The Common Gateway Interface (CGI) is the standard for interfacing external applications with web servers. The following provides basic information on using CGI programs, including the CGI directory and program names, developing your CGI programs, controlling access, and using an advanced php environment for ready-made programs.
CGI Directory and Program Name
You need to put your CGI programs in the cgi-bin
directory in your root webspace. The CGI program filename should have the extension “.cgi”, “.pl”, or “.php”. The URL to access your CGI program is:
http://<hostname>.ust.hk/cgi-bin/filename.cgi (filename.pl or filename.php) |
For example, if you put CGI program “testprog.cgi” under the “cgi-bin” directory (with domain name “itsc.ust.hk”) , the CGI program can then be invoked through the following URL:
http://itsc.ust.hk/cgi-bin/testprog.cgi |
File Permissions and Security
After you transfer your CGI program to the “cgi-bin” directory, make sure you have the execution bit “turned on” or the program cannot be executed. Note that CGI programs are run under your userid and access your account resources,such as files and directories. Since they run as your account, you can read and write files under your account through your CGI programs. More information about suEXEC protection can be found at Apache suEXEC support.
Develop your CGI Programs
CGI programs can be written in any language supported within the web development platform. This includes compiled programming languages, such as C and C++; interpreted languages, such as Perl, PHP and the Bourne shell. The environments of the commonly used web development languages are:
- Perl (/usr/local/bin/perl): Version 5.8.8. Here is an example:
#!/usr/local/bin/perl print "Content-type: text/html /n/n"; print "Hello/n"; |
CGI.pm libraries are included in the standard Perl library and can be used in CGI programs written in Perl.
- php (/usr/local/bin/php): php (cgi binary) version is 5.2.2 . Here is an example:
#!/usr/local/bin/php <?php echo("Hello"); ?> |
Controlling Access
CGI programs use a similar access control mechanism as static web pages. You can put .htaccess
file under cgi-bin
to control who can access your CGI programs. If you limit your CGI programs to specific users, the CGI variable REMOTE_USER
will get the value of the authenticated user. For details of how to set up .htaccess
in iHost server, visit iHost-Controlling Access.
Advanced php Setup
For ready-to-run php programs, an advanced php cgi environment is recommended. The following php cgi environment can be tried:
Setup procedure
- Make a directory called “.ht_bin” inside “cgi-bin” directory (use “mkdir cgi-bin” to create“cgi-bin” if not yet created).
#/usr/bin/cd cgi-bin #/usr/bin/mkdir .ht_bin
- Change the permission of directory “.ht_bin” to “711″ (i.e. drwx–x–x).
#/usr/bin/chmod 711 .ht_bin
- Place a suitable php binary in the “.ht_bin” directory with the name “php.cgi”. (A ready-made “php.cgi”is placed in /opt/php-latest/bin/.)
#/usr/bin/cp -p /opt/php-latest/bin/php.cgi .ht_bin/php.cgi
- Change the permission of “php.cgi” to “700” (i.e. -rwx——).
#/usr/bin/chmod 700 .ht_bin/php.cgi
- Place a “.htaccess” in the “cgi-bin” directory (or other directories which are required to run php) as:
Action php-cgi /~account_name/cgi-bin/.ht_bin/php.cgi AddHandler php-cgi .php
- Where account_name should be the actual account name, e.g. “webitsc”, you can place .htaccess in the root or other directory if needed.
With the above setup, all files with extension “.php” will be run by php.cgi inside the “cgi-bin” directory.