Click here for Borders.com
Click here for Borders.com


BUILDER.COM

Search for articles on BUILDER.COM:

 
 
 
 
 
 
 
 
 
 
The abc's of CGI - back to intro How To: process a form
 
One of the most basic and important reasons to use a CGI is to retrieve information from an HTML form that a user has filled out. We'll show you how to extract form information and send the collected data to your email address. To keep things simple, we'll avoid actions like error-checking, which might confuse the point. Before you try this example, you should check with your system admin to make sure it's OK to use the Unix sendmail command in your scripts. Your ISP may have security or performance issues that make it unwise to use sendmail on their system.

Remember, when building a form for use with a CGI, the names of the form elements are very important, since you'll use them in your script to retrieve the information.

what is CGI?
when to use CGI
hosting issues
how to:
process a form
use cookies to personalize Web pages
use cookies with server-side includes
create a simple guest book
add a page-visit counter
troubleshooting
Copy the following HTML code to a file called email.html, and save it as text. Remember to replace your.server.com and the /cgi-bin/ path with a URL that's appropriate for your server. And pay attention to the form elements, each of which has a unique name that the script uses to reference the information entered by the user:
<html><head><body>
Send me email!

<form method="post"
 action="http://your.server.com/cgi-bin/email.pl">
Name: <input type=text name="name" size=30><br>
Email Address: <input type=text name="email" size=30>
 <br>
Subject: <input type=text name="subj" size=30><br>
Comments: <br><textarea wrap=virtual name="body"
 rows=4 cols=45></textarea><br>
<input type=submit value="send mail">
</form>

</body></html>

screen shot
The email.html file creates a basic HTML file. It's nothing pretty--you'll want to create something a bit more aesthetically pleasing for your needs.

In the above code, you'll notice that the <FORM> tag has two attributes: action and method. The action attribute points to the script that will be handling the form, which can be an absolute or relative path. The method attribute determines how the information is sent to the server, through either the "post" or "get" commands. Using "get" sends the information to the server as part of the action URL, while "post" sends it as a separate stream of data. Because the "get" method limits the amount of information that can be sent, it's almost always better to use the "post" method.

Next, let's write the script that decodes the information and sends it via email. The first line of any Perl file must point to the location of the interpreter on the system. In the code below, we use the default path to the Perl interpreter. Depending on your system, the Perl interpreter could be anywhere, so check with your system admin for the correct path. We'll also initialize a couple of variables at the beginning of the script, so that it will be easy to change them later:

#!/usr/bin/perl

$tomail = "yourname\@domain.com";
$location =
 "http://www.yourdomain.com/path/to/file.html";
When a browser remits form data as part of a "post" or "get" command, it subjects the information to something called URL-encoding. Basically, that means the data is saved into name-value pairs that are separated by ampersand (&) signs. The browser also replaces spaces with plus (+) signs, since a space could be mistakenly interpreted as the end of a command or string. In the following code, we first scan for the ampersand signs, which we use to split the string into name-value pairs. We then strip out the plus signs and scan for malicious hackers trying to sneak server-side include (SSI) strings into our form. The name-value pairs are finally split into an array so we can reference our form data by calling $in{'name of field'}:
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
 local($name, $value) = split(/=/, $pair);
 $value =~ tr/+/ /;
 $value =~
  s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
 # strip off any possible SSI comment tags.
 $value =~ s/<!--(.|\n)*-->//g;
 $in{$name} = $value;
 }
Now that we've collected our data, we want to email that information to our server. To do this, we have to first open a connection to the Unix sendmail program. Again, in the code below, we use the default location for sendmail, but it could be different for you, depending on how your system administrator has set up your server. You'll also note a number of command-line switches, like -t, after the sendmail command. These are very important and affect the security of the sendmail command. Check with your ISP to see which, if any, additional command-line switches they recommend:
open (MAIL,"|/usr/lib/sendmail -t -n -oi") ||
 die "there was a problem with the call to sendmail";
Sendmail is a very simple program. You print a text file to sendmail, making sure that the first four lines are the properly formatted header of an email message. Notice that the fourth line ends with \n\n. By sending two of these new-line characters in a row, the application signals that the email header is done, and the rest of the text comprises the body of the email message:
print MAIL "To: $tomail\n";
print MAIL "From: $in{'name'} <$in{'email'}>\n";
print MAIL "Reply-To: $in{'email'}\n";
print MAIL "Subject: $in{'subj'} (from Website)\n\n";

print MAIL $in{'body'};
To actually send the message, you simply close the file you're printing to:
close(MAIL);
The next step is very important. Whenever a user invokes a program, the browser keeps the connection open, waiting for some kind of response. All of your CGI scripts need to send something back to the browser. In this case, we'll send a page we have already created:
print "Location: $location\n\n";
All of the standard output from our programs will be directed to the Web server, which will understand the information only if it is formatted correctly. A Web server expects information in two parts: the header (the top section of information that can pass commands to the server) and the body (the information to be sent back to the browser). The information is separated by a blank line. In the example above, we're sending the location directive with a URL followed by two line breaks in the header. This tells the Web server to send this page back to the browser. You're done!

See the complete Perl code.

hosting issues how to: use cookies to personalize Web pages


 

Click here for Borders.com
Click here for Borders.com

Back to top  Go to the BUILDER.COM home page.

  Copyright © 1995-98 CNET, Inc. All rights reserved. Privacy policy.