CGI Form Scripts

The CGI script that allows you to use individual script areas is named: cgiwrap.

It is now possible for each web area on VCU's main web server (www.vcu.edu) to have its own CGI script area instead of having to have the Webmaster install all scripts into the system CGI directory. These individual scripts are actually run by a script in the system directory called cgiwrap which takes care of security and other concerns that prevent us from allowing "in-line" scripts. Normally CGI scripts are run by the web server userid which can present problems in reading and/or writing of files by the scripts. This new system runs the "local" scripts using the userid and groupid of the script itself, allowing you to easily read and/or write files within your web area without other programs or browsers being able to see them.

To use this facility you first have to create a script sub-directory named "cgi-bin" within your web directory (if you have multiple sub-directories within your web area, you can have a script directory in each of them). You then put your scripts into this script directory - making sure that they are executable programs! To do this you must access the area from your account on one of the following UNIX systems - atlas, people, or titan and change to mode of the file with the following steps:

• login userid

  • Login to the appropriate system with your userid.

• cd /html/public/web-path

  • Change to your web directory where web-path is the relative URL from the web root (e.g. "vcu/faculty/senate", "hasweb/phy", etc.).

• chmod 700 script-name 

  • Change the mode of your script, "script-name", to executable. Note that only owner permissions have to be set since it will be executed by the owner's userid.

Once you have done all this, you can execute your script by using the following URL:

http://www.vcu.edu/cgi-bin/cgiwrap/web-path/script-name[?parameters|/path-info]

where web-path and script-name are the same as shown above and the optional ?parameters or /path-info are any arguments passed to your script (do not include the brackets [] in the actual URL). Note that the name of the script sub-directory, "cgi-bin" is not a part of the web-path field.

If you are having problems getting a CGI script to run using this method, you can switch into a "debugging" mode by entering the URL as follows:

http://www.vcu.edu/cgi-bin/cgiwrapd/web-path/script-name[?parameters|/path-info]

This will return a web document with diagnostic information about your script including any permission or naming problems. If the problem is in the script itself, it will also list the output of the script including any error messages in generating the output. This can be quite valuable in building and debugging a new script.

Limitations

You have to consider the following limitations and restrictions in using this method of running CGI scripts:

• permissions

  • The script, the script directory, and the sub-directory in which the script directory is located must all have the same userid and groupid.

• sub-directories

  • While you can have a script directory in more than one of your web sub-directories, you may not have any sub-directories in a script directory - only script files.

• access control

  • Access to these scripts can not be restricted using "htaccess" web access control since the user is really interfacing with the "cgiwrap" script. While you can control access to the page which provides the link to the script, anyone who discovers the URL for the script can enter it manually and bypass that security. If you need to have some security, you will have to build an "identification" form into your script as the first phase.

• cpu restriction

  • To prevent "run-away" scripts from degrading the performance of our main Web server, there is a 10 cpu second limit on all local scripts. This is really a long time on these computer systems and should not be a real limitation.