next up previous contents
Next: Security Concerns Up: CGI (Common Gateway Interface): Previous: CGI (Common Gateway Interface):   Contents

Introduction to CGI

When you type the address of a web page (i.e. a URL or Universal Resource Locator) into a browser,or click a link which refers to a URL, a request is made to a computer on the internet to send the contents of a web page to your browser. Web pages are written in a language known as HTML (Hypertext Markup Language), and your web browser knows how to translate HTML into text, pictures, links, animations or whatever else the designer of the web page had in mind. Alternatively, the address that your browser requests might be a program, in which case that program will be run on the web site's computer, and the results of the program (most likely a header followed by something written in HTML) will be transmitted to your web browser. Through the use of forms or specially formatted URLs, you can provide information to that program, allowing on-line shopping, surveys, email programs and other useful tools. CGI is the name given to the mechanism used to transmit information to and from your web browser and a web site's computer. The cgi module provides a way for you to retrieve this information, and to send HTML back in response to a submitted form.

Besides using a form which displays in a browser to retrieve information, a specialized type of URL can be used to transmit information to a web site's computer. When this method is used, the program's name is followed by a question mark and a series of name=value pairs separated by ampersands. For example, a URL to query a travel agency might look like this:
In this case, three variables are being transmitted: dest with a value of ``Costa Rica''; month, with a value of ``Jun'' and day, with a value of ``12''. (Notice that special characters like blanks need to be encoded as a percent sign followed by two digits.) Alternatively, there might be a form with drop-down menus, scrolling lists, or blanks to be filled in which would extract the same information.

When you use a Python script as a CGI program, you create a FieldStorage object using the FieldStorage function of the cgi module. This object behaves like a dictionary in many ways. For example, you can use the keys method to get a list of all the variables which were sent to your program. When you use any of these names as an index to the object returned by FieldStorage, the result is a MiniFieldStorage object, which contains two attributes: name and value. Thus, if the following Python program were properly installed on the fictitious travel bureau's web server, it would print the destination, month and day specified in the URL:

import cgi

f = cgi.FieldStorage()

print "Content-type: text/html" 

vars = f.keys()
for v in vars:
    print '%s = %s<br>' % (v,f[v].value)
The two print statements before the loop produce the header which is necessary for a browser to understand that what follows will be HTML which needs to be appropriately processed before being displayed; the second of these print statements produces a blank line which signals that the headers are finished. The value of each of the variables transmitted through the CGI program is stored in the value attribute of the MiniFieldStorage object stored in the FieldStorage object named f. Since newlines are not respected by HTML, the <br> tag is used to insure that a line break appears between the values displayed.

Alternatively, information can be transmitted to a CGI program through from items which appear in your browser. The URL of the CGI program appears in the action element of the <form> tag. The following (minimal) HTML code will display the form shown in Figure 8.1; when the user makes their selection and presses the ``Submit'' button, the CGI script presented above will receive the information; the FieldStorage object will be created appropriately whether the input comes from a URL or through a form.

<form method="post" action="/cgi-bin/query">
Destination: <input type="text" name="dest" size=40>
Month: <select name=month>
Day: <select name=day>
<option>8<option>9<option>10<option>11<option>12 <option>13
<input type=submit>

Figure 8.1: Simple HTML form

next up previous contents
Next: Security Concerns Up: CGI (Common Gateway Interface): Previous: CGI (Common Gateway Interface):   Contents
Phil Spector 2003-11-12