TOC Next Page

CGI Developer's Guide

Eugene Eric Kim Publishig

201 West 103rd Street, Indianapolis, Indiana 46290

Copyright © 1996 by Publishing


All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Neither is any liability assumed for damages resulting from the use of the information contained herein. For information, address Publishing, 201 W. 103rd St., Indianapolis, IN 46290.

International Standard Book Number: 1-57521-087-8

Library of Congress Catalog Card Number: 96-67129

99 — 98 — 97 — 96 ——————— 4 — 3 — 2 — 1

Interpretation of the printing code: the rightmost double-digit number is the year of the book's printing; the rightmost single-digit, the number of the book's printing. For example, a printing code of 96-1 shows that the first printing of the book occurred in 1996.

Printed in the United States of America

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Publishing cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.

President, Sams Publishing:

Richard K. Swadley

Publishing Manager:

Mark Taber

Managing Editor:

Cindy Morrow

Marketing Manager:

John Pierce

Assistant Marketing Manager:

Kristina Perry

Acquisitions Editor

Brad Jones

Sharon Cox

Development Editor

Angelique Brittingham

Software Development Specialist

Steve Straiger

Production Editor

Tonya R. Simpson

Copy Editors

Bart Reed
Kris Simmons
Stacey Houston
Beth Spencer
Anne Owen
Chuck Hutchinson

Technical Reviewers

Justin Bell
Kelly Held
Ian Anderson

Editorial Coordinator

Bill Whitmer

Technical Edit Coordinator

Lynette Quinn

Resource Coordinator

Deborah Frisby


Frank Sinclair

Editorial Assistants

Carol Ackerman
Andi Richter
Rhonda Tinch-Mize

Cover Designer

Alyssa Yesh

Book Designer

Alyssa Yesh

Copy Writer

Peter Fuller

Production Team Supervisor

Brad Chinn



Part I

Getting Started


Common Gateway Interface (CGI)


The Basics

Part II

The Fundamentals


HTML and Forms






Programming Strategies


Testing and Debugging CGI




CGI Security

Part III

Real-World Applications


Basic Applications






Multipart Forms and Maintaining State


Proprietary Extensions





CGI Reference


HTML Guide


Server-Side Includes

D Reference Guide


cgihtml Reference Guide


gd Reference Guide

Author Acknowledgments

The physicist and Nobel Laureate Richard Feynman once tried to prepare a freshman lecture on an obscure topic in physics. Feynman was unable to come up with a satisfactory lecture and suggested that because he was unable to teach it, he really did not understand it. Writing this book helped reveal my own weaknesses and knowledge deficiencies, and I hope I was able to adequately overcome them and write a concise and useful resource.

I could not write this book without the aid of many, many others. First, the countless and relatively anonymous souls on the Internet are largely responsible for my knowledge on the topic. Without the help of the many who read the newsgroups (especially comp.infosystems.www.authoring.cgi), who provide references on their own World Wide Web sites, and who contribute freely available code for everyone to use, I would never have learned so much so quickly about both the Web and CGI programming.

First, I must thank my acquisition editor at Sams Publishing, Brad Jones, who so patiently put up with my odd and very busy schedule and some late deadlines. Without his patience and belief in me, I would never have had the opportunity to write this book nor the faith to finish it. Thanks to the many others at Sams Publishing as well for their hard work in making this publication a reality.

Many odd chains of events led to my interest in this subject and the publication of this book. I must first thank the hard-working student members of the Harvard Computer Society (HCS) for providing me with the resources and opportunity to pursue my interest. Thanks also to the people at the Harvard Arts and Sciences Computer Services (HASCS), especially Mike Burner and Richard Steen, for hiring me to work on the Web at Harvard at a time when the Web was a new and unpredictable technology.

Thanks to Steve Brenner, former president of the Harvard Computer Society and the author of the widely used Perl library for first introducing me to the Web as well as providing guidance and advice throughout my four years in college. Thanks as well to many other members of the Harvard Computer Society for the excellent discussion; I learned much from my peers here.

Thanks to Ray Valdes, formerly the senior editor of Dr. Dobbs Journal, who realized the widespread interest in CGI programming and gave me my first opportunity to publish an article on an interesting and useful topic. Too many people to mention here contributed to my book in many ways; however, I must thank Ben Laurie—the author of the apache-ssl Web server—for helping me with technical matters, John Stafford for his review and extremely helpful comments on the database chapter, and Matt Howitt for his willingness to review and criticize the entire book.

Special thanks go to Greg Corbett, who both proofread some chapters and put up with me for four long, exciting years of college; Jay Sutaria, my programming partner in crime who helped refine my own knowledge of computer science and programming and also taught me the importance of sleep (or lack thereof); David Holland, to whom I almost always consulted to discuss complex technical and programming issues; and Terry Burnham, who rebuilt my confidence, helped prepare me to face the world and its many challenges, and provided constant advice and encouragement.

