Download presentation
Presentation is loading. Please wait.
1
Lecture 15 CGI Sessions Perl CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger and Shwen Ho
2
Sessions Many web sites allow you to establish a session. you identify yourself to the system. now you can visit lots of pages, add stuff to shopping cart, establish preferences, etc. CGI Sessions 2
3
State Information Remember that each HTTP request is unrelated to any other as far as the Web server is concerned Each new request to a CGI program starts up a brand new copy of the CGI program. Providing sessions requires keeping state information. CGI Sessions 3
4
Session Conversation CGI Sessions 4 Client Client Hi! I'm Joe. Server Server Hi Joe (it's him again) Welcome Back... Hi Joe (it's him again) Welcome Back... I wanna buy a cookie. OK Joe, it will be there tomorrow. CGI1 CGI2
5
Hidden Field Usage One way to propagate state information is to use hidden fields. User identifies themselves to a CGI program fills out a form CGI sends back a form that contains hidden fields that identify the user or session. CGI Sessions 5
6
Revised Conversation Initial form has field for user name. GET /cgi1?name=joe HTTP/1.0 CGI1 creates order form with hidden field. GET/cgi2?name=joe&order=cookie HTTP/1.0 CGI Sessions 6
7
Session Keys Many Web based systems use hidden fields that identify a session. When the first request arrives, the system generates a unique session key and stores it in a database. The session key can be included in all forms/links generated by the system as a hidden field or embedded in a link CGI Sessions 7
8
Session Key Properties Must be unique. Should expire after a while. Should be difficult to predict. typically use a pseudo-random number generator seeded carefully. CGI Sessions 8
9
Pizza Server Session Keys We define a server to use session keys: A request to order a pizza might look like this all on one line GET /pizza.cgi?sessionkey= HungryStudent971890237&pizza=cheese &size=large HTTP/1.0 CGI Sessions 9
10
HTTP Cookies A "cookie' is a name,value pair that a CGI program can ask the client to remember. The client sends this name,value pair along with every request to the CGI. We can also use "cookies" to propagate state information. CGI Sessions 10
11
Cookies are HTTP Cookies are HTTP headers. A server (CGI) can give the browser a cookie by sending a Set-Cookie header line with the response. A client can send back a cookie by sending a Cookie header line with the request. CGI Sessions 11
12
Set-Cookie Header Options The general form of the Set-Cookie header is: Set-Cookie: name=value; options The options include: expires=... domain=... path=... CGI Sessions 12
13
Setting a cookie HTTP/1.0 200 OK Content-Type: text/html Set-Cookie: customerid=0192825 Content-Length: 12345... CGI Sessions 13
14
expires Option This tells the browser how long to hang on to the cookie. The time/date format is very specific! CGI Sessions 14 expires=Friday 29-Feb-2000 00:00:00 GMT Weekday, Day-Month-Year Hour:Minute:Second GMT
15
Default expiration If there is no expires option on the Set- Cookie header line, the browser does not save the cookie to disk. In this case, when the browser is closed it will forget about the cookie. CGI Sessions 15
16
domain Option domain=.unr.edu The domain option tells the browser the domain(s) to which it should send the cookie. Domains as in DNS. The domain must start with "." and contain at least one additional "." CGI Sessions 16
17
Domain option rules The server that sends the Set-Cookie header must be in the domain specified. If no domain option is in the header, the cookie will only be sent to the same server. : CGI Sessions 17 Default Behavior
18
path Option path=/ or path=/~mgunes/cpe401 The path option tells the browser what URLs the cookie should be sent to. CGI Sessions 18
19
path default If no path is specified in the header, the cookie is sent to only those URLs that have the same path as the URL that set the cookie. A path is the leading part of the URL does not include the filename CGI Sessions 19
20
Default Path Example If the cookie is sent from: /~mgunes/cpe401/pizza/pizza.cgi it would also be sent to /~mgunes/cpe401/pizza/blah.cgi but not to /~mgunes/cpe401/soda/pizza.cgi CGI Sessions 20
21
Set-Cookie Fields Many options can be specified. Things are separated by ";" Set-Cookie: a=blah; path=/; domain=.cse.unrr.edu; expires=Thursday, 21-Feb-2002 12:41:07 2002 CGI Sessions 21 All must be on one line!
