CGI Scripts - Learning to Publish

CGI Scripts
Getting Started
Creating a cgi-bin Directory
A First Script: Hello World
Running CGI Scripts
Debugging CGI Scripts
HTML World
Echo ENV
HTML Forms and CGI
Echo Form
Save Form
Customized Response
Putting It All Together
Perl Basics
HTTP Headers
Generic Script
Comments Forms
CGIWrap
Related Links

CGIWrap

ITS UNIX staff has installed CGIWrap on the UTS and CCWF systems. This enables Web publishers on these systems to execute CGI scripts under their own user id (uid).

Unfortunately, ITS and TeamWeb do not have the staff to write CGI scripts for Web publishers.

Note to UTS publishers: Even if you publish from the ~www or ~ftp area, you must follow the instructions below. That is, do not put cgi files in your regular publishing directory.

Steps to Run Scripts

If you haven't already created a public_html directory in your logon directory, do so now. To create it, type:
mkdir $HOME/public_html
Within your public_html directory, create a cgi-bin directory. To do so, type:
mkdir $HOME/public_html/cgi-bin
Be sure to put all your CGI scripts in the cgi-bin directory.
Use the appropriate URL to execute a script:

http://uts.cc.utexas.edu/cgi-bin/cgiwrap/username/scriptname

http://ccwf.cc.utexas.edu/cgi-bin/cgiwrap/username/scriptname

Where username is your user name and scriptname is the name of the script, the scriptname should end in .cgi, to follow local convention.

Restrictions

You must own the script. To see the owner's user name, type:
ls -l $HOME/public_html/cgi-bin/scriptname
Your default group must own the file. To see a list of the groups you are a member of, type:
groups

Your default group should be the first one listed. To see the group ownership of the file, type:

ls -lg $HOME/public_html/cgi-bin/scriptname
The script must be executable. To make the program executable, type:
chmod 755 $HOME/public_html/cgi-bin/scriptname
Scripts must be located in your $HOME/public_html/cgi-bin directory.
The file permissions may NOT have the setuid or setgid bits set.
Scripts have a resource LIMIT of 10 CPU seconds.

Notes

By placing a CGI script such that it runs under your user id, you are effectively authorizing anybody on the Internet to run programs on your account. This is a security breach you should avoid.
It is not currently possible to restrict access to the scripts you run under CGIWrap. However, your scripts can enforce host-based access control by checking the environment variables REMOTE_HOST and REMOTE_ADDR, which will contain the hostname and IP address of the remote host.
If you receive an Internal Server Error, you can specify cgiwrapd instead of cgiwrap to see debugging output for your CGI script.
You can use CGIWrap with forms, but the request should use the method POST. If you need to use the GET method, you need to include two HIDDEN fields in your form of names "user" and "script" that specify the user, and script to execute with CGIWrap. Use of the GET method for forms is discouraged due to limitations in the amount of data that can be passed to the script.

Services Navigation

CGIWrap

Steps to Run Scripts

Restrictions

Notes