Parameters to a CGI program are transferred either in
the URL or in the body text of the request. The method used to pass
parameters is determined by the method
attribute to the <form>
tag. The GET method says to
transfer the data within the URL itself; for example, under the GET
method, the browser might initiate the HTTP transaction as
follows:
GET /cgi-bin/guestbook.pl?firstname=Joe&lastname=Schmoe HTTP/1.0
The POST method says to use the body portion of the HTTP request to pass parameters. The same transaction with the POST method would read as follows:
POST /cgi-bin/guestbook.pl HTTP/1.0
... [More headers here]
firstname=Joe&lastname=Schmoe
In both of these examples, you should recognize the firstname
and lastname
variable names that were defined
in the HTML form, coupled with the values entered by the user. An
ampersand (&) is used to separate the variable=value
pairs.
The server now passes the variable=value pairs to the CGI
program. It does this either through Unix environment variables or
in standard input (STDIN). If the CGI program is called with the GET
method, then parameters are expected to be embedded into the URL of
the request, and the server transfers them to the program by
assigning them to theQUERY_STRING environment variable. The CGI program
can then retrieve the parameters from QUERY_STRING as it would read
any environment variable (for example, from the %ENV
hash in Perl). If the CGI program is
called with the POST method, parameters are expected to be embedded
into the body of the request, and the server passes the body text to
the program as standard input (STDIN).
Other environment variables defined by the server for CGI store such information as the format and length of the input, the remote host, the user, and various client information. They also store the server name, the communication protocol, and the name of the software running the server. (We provide a list of the most common CGI environment variables later in this chapter.)
The CGI program needs to retrieve the information as appropriate and then process it. The sky’s the limit on what the CGI program actually does with the information it retrieves. It might return an anagram of the user’s name, or tell her how many times her name uses the letter “t,” or it might just compile the name into a list that the programmer regularly sells to telemarketers. Only the programmer knows for sure.
52.14.204.142