22
CGI cookie creation A CGI program can send back any number of HTTP headers. can set multiple cookies Content-Type is required! Blank line ends the headers! CGI Sessions 22
23
C Example printf("Content-Type: text/html\r\n"); printf("Set-Cookie: prefs=nofrms\r\n"); printf("Set-Cookie: Java=yes\r\n"); printf("\r\n"); … now sends document content CGI Sessions 23
24
Getting HTTP Cookies The browser sends each cookie as a header: Cookie: prefs=nofrms Cookie: Java=OK The Web server gives the cookies to the CGI program via an environment variable. CGI Sessions 24
25
Multiple Cookies There can be more than one cookie. The Web Server puts them all together like this: prefs=nofrms; Java=OK and puts this string in the environment variable: HTTP_COOKIE CGI Sessions 25
26
Cookie Limits Each cookie can be up to 4k bytes. One "site" can store up to 20 cookies on a user's machine. CGI Sessions 26
27
Cookie Usage Create a session. Track user browsing behavior. Keep track of user preferences. Avoid logins. CGI Sessions 27
28
Cookies and Privacy Cookies can't be used to: send personal information to a web server without the user knowing about it. be used to send viruses to a browser. find out what other web sites a user has visited.* access a user's hard disk * although they can come pretty close to this one! CGI Sessions 28
29
Some Issues Persistent cookies take up space on user's hard disk. Can be used to track your behavior within a web site. This information can be sold or shared. Cookies can be shared by cooperating sites advertising agencies do this. CGI Sessions 29
31
Perl Practical Extration and Reporting Language a high-level programming language whose semantics are largely based on C Designed for text manipulation Very fast to implement particularly strong at process, file and text manipulation Runs on many different platform Windows, Mac, Unix, Linux, Dos, etc Perl 31
32
Running Perl Perl scripts do not need to be compiled interpreted at the point of execution do not necessarily have a particular file extension “.pl” is used commonly Executing it via the command line command line> perl script.pl arg1 arg2... Or add the line "#!/usr/bin/perl" to the start of the script if you are using unix/linux./perlscript.pl Remember to set the correct file execution permissions before running it Perl 32
33
Beginning Perl Every statement end with a semi colon ";" Comments are prefixed at the start of the line with a hash "#" Variables are assigned a value using the "=" Variables are not statically typed, No need to declare what kind of data you want to hold in them. Variables are declared the first time you initialize them and they can be anywhere in the program. Perl 33
34
Scalar Variables Contains single piece of data '$' character shows that a variable is scalar Scalar variables can store number string a chunk of text surrounded by quotes $name = "paul"; $year = 1980; print "$name is born in $year"; output: paul is born in 1980 Perl 34
35
Arrays Variables (List) Ordered list of data, separated by commas '@' character shows that a variable is an array Array of numbers @year_of_birth = (1980, 1975, 1999); Array of string @name = ("Paul", "Jake", "Tom"); Array of both string and numbers @paul_address = (14,"Cleveland St","NSW",2030); Perl 35
36
Retrieving data from Arrays Printing Arrays @name = ("Paul", "Jake", "Tom"); print "@name"; Accessing individual elements in an array @name = ("Paul", "Jake", "Tom"); print "$name[1]"; What has changed? @name to $name To access individual elements use the syntax $array[index] Why did $name[1] print the second element? index 0 represents the first element. Perl 36
![Retrieving data from Arrays Printing = ( Paul , Jake , Tom ); ; Accessing individual elements in an = ( Paul , Jake , Tom ); print $name[1] ; What has changed.](http://images.slideplayer.com./16/5138041/slides/slide_36.jpg "@name to $name To access individual elements use the syntax $array[index] Why did $name[1] print the second element. index 0 represents the first element. Perl 36.")
