CGI Programming with Perl

Length: 3-5 days

Prerequisites: Students should be familiar with the basic use of Perl. If the students are regular Perl users, we can skip the one-day refresher course.

A comprehensive treatment of the development of applications that deliver dynamic content on the World-Wide Web. All the important issues are discussed, including simple forms, multistage forms, application persistence, SQL database access, concurrency issues, and authentication, cryptography, and security.

On the first and second days, I solicit requests from the students in the class about what topics they would like to see covered. I add some important topics that I have prepared already; then we vote on what we will cover during the last day or two. I select the topics to be covered at the end based partly on importance, partly on popularity, and partly on length. During the next day or two, I prepare or assemble material on these topics.

Like all my classes, the length and content of this class can be adjusted to your specifications.

• Day 0: Hands-on Perl refresher course. (If necessary.)
  • This section is a speedy, labless treatment of units I-IV of "Hands-On Introduction to Perl". It covers basic I/O, scalars, arrays, hashes, regexes, file I/O, substitutions, and subroutines. If the students are regular users of Perl, we can skip it.
    
    
• Day 1: CGI application development
  • 1: Introduction to HTTP and CGI
    
    • Browsers and Servers
    • HTTP Session
    • Static Content; Dynamic Content
    • What is CGI?
    • CGI Misconceptions
    • Why CGI Programming can be difficult
    • HTTP
    • Fake HTTP Client; HTTP Response; HTTP Response Header
    • Fake HTTP Server; Fake HTTP Server Output; HTTP Request
    • Back to CGI
    • shellenv CGI Program
    • Content-Type; Missing Content-Type
    • Perl CGI Program
    • Where do the Errors Go?
    • Effect of Syntax and Other Errors; Redirecting STDERR
    • CGI::Carp; fatalsToBrowser'
    • Buffering Surprises
    • Lab
      
  • 2: Form Processing
    • Forms
    • Form Widgets: text boxes; password boxes; hidden widgets; radio buttons; checkboxes; menus; submit buttons; textareas; other widgets
    • Lab 2a
      
    • Form Submission and Encoding; example
    • GET vs. POST
    • Decoding form input
    • CGI.pm; param()
    • Lab 2b
      
    • Debugging Techniques
    • CGI.pm convenience functions; persistent form Data; CGI-generated HTML
    • Disabling persistent data
    • Lab 2c
      
  • 3: More Advanced CGI Applications
    • Maintaining State
    • Multipage Applications
    • PATH_INFO
    • Lab 3
      
      
• Day 2: CGI System Issues
  
  • 4: Operating System Issues
    • Hazards of local files; distributed filesystem difficulties
    • Concurrency problems: forgotten transactions; lost databases; interleaved writes; summary
    • How to fix concurrence problems: file locking
    • flock; typical uses; recipes; non-blocking locks; timeout locks
    • Lab 4
      
  • 5: DBI and database access
    • Relational Databases and SQL
    • Communicating with Databases
    • The DBI module; detailed example
    • hazards of interpolation
    • Concurrent access
    • Transactions; AutoCommit
    • RaiseError
    • Other Data Retrieval Functions
    • Documentation
    • Lab 5
      
  • 6: Security Issues
    • CGI is the World's Biggest Security Hole
    • Disaster Example: finger gateway
    • Tainting; perl -T; example; `Insecure Dependency'
    • Untainting Dirty Data
    • Operations that produce tainted data; unsafe operations; safe operations
    • The Unix Shell
    • The Two Stances; Why you must be strict; Open and closed failure modes
    • Do Not Trust the Browser
    • Lab 6
      
• Day 3: Networking
  
  • 7: Email
    • Mail Transport; SMTP; envelopes
    • Sending mail; Mail::Send; Net::SMTP; MUA
    • Other Mail Security Issues
    • Lab 7
      
  • 8: Network Programming
    • Addresses; host names; DNS; gethostbyname; gethostbyaddr
    • IP; UDP; TCP
    • Sockets
    • Setting up and using a network client
    • Setting up a network server
    • select
    • Other Utilities
    • Lab 8
      
    • Protocol modules: Net::FTP; Net::Telnet
    • Security Considerations
    • ident Service
      
  • 9: Web Programming and LWP
    • Programming Web Clients
    • LWP; LWP::Simple
    • Lab 9a
      
    • LWP::UserAgent; HTTP::Request; HTTP::Response
    • Security Revisited
    • HTTP_REFERER Forgery
    • Parsing HTML; regexes don't work;
    • HTML::Parser; abstract methods; subclass example
    • HTML::LinkExtor
    • HTML::TreeBuilder
    • HTML::Element objects and methods; Garbage Collection Problem
    • Lab 9b
      
      
• Days 4-5: Miscellaneous Techniques (Includes several of the following, as selected by the students)
  • Cookies
  • Long-running background jobs
  • Caching
  • Dynamic image generation
  • Image maps
  • Drawing graphs
  • LDAP
  • Other topics suggested earlier in the week by the students

Return to: Universe of Discourse main page | Perl Paraphernalia | Other Classes and Talks