl

  38. Relational Operators Perl

  39. Control Operators - If if ( expression 1) { ... } elsif (expression 2) { ... } else { ... } Perl

  40. Iteration Structures • while (CONDITION) { BLOCK } • until (CONDITION) {BLOCK} • do {BLOCK} while (CONDITION) • for (INITIALIZATION ; CONDITION ; Re-INITIALIZATION) {BLOCK} • foreach VAR (LIST) {BLOCK} • for VAR (LIST) {BLOCK} Perl

  41. Iteration Structures $i = 1; while($i <= 5){ print "$i\n"; $i++; } for($x=1; $x <=5; $x++) { print "$x\n"; } @array = [1,2,3,4,5]; foreach $number (@array){ print "$number\n"; } Perl

  42. String Operations • Strings can be concatenated with the dot operator $lastname = "Harrison"; $firstname = "Paul"; $name = $firstname . $lastname; $name = "$firstname$lastname"; • Comparison can be done with the relational operator $string1 = "hello"; $string2 = "hello"; if ($string1 eq $string2) { print "they are equal"; } else { print "they are different"; } Perl

  43. String comparison using patterns • The ‘=~ ’ operator return true if the pattern within the ‘/’ quotes are found. $string1 = "HELLO"; $string2 = "Hi there"; # test if the string contains the pattern EL if ($string1 =~ /EL/) { print "This string contains the pattern"; } else { print "No pattern found"; } Perl

  44. Functions in Perl • No strict variable type restriction during function call • Perl has provided lots of useful functions • chop - remove the first character of a string • chomp - remove the carriage return character from the end of a string • push - append one or more element into an array • pop - remove the last element of an array and return it • shift - remove the first element of an array and return it • s - replace a pattern with a string Perl

  45. Functions in Perl • The "split" function breaks a given string into individual segments given a delimiter • split( /pattern/, string) returns a list @output = split (/\s/, $string); # breaks the sentence into words @output = split (//, $string); # breaks the sentence into single characters @output = split (/,/, $string); # breaks the sentence into chunks separated by a comma. • join ( /delimiter/, array) returns a string Perl

  46. Functions in Perl A simple perl function sub sayHello { print "Hello!!\n"; } sayHello(); Perl

  47. Executing functions in Perl • Function arguments are stored automatically in a temporary array called @_ sub sayHelloto { @name = @_; $count = @_; foreach $person (@name){ print "Hello $person\n"; } return $count; } @array = ("Paul", "Jake", "Tom"); sayHelloto(@array); sayHelloto("Mary", "Jane", "Tylor", 1, 2, 3); Perl

  48. Input / Output • Perl allows you to read in any input that is automatically sent to your program via standard input by using the handle <STDIN>. • Other I/O topics include reading and writing to files, Standard Error (STDERR) and Standard Output (STDOUT). • One way of handling inputs via <STDIN> is to use a loop to process every line of input Perl

  49. Input / Output • Count the number of lines from standard input and • print the line number together with the 1st word of each line. $count = 1; foreach $line (<STDIN>){ @array = split(/\s/, $line); print "$count $array[0]\n"; $count++; } Perl

More Related