37
Arrays … @name = ("Paul", "Jake", "Tom"); print "@name"; Paul Jake Tom print @name;PaulJakeTom $count=@name;$count = 3 @nameR=reverse(@name);@nameR=("Tom","Jake","Paul") @nameS=sort(@name);@nameS=("Jake","Paul","Tom") Perl 37
38
Basic Arithmetic Operators + Addition - Subtraction * multiplication / division ++ adding one to the variable -- subtracting one from the variable $a += 2 incrementing variable by 2 $b *= 3 tripling the value of the variable Perl 38
39
Relational Operators ComparisonNumericString Equals ==eq Not equal !=ne Less than <lt Greater than >gt Less than or equal <=le Greater than or equal >=gt Comparison cmp Perl 39
40
Control Operators - If if ( expression 1) {... } elsif (expression 2) {... } else {... } Perl 40
41
Iteration Structures while (CONDITION) { BLOCK } until (CONDITION) {BLOCK} do {BLOCK} while (CONDITION) for (INITIALIZATION ; CONDITION ; Re-INITIALIZATION) {BLOCK} foreach VAR (LIST) {BLOCK} for VAR (LIST) {BLOCK} Perl 41
42
Iteration Structures $i = 1; while($i <= 5){ print "$i\n"; $i++; } for($x=1; $x <=5; $x++) { print "$x\n"; } @array = [1,2,3,4,5]; foreach $number (@array){ print "$number\n"; } Perl 42
![Iteration Structures $i = 1; while($i <= 5){ print $i\n ; $i++; } for($x=1; $x <=5; $x++) { print $x\n ; = [1,2,3,4,5]; foreach $number print $number\n ; } Perl 42](http://images.slideplayer.com./16/5138041/slides/slide_42.jpg "Iteration Structures $i = 1; while($i <= 5){ print $i\n ; $i++; } for($x=1; $x <=5; $x++) { print $x\n ; = [1,2,3,4,5]; foreach $number print $number\n ; } Perl 42")
43
String Operations Strings can be concatenated with the dot operator $lastname = "Harrison"; $firstname = "Paul"; $name = $firstname. $lastname; $name = "$firstname$lastname"; Comparison can be done with the relational operator $string1 = "hello"; $string2 = "hello"; if ($string1 eq $string2) { print "they are equal"; } else { print "they are different"; } Perl 43
44
String comparison using patterns The ‘=~ ’ operator return true if the pattern within the ‘/’ quotes are found. $string1 = "HELLO"; $string2 = "Hi there"; # test if the string contains the pattern EL if ($string1 =~ /EL/) { print "This string contains the pattern"; } else { print "No pattern found"; } Perl 44
45
Functions in Perl No strict variable type restriction during function call Perl has provided lots of useful functions chop - remove the first character of a string chomp - remove the carriage return character from the end of a string push - append one or more element into an array pop - remove the last element of an array and return it shift - remove the first element of an array and return it s- replace a pattern with a string Perl 45
46
Functions in Perl The "split" function breaks a given string into individual segments given a delimiter split( /pattern/, string) returns a list @output = split (/\s/, $string); # breaks the sentence into words @output = split (//, $string); # breaks the sentence into single characters @output = split (/,/, $string); # breaks the sentence into chunks separated by a comma. join ( /delimiter/, array) returns a string Perl 46
47
Functions in Perl A simple perl function sub sayHello { print "Hello!!\n"; } sayHello(); Perl 47
48
Executing functions in Perl Function arguments are stored automatically in a temporary array called @_ sub sayHelloto { @name = @_; $count = @_; foreach $person (@name){ print "Hello $person\n"; } return $count; } @array = ("Paul", "Jake", "Tom"); sayHelloto(@array); sayHelloto("Mary", "Jane", "Tylor", 1, 2, 3); Perl 48
49
Input / Output Perl allows you to read in any input that is automatically sent to your program via standard input by using the handle. Other I/O topics include reading and writing to files, Standard Error (STDERR) and Standard Output (STDOUT). One way of handling inputs via is to use a loop to process every line of input Perl 49
50
Input / Output Count the number of lines from standard input and print the line number together with the 1st word of each line. $count = 1; foreach $line ( ){ @array = split(/\s/, $line); print "$count $array[0]\n"; $count++; } Perl 50
51
Regular Expression Regular expression is a set of characters that specify a pattern. Used for locating piece of text in a file. Regular expression syntax allows the user to do a "wildcard" type search without necessarily specifying the character literally Available across OS platform and programming language. Perl 51
