An Exercise


The Mission
This exercise does not count any points. It is a preparation for laboratory assignments. For each assignment, students need to This exercise is to create a lab web interface by using the CGI (Common Gateway Interface) technology.



Implementation
Create a web interface at http://people.cs.und.edu/~userid/250/ by following the steps below:
  1. Apply for a UND Aerospace Unix account at the helpdesk in Room 160, Clifford Hall. Do not forget to bring your student ID card with you.

  2. Follow the instructions at Student Websites to create a lab interface as below:

    Select an Assignment and Enter the Password to Display the Code.

          Lab 1       Lab 2       Lab 3       Lab 4       Lab 5       Lab 6       Lab 7

      Password:                

    The HTML script can be found from here as below:

    ~/public_html/250/index.html
    
    <html>
     <head>
      <title>CSci250 Lab Interface</title>
     </head>
     <body>
    
      <table width="100%" height="70%">
       <tr>
        <td align="center" valign="middle">
         <table border="2" width="85%" bgcolor="lightgrey" cellpadding="10">
          <tr>
           <th bgcolor="#336699">
            <font color="#FFFFFF" size="+1">
             Select an Assignment and Enter the Password to Display the Code.
            </font>
           </th>
          </tr>
          <tr>
           <td><br />       
            <form method="post" action="http://people.cs.und.edu/~userid/cgi-bin/250/lab.pl">
             <input type="radio" name="lab" value="1" checked> Lab 1 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="2"> Lab 2 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="3"> Lab 3 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="4"> Lab 4 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="5"> Lab 5 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="6"> Lab 6 &nbsp; &nbsp; &nbsp;
             <input type="radio" name="lab" value="7"> Lab 7<br /><br />
             <center>
              &nbsp; Password:
              <input type="password" name="password" size="12" value="password">
              &nbsp; &nbsp; &nbsp; &nbsp;
              <input type="submit" name="button" value="Display the code"> &nbsp; &nbsp;
              <input type="reset"  name="button" value="Reset"> &nbsp; &nbsp;
              <input type="submit" name="button" value="Help">
             </center>
            </form>
           </td>
          </tr>
         </table>
        </td>
       </tr>
      </table>
     </body>
    </html>
    

    Copy the HTML script to the file ~/public_html/250/index.html, where the symbol ~ is the user's root in the Unix file system. The only thing in the script you have to modify is to change the userid in
      <form method="post" action="http://people.cs.und.edu/~userid/cgi-bin/250/lab.pl">
    to your Unix account identifier. Same change is applied to the first command as below.

  3. Open the interface for the World Wide Web by using the following commands:
      gandalf> chmod 755 ~/../userid
      gandalf> chmod 755 ~/public_html/
      gandalf> chmod 755 ~/public_html/250/
      gandalf> chmod 755 ~/public_html/250/index.html
    
  4. Follow the instructions at Writing CGI Scripts to write a CGI script. The following CGI code is to receive the data entered by users and display the assembly code:

    ~/public_html/cgi-bin/250/lab.pl
    
    #!/usr/bin/perl -w 
     
    use CGI; 
    $query    = new CGI; 
    $lab      = $query->param( "lab" ); 
    $button   = $query->param( "button" ); 
    $password = $query->param( "password" );
    
    if ( $button eq "Display the code" ) {
      if ( $password eq "password" ) {
        print( "Content-type: text/plain\n\n" );
        if ( $lab == 1 ) {
          system( "cat lab1.asm" );
        }
        elsif ( $lab == 2 ) {
          system( "cat lab2.asm" );
        }
        elsif ( $lab == 3 ) {
          system( "cat lab3.asm" );
        }
        elsif ( $lab == 4 ) {
          system( "cat lab4.asm" );
        }
        elsif ( $lab == 5 ) {
          system( "cat lab5.asm" );
        }
        elsif ( $lab == 6 ) {
          system( "cat lab6.asm" );
        }
        elsif ( $lab == 7 ) {
          system( "cat lab7.asm" );
        }
        else {
          print( "\n\n\n     No such lab: $lab" );
        }
      }  
      else {
        print( "Content-type: text/html\n\n" );
        print( "<br /><br /><br /><center><font size='+2'><b>Wrong password: </b>" );
        print( "<i>$password</i></font></center>" );
      }
    }
    elsif ( $button eq "Help" ) {
      print ( "Content-type: text/html\n\n" );
      system( "cat Help.html" );
    }
    else {
      print( "Content-type: text/html\n\n" );
      print( "<br /><br /><br /><center><font size='+2'><b>No such option: </b>" );
      print( "<i>$button</i></h2></center>" );
    }

    Copy the Perl script to the file ~/public_html/cgi-bin/250/lab.pl. You have to change the password “password” to a password you pick and write the password on the hard copy of the first lab assignment.

  5. For security, perform the following operations for the first time:
      gandalf> chmod 711 ~/public_html/cgi-bin/
      gandalf> chmod 711 ~/public_html/cgi-bin/250/
      gandalf> chmod 711 ~/public_html/cgi-bin/250/lab.pl*
    
    and perform the following operation everytime you post code:
      gandalf> chmod 700 ~/public_html/cgi-bin/250/lab?.asm*
    
    to block all read and write accesses from others to the files lab?.asm and lab.pl, which are located in the folder:
      ~/public_html/cgi-bin/250/
    
    lab?.asm is the file name of the lab source code such as lab1.asm and lab2.asm. Therefore, only users of this interface knowing the password can access the lab source files.


Evaluation