Perl and CGI

Tom Kelliher, CS 325

Sept. 7, 2011




From Last Time

Defense mechanisms, controls, and effectiveness.


  1. Perl/CGI introduction and comments.

  2. Lab.

Coming Up


Perl/CGI Introduction

A Few Comments on Perl

  1. Delimiting code blocks -- always use { and }.

  2. Arrays in list and scalar modes.

  3. Subroutines retrieve their parameters through @_:
    sub foo
       (my $refCount, my @inodeList) = @_;

  4. One way to iterate through an array:
    my $sum = 0;
    foreach my $current (@data)
       sum += $current;

  5. Subroutines can return lists:
    return ($i, $j, 1, 2);

Using to Generate HTML

  1. First of all, it can all be done manually.

  2. A small sample:
    print header;
    print start_html(-title=>"MinMax Example",
                     -bgcolor=>"#80ffff"), "\n";
    print h2("Hi $name!!"), "\n";
    print p, "\n";
    print h3("Min: $minmax[0].  Max: $minmax[1]."), "\n";
    print end_html;

CGI Interactions


CGI application must generate more than a plain HTML document. Consider:
Content-Type: text/html\n\n

MinMax Form Example

  1. Structure of an HTML document.

  2. <BODY> attributes.

  3. <FORM> structure:
    1. Attributes:
      1. Method:

        POST: form parameters passed to application via STDIN. Safer.

        GET: form parameters made a part of the action URL.

      2. Action: URL of the application which will process the form data.

    2. <INPUT>:
      1. Text: name, size (of text box), maxlength (of input string).

      2. Submit.

minmax.html Example

  1. What data will be sent to the application? How many pieces of data?

  2. If the form fields read ``Tom'' and ``45,6'', what string is passed to the application?

Perl CGI Programs

  1. Accessing in function-oriented mode:
    use CGI qw(:standard);

  2. Accessing the form parameters:
    my $name = param("name");
    Works for both POST and GET.

  3. Splitting the list of numbers:
    @numbers = split(/,/, $list);

CGI Warnings

Open CGI access is a privilege, as it is a large security risk. Do not abuse this privilege.


Work individually or in groups of two.

Thomas P. Kelliher 2011-09-06
Tom Kelliher