52
A simple regular expression contains the exact string to match $string = "aaaabbbbccc"; if($string =~ /bc/){ print "found pattern\n"; } output: found pattern Simple Regular Expression Perl 52
53
Simple Regular Expression The variable ‘$& ’ is automatically set to the matched pattern $string = "aaaabbbbccc"; if($string =~ /bc/){ print "found pattern : $&\n"; } output: found pattern bc Perl 53
54
Simple Regular Expression What happen when you want to match a generalised pattern like an "a" followed by some "b"s and a single "c" $string = "aaaabbbbccc"; if($string =~ /abbc/){ print "found pattern : $&\n"; } else {print "nothing found\n"; } output: nothing found Perl 54
55
Regular Expression - Quantifiers We can specify the number of times we want to see a specific character in a regular expression by adding operators behind the character. ‘ * ’ (asterisk) matches zero or more copies of a specific character ‘ + ’ (plus) matches one or more copies of a specific character Perl 55
56
Regular Expression - Quantifiers @array = ["ac", "abc", "abbc", "abbbc", "abb", "bbc", "bcf", "abbb", "c"]; foreach $string (@array){ if($string =~ /ab*c/){ print "$string "; } output: ac abc abbc abbbc Perl 56
![Regular Expression - = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; foreach $string if($string =~ /ab*c/){ print $string ; } output: ac abc abbc abbbc Perl 56](http://images.slideplayer.com./16/5138041/slides/slide_56.jpg "Regular Expression - = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; foreach $string if($string =~ /ab*c/){ print $string ; } output: ac abc abbc abbbc Perl 56")
57
Regular Expression - Quantifiers Regular ExpMatched pattern abc ab*cac abc abbc abbbc ab+cabc abbc abbbc @array = ["ac", "abc", "abbc", "abbbc", "abb", "bbc", "bcf", "abbb", "c"]; Perl 57
![Regular Expression - Quantifiers Regular ExpMatched pattern abc ab*cac abc abbc abbbc ab+cabc abbc = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; Perl 57](http://images.slideplayer.com./16/5138041/slides/slide_57.jpg "Regular Expression - Quantifiers Regular ExpMatched pattern abc ab*cac abc abbc abbbc ab+cabc abbc = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; Perl 57")
58
Regular Expression - Anchors Anchor restrictions preceding and behind the pattern specify where along the string to match to. ‘^’ indicates a beginning of a line restriction ‘$’ indicates an end of line restriction Perl 58
59
Regular Expression - Anchors Regular ExpMatched pattern ^bcbc ^b*cbbc bcf c ^b*c$bbc c b*c$ac abc abbc abbbc bbc c @array = ["ac", "abc", "abbc", "abbbc", "abb", "bbc", "bcf", "abbb", "c"]; Perl 59
![Regular Expression - Anchors Regular ExpMatched pattern ^bcbc ^b*cbbc bcf c ^b*c$bbc c b*c$ac abc abbc abbbc bbc = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; Perl 59](http://images.slideplayer.com./16/5138041/slides/slide_59.jpg "Regular Expression - Anchors Regular ExpMatched pattern ^bcbc ^b*cbbc bcf c ^b*c$bbc c b*c$ac abc abbc abbbc bbc = [ ac , abc , abbc , abbbc , abb , bbc , bcf , abbb , c ]; Perl 59")
60
Regular Expression - Range […] is used to identify the exact characters you are searching for [0123456789] will match a single numeric character [0-9] will also match a single numeric character [A-Za-z] will match a single alphabet of any case Perl 60
![Regular Expression - Range […] is used to identify the exact characters you are searching for [ ] will match a single numeric character [0-9] will also match a single numeric character [A-Za-z] will match a single alphabet of any case Perl 60](http://images.slideplayer.com./16/5138041/slides/slide_60.jpg "Regular Expression - Range […] is used to identify the exact characters you are searching for [ ] will match a single numeric character [0-9] will also match a single numeric character [A-Za-z] will match a single alphabet of any case Perl 60")
61
Regular Expression - Range Search for a word that starts with the uppercase T second letter is a lowercase alphabet third letter is a lower case vowel is 3 letters long followed by a space Regular expression : "^T[a-z][aeiou] " Note : [z-a] is backwards and does not work Note : [A-z] does match upper and lowercase but also 6 additional characters between the upper and lower case letters in the ASCII chart: [ \ ] ^ _ ` Perl 61
