[ Comments ] [ Copyright ] [ Chapter contents ] [ Book contents ]
CGI scripts receive a fair amount of information about their execution environment from the web server. Not all this information is standardized; some servers and some clients pass extra information.
You can examine the contents of the environment of a CGI script by checking the keys to the associative array %ENV. %ENV contains environment variables; their names are the keys to the array. For example, $ENV{'QUERY_STRING'} contains the HTTP query that was passed to a CGI script.
When developing scripts it's often useful to have a simple, dumb CGI script kicking around that prints out your environment. In conjunction with a couple of different browsers, you can work out ways of finding out information about your users. Here's a simple script which doesn't actually read a GET or POST query, but prints out everything it finds in its run-time environment (using a neatly formatted table):
#!/bin/perl # # print "Content-type: text/html\n\n"; print "<HEAD><TITLE>Environment dumper</TITLE></HEAD>\n"; print "<BODY><P>\n"; print "<TABLE BORDER=\"4\">\n"; print "<TR><TD><B>Variable</B><TD><B>Value</B>\n"; foreach (keys (%ENV)) { print "<TR><TD>$_<TD>$ENV{$_}\n"; } if ($ENV{'REQUEST_METHOD'} eq "POST") { $stdin = <STDIN>; print "<TR><TD COLSPAN=\"2\"><B>Uploaded file follows</B> (raw MIME data)\n"; print "<TR><TD COLSPAN=\"2\">$stdin\n"; } print "</TABLE>\n</BODY>\n"; exit 0;It produces output like this:
DIAG?
This tells us a lot about the web browser making the request, even though it doesn't actually parse the query. (Note that if the REQUEST_METHOD variable is set to POST it reads in the query and prints it in a cell in the table without performing any substitutions on it.)
For example, we can see that the HTTP_USER_AGENT (the web browser) is a beta copy of Netscape 2.0; and it's coming from the machine (REMOTE_HOST) fma0.demon.co.uk, at network address 158.152.6.20. The browser is willing to accept the mime types:
- image/gif
- image/x-bitmap
- image/x-jpeg
- image/pjpeg
- */*
If additional information is available, it will show up in this listing; for example, the undigested HTTP query will appear here, as will security information passed using HTACCESS and HTTP_COOKIE data in the HTTP header. (We will cover HTACCESS authorization and cookies later, in the section on servers.)
[ Comments ] [ Copyright ] [ Chapter contents ] [ Book contents ]