Passing params to a cgi script - Perl Server Side CGI Scripting forum at WebmasterWorld - WebmasterWorld

Forum Moderators: coopster & phranque

Message Too Old, No Replies

Passing params to a cgi script

SSI Includes

runner

6:22 pm on Sep 1, 2006 (gmt 0)

10+ Year Member

I'm troubleshooting a problem and it's a little tricky to describe so bear with me as I attempt to make sense of it...

One of our perl programmers wrote a cgi script that gets called from an SSI include on a web page. When a user enters the URL for this web page into their browser they have the option of adding some additional parameters which end up getting passed to the cgi script.

For example, if the web page is named test.shtml the user might type in [servername...]

The?variable=abc123 part gets passed to the cgi script that is listed in the SSI include line of this web page. The weird thing about this is that the SSI include statement does not specifically pass any parameters to the cgi script. I don't understand how the cgi script knows that someone added those parameters to end end of the URL when they typed it in.

This cgi script depeneds on getting those additional parameters from the URL. This setup works fine on one Apache server but not on the other. Since I don't understand how this can work in the first place I don't know how to troubleshoot the problem on the Apache server where this does not work.

lexipixel

6:31 pm on Sep 1, 2006 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Probably getting it from an ENV variable, (QUERY_STRING or HTTP_REFERER). And they may be using some Php to parse the URL and pass it in.

runner

7:22 pm on Sep 1, 2006 (gmt 0)

10+ Year Member

I set up a dummy shtml page and substituted printenv for the SSI cgi script. Both env listings show the extra parameters in QUERY_STRING_UNESCAPED and REQUEST_URI. Both servers are getting the data set in the environment but only one script is working. Same script on both servers. I'll keep digging. The only difference between the two printenv pages is that one server has more environment variables than the other some are different but they are not vars that would seem to be relavent to this problem.

perl_diver

9:18 pm on Sep 1, 2006 (gmt 0)

10+ Year Member

you don't need anything to pass data in the URI string. It does not matter if it's a .shtml page or some other page. You don't even need a page at all. Just type anything you want into the URI string and it will get passed to the server.

runner

10:14 pm on Sep 1, 2006 (gmt 0)

10+ Year Member

The problem is the cgi script on one server wasn't "finding" the extra parameters that were entered on the URI line.

Looking at the script, the lines that went out and got the extra parameters were:

my $cgi = new CGI;
our %in = map { $_, $cgi->param($_) } $cgi->param;

Where %in contains the key/value pairs... we looked at these values on the server that workes and the one that doesn't work. On the "broken" server, %in did not contain anything. The working server contained the valid data.

We were able to fix the problem on the "broken" server by adding this one line before the "my $cgi = new CGI;"

$ENV{QUERY_STRING} = $ENV{QUERY_STRING} �� $ENV{QUERY_STRING_UNESCAPED};

This just dumps the data in QUERY_STRING_UNESCAPED into QUERY_STRING if QUERY_STRING is null.

I don't know if this poses a security problem but it seems to work. I still don't understand why this same cgi script works on one server and not the other. The only thing I can think of is there must be a difference in the cgi modules on the two servers.

perl_diver

11:06 pm on Sep 1, 2006 (gmt 0)

10+ Year Member

try this, instead of:

my $cgi = new CGI;
our %in = map { $_, $cgi->param($_) } $cgi->param;

try:

my $cgi = new CGI;
my %in = $cgi->Vars;

whoever wrote this line:

our %in = map { $_, $cgi->param($_) } $cgi->param;

does not have a good working knowledge of the CGI module. It will work but the Vars function is used for that exact purpose. I also see no need to declase the hash with 'our', but if you have problems you can switch back to 'our'.

my $cgi = new CGI;
our %in;
%in = $cgi->Vars;