![Regular Expression - Range Search for a word that starts with the uppercase T second letter is a lowercase alphabet third letter is a lower case vowel is 3 letters long followed by a space Regular expression : ^T[a-z][aeiou] Note : [z-a] is backwards and does not work Note : [A-z] does match upper and lowercase but also 6 additional characters between the upper and lower case letters in the ASCII chart: [ \ ] ^ _ ` Perl 61](http://images.slideplayer.com./16/5138041/slides/slide_61.jpg "Regular Expression - Range Search for a word that starts with the uppercase T second letter is a lowercase alphabet third letter is a lower case vowel is 3 letters long followed by a space Regular expression : ^T[a-z][aeiou] Note : [z-a] is backwards and does not work Note : [A-z] does match upper and lowercase but also 6 additional characters between the upper and lower case letters in the ASCII chart: [ \ ] ^ _ ` Perl 61")
62
Regular Expression - Others Match a single character (non specific) with "." (dot) a.c matches any string with "a" follow by one character and followed by "c" Specifying number of repetition sets with "\{" and "\}“ [a-z]\{4,6\} match four, five or six lower case alphabet Remembering Patterns with "\(,\)" and "\1" Regular Exp allows you to remember and recall patterns Perl 62
![Regular Expression - Others Match a single character (non specific) with . (dot) a.c matches any string with a follow by one character and followed by c Specifying number of repetition sets with \{ and \} [a-z]\{4,6\} match four, five or six lower case alphabet Remembering Patterns with \(,\) and \1 Regular Exp allows you to remember and recall patterns Perl 62](http://images.slideplayer.com./16/5138041/slides/slide_62.jpg "Regular Expression - Others Match a single character (non specific) with . (dot) a.c matches any string with a follow by one character and followed by c Specifying number of repetition sets with \{ and \} [a-z]\{4,6\} match four, five or six lower case alphabet Remembering Patterns with \(,\) and \1 Regular Exp allows you to remember and recall patterns Perl 62")
63
RegExp problem and strategies You tend to match more lines than desired. A.*B matches AAB as well as AAAAAAACCCAABBBBAABBB Knowing what you want to match Knowing what you don’t want to match Writing a pattern out to describe that you want to match Testing the pattern Perl 63
65
Web Servers & CGI Most web server are capable of running CGI programs. The server must be able to determine whether a URI refers to: Document just send it back CGI program run it and send back the result. CGI … 65
66
CGI recognition Some servers insist that CGI programs be in a special place typically the URL path is one of: /CGI-BIN /cgi-bin /CGI /cgibin Some servers look at the filename: filename ends with.cgi Some servers are given a list of URLS that are CGIs 66 CGI …
67
User files and Web Servers On Unix based web servers, the URL /~username is typically mapped to the directory ~username/public.html -or- ~username/public_html 67 CGI …
68
www.cse.unr.edu On the CSE web server you should put your files in ~/public.html The URI http://www.cse.unr.edu/~you is your home page where you is your CSE username. 68 CGI …
69
Directories Most web servers do the following when a URL maps to a directory: if there is a file named index.html in the directory it is sent back. if there is no index.html, an HTML formatted directory listing is sent back. 69 CGI …
70
Debugging It's hard to debug a CGI program! Debugging print statements should generate HTML. You can run the program from the Unix command line you just need to set the environment variables right (use GET for this). 70 CGI …
71
CGI script example Perl 71
72
cgi-test This is a sample page to read two data items from the web page: First name= Last name= Parameters passed as arguments xfirst and xlast HTML for Forms Perl 72
73
Perl - CGI script #!/usr/bin/perl print “Content-Type: text/html\n\n”; print “ \n”; print “ Sample PERL script \n”; print “ \n”; print “ Query_string is $ENV{'QUERY_STRING'}\n”; foreach ( split( /&/, $ENV{'QUERY_STRING'}) ) { ( $key, $val ) = split( /=/, $_, 2 ); $tmp{$key} = $val; } print “ First name is $tmp{'xfirst'} \n”; print “ Last name is $tmp{'xlast'} \n”; print “ \n” Perl 73 Perl program first reads parameters as xfirst&zlast from $ENV (environment) into QUERY_STRING Output of Perl is the syntax of an HTML page that is displayed
Similar presentations