Finally, thanks and much love go to my mother, father, Sujean, and Jessica. I could not have accomplished this and many other things without their support and constant love.

Publisher Acknowledgements Publishing would like to thank Eric Garrison, Ian Anderson, and Christopher Stone for their last-minute help on this project.

About the Author

Eugene Eric Kim is a graduate of Harvard University. He has done programming work that ranges from working with neural networks to predicting the secondary structure of DNA to designing and implementing object-oriented, client/server systems using Perl. Mr. Kim, a published writer in magazines such as Dr. Dobb's Sourcebook, brings his vast knowledge of the Common Gateway Interface to bear as he shows you how to develop CGI applications.


I received my first Internet account in the summer of 1992 having just graduated from high school. E-mail, I discovered, was a wonderful thing, and when I enrolled in college in the fall, the first thing I did was get an e-mail account. My freshman year in college, I fell in love with the open environment of the Internet and the free sharing of ideas.

Circumstances led me to discover the World Wide Web before its explosion. I was fortunate enough to be around people who were familiar with the Web, to have the resources to access the Web, and to know how to find information on the Internet. Becoming knowledgable in the topic meant scrounging for information anywhere I could find it. It was all freely available on the Internet, but it was completely disorganized.

There is a great need for a comprehensive book on CGI programming that gathers all of the freely available information from the Internet into one convenient reference. Additionally, one thing that is difficult to obtain over the Internet is a very focused commentary on CGI programming based on much experience programming real applications.

This book is a comprehensive guide on programming CGI applications. I have included complete details on CGI and related protocols as well as detailed explanations. I have also included some conceptual chapters, including information about client/server applications, network security, and databases.

I am not a programmer by training. I believe strongly in learning by doing and by looking at other people's work. Consequently, most of this book is devoted to source code and examples. I highly encourage you to work through each example, and try duplicating some of these examples from scratch. Much of the book will become more meaningful as you gain experience programming CGI applications.

Who Should Read This Book

I wrote this book for the enthusiastic and the curious. You do not have to be an expert computer scientist or programmer to learn and master CGI programming. However, you must know at least one programming language and should have some basic programming experience. Your ability as a CGI programmer reduces to your ability as a programmer in general. After you learn the basic concepts and begin programming, you will rapidly gain the necessary knowledge and instincts to write effective applications.

Although the concepts in this book apply to any programming language, the examples are limited to C and Perl. C and Perl are two very popular CGI programming languages with different things to offer. It is useful to look at both C and Perl examples for similar tasks in order to understand some of the subtle distinctions between the different languages.

Most of the examples use the cgihtml library for C programs and for Perl. My Perl examples are written in Perl 4. I chose not to use Perl 5 because proper Perl 5 programming requires some understanding of object-oriented programming and other advanced features. Instead of distracting you with the nuances of Perl 5, I decided to use Perl 4 examples (which are compatible with the Perl 5 interpreter). If you know and are familiar with Perl 5, I highly recommend you look at Lincoln Stein's module, an excellent programming library for CGI applications. This and other libraries are included on the CD-ROM that accompanies this book.

Although knowing at least one progrmaming language (preferably either C or Perl) is required, sometimes books like this are useful tools for learning how to program in a language. You should not use this book as a beginner's guide to C or Perl, but I hope your programming skills in either language are strengthened by going through the examples and applying some of the concepts on your own.

Finally, this book is centered largely around UNIX, although again, most of the concepts and code are portable to all platforms. I have tried to keep as many examples as possible fairly general so that they apply to all platforms. Some of the more advanced topics and examples required a focus on at least one platform. In these cases, my discussion is based on the UNIX environment. On other, rarer occasions, I also include more advanced information on both the Windows and Macintosh environment. I include some references to more information regarding these other platforms in the reference section at the end of this book.

How to Use This Book

CGI Developer's Guide is divided into three sections. The first part is an introductory section, the second is devoted to a conceptual discussion of CGI programming, and the final section covers several real applications. This book is rated as an intermediate to advanced book, although again, the only real requirements are enthusiasm and curiosity (and at least one programming language).

If you are new to the Web or to CGI programming, I recommend you read all of Parts I and II. Those of you who are familiar with the Web or who just don't like reading books should read Chapter 1, "Common Gateway Interface (CGI)," and Chapter 2, "The Basics." Chapter 2 is a fairly comprehensive introduction with a slant on quickly applying the concepts. You should be able to write CGI applications after reading only Chapter 2. If you are already somewhat familiar with CGI programming, I recommend reading the chapters in Part II for a thorough conceptual discussion on CGI to reinforce your practical knowledge. You might also want to compare your own experiences with some of the code in Part III.

For most readers, I recommend beginning with Chapters 1 and 2. After trying some of the examples, read Chapter 10, "Basic Applications," and see how much you understand. Read Part II to reinforce your understanding of CGI. If you have a specific project in mind, you might want to try it at this point. Finally, go through each chapter in Part III thoroughly.

Conventions Used in This Book

This book uses certain conventions that make it easier for you to use.