Slide 13.6: Calling a CGI script (Perl)

Slide 13.5: Calling a CGI script (Perl)
Slide 13.7: CGI security concerns
Home

How to Construct My Memento (Cont.)

Calling a CGI (Common Gateway Interface) Script (Perl) This CGI script performs the following two tasks at least:

The blue part: This part is fixed most of the time and it is to retrieve user's data from the Web and put them into an associative array %FORM. For example, the variable $FORM{keyword} contains the value “Sioux” from the Web input:
```
 <input name="keyword" size="12" format="text" value="Sioux"/>
```
The yellow part: It does the actual processing and may call programs of embedded-SQL languages such as JDBC or 3G languages such as C.

~wenchen/public_html/cgi-bin/handheld/wml/ListItems.pl

#!/usr/bin/perl
#
# This script must be located in the directory of /cgi-bin .
#

# Send Content-type.
print "Content-type: text/vnd.wap.wml \n\n";

# Send WML header information.
print "<?xml version=\"1.0\"?>\n";
print "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\""
  . " \"http://www.wapforum.org/DTD/wml_1.2.xml\">\n";

# Retrieve Web argument values.
read( STDIN, $buffer, $ENV{'CONTENT_LENGTH'} );
@pairs = split( /&/, $buffer );
foreach $pair ( @pairs ) {
  ($name, $value) = split( /=/, $pair );
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $value =~ s/~!/ ~!/g;
  $FORM{$name} = $value;
}

print <<EndofWML;
<wml>
 <card title="DB Results">
  <p><br />
EndofWML

# For security, write the argument values to files.
open    ( fh, "> p1" );
syswrite( fh, $FORM{keyword}, 32 );
close   ( fh );
system  ( "/usr/bin/java ListItems" );

print <<EndofWML;
<br /><br />
   </p>
  </card>
</wml>
EndofWML