Slashdot Mirror

← Back to Stories (view on slashdot.org)

CGI Programming with Perl

Posted by timothy on from the of-wisdom dept.

In addition to all the other books he has insightfully reviewed, chromatic has written this review of CGI Programming With Perl. This books sounds like a great resource for the builder of dynamic Web sites with a Perl background. And isn't it nice to see a book with "an unapologetic Unix flavor"?

CGI Programming with Perl author Scott Guelich, Shishir Gundavaram, & Gunther Birznieks pages 451 publisher O'Reilly & Associates rating 9 reviewer chromatic ISBN 1-56592-419-3 summary Your guide to the protocols and practices of CGI programming, with a look at current tools, tips, and tricks.

The Scoop Static web pages sufficed back when the web was young. Information flowed one way (like it does on most corporate sites today). Those days are long behind us -- if you want dynamic and interactive content, a whole host of technologies have appeared to fill in the gaps.

Enter Perl and CGI -- the original Swiss Army chainsaw of programming met the standard for exchanging data over HTTP and it was good. Thousands and thousands of programmers discovered this combination of power and simplicity, and the web has never been the same. Now, it's your turn to descend into the mysteries of query strings and stateless transactions, hoping to emerge successfully with the knowledge of simple -- yet interactive -- web programming.

In this second edition, the authors have gone far beyond CGI circa 1996. New topics include XML, search engines, security, and high performance Perl-based alternatives to CGI. How far we've come...

What's to Like? The book begins with an explanation of HTTP. Understanding the underlying protocol gives a picture of the whole process. The same is done for CGI, examing the interface -- the environment, input, output, and headers. It's simple enough that the description never bogs down, but detailed enough to explain difficulties CGI authors must work around (session management being high on the list).

From there, it's on to forms and HTML and, before spending much time trying to write a custom decoder for form data, it's off to CGI.pm. (That's important, because it's hard to get this right, even for authors of some other CGI programming books.) As befits the module, this chapter explains handling input, generating output, and handling errors.

Shift gears for a second, and think about embedding your code in your HTML. Try SSI, HTML::Template, or Embperl. (This is just a taste of the techniques available for templating -- see Template Toolkit or Mason for other nice ones.) Following that, grit your teeth and learn some of the JavaScript you've been putting off. Use it to add an additional client-side form input checker, hook it up to your Perl with WDDX, or discover the powerful Bookmarklet.

Consider security in chapter 8 -- now that you've learned some cool tricks but before you know enough to get into real trouble, discover the vulnerabilities and how you can program around them. Use Perl's Taint mode and your web server configuration to help you out. Do not skip this chapter -- read it, then read perldoc perlsec until you get it. (It's a good chapter, but security can be hard, so don't rely on just one source of information.)

The rest of the book is a tour of various tasks you might want to accomplish. They're good too, but things shine again in the last three chapters, with help for the new, curious, frazzled Perl CGI programmer. How do you get rid of that annoying 500 server error? How can you make your program worth using for the next three years instead of worth throwing away every three months? How can you write something that will handle a hundred users a day? A thousand? A front-page link on Slashdot? (The answer is more than just FastCGI or mod_perl, though they're definitely the heavy guns.)

It's definitely time for a second edition of this tome. The expanded coverage of CGI.pm and templating technologies is a welcome addition. Promoting the use of the existing well-tested, documented, and debugged tools will, hopefully, lead to more maintainable code. Unlike some other books, the example code is clean and worthy of emulation. Hit the references and recommendation section in Appendix A for more good information, including relevant RFCs. Really. (It's a good sign for a Perl book to mention both the CPAN and perldoc, as in Appendix B.)

What's to Consider? Be careful about copying code blindly from the first few chapters without reading at least chapter 8 (and perldoc perlsec in Perl's included documentation)! Simple examples are appropriate for teaching and personal testing, but could have disastrous consequences on publicly-accessible servers. To the authors' credit, even the simple example code runs with warnings, taint mode, and the strict pragma.

You'll need to know some Perl -- at least enough to follow along with somewhat-idiomatic code. Platform and portability wise, there's an unapologetic Unix flavor to the examples. Nearly everything should work on Win32 and other operating systems, but be aware of certain differences. As for web server information, it's Apache-specific. (Configuration for other platforms will be similar, but is left as an exercise for the reader.)

Some topics could use more treatment. It would have been nice to have more information on HTML::Mason (though admittedly complex, it's powerful and probably deserves more than a two page introduction) and XML and Middleware. New technologies like RSS and WAP need tools and users and programmers. There's also more to say on debugging CGI applications, though a pointer to the facetiously named Idiot's Guide could be helpful.)

The Summary Newly updated, chock full of good advice and, above all, high-quality code, this book is a great place to learn how to focus your Perl skills in a popular direction. Follow the advice presented, ask around for help if you need it, and have fun. Don't bother spending 24 hours or 21 days or whatever it is now, learn CGI programming with Perl the right way.

special thanks to the amazing Simone at O'Reilly for her help making these and other reviews possible!

Table of Contents
  1. Getting Started
  2. The Hypertext Transfer Protocol
  3. The Common Gateway Interface
  4. Forms and CGI
  5. CGI.pm
  6. HTML Templates
  7. JavaScript
  8. Security
  9. Sending Email
  10. Data Persistence
  11. Maintaining State
  12. Searching the Web Server
  13. Creating Graphics on the Fly
  14. Middleware and XML
  15. Debugging CGI Applications
  16. Guidelines for Better CGI Applications
  17. Effeciency and Optimization
  1. Works Cited and Further Reading
  2. Perl Modules
You can purchase this book at ThinkGeek.

1 of 65 comments (clear)

  1. Re:Perl is the luggable of computer languages by mfx · · Score: 5
    In my experience, perl is just about the most portable language around. Problems come up when you call external programs (e.g., unix tools) or assume the existence of specific system calls (e.g, fork), but most perl CGI scripts can be ported by changing a few config parameters (location of log files; document url).

    Compared with this, java is nearly un-portable: many environments are still in the migration toward java 2; and parts of the language can be a major headache, even if they work as announced (ever tried to store BLOBs via JDBC in Oracle? ;-)

    last not least: Perl Modules are, on the average, very easy to install, and with CPAN there exists a simple method to find relevant modules.

    --

    "When do you work?" "Whenever I'm not busy."