The interface in-your-face
CGI stands for Common Gateway Interface, which is a standard for a gateway, or interface, between clients and web servers. It allows interaction between them, transparent and smooth. Web pages per se are static, plain HTML, sometimes rather messy, but readable text files. Now, CGI's are scripts, or small programs, which allow you to make your web pages dynamic, and add various nifty things to them. A CGI program/script can be written in any language that allows it to be executed on the system, such as: C/C++, Fortran, PERL, TCL, Any Unix shell, Visual Basic, AppleScript... It just depends what you have available on your system. Usually, CGI's are located in the /cgi-bin folder of your web server, and if you have CGI's which are not only shell scripts, you also might have a /cgi-src folder. Of course, these may vary, so please don't think it is carved in the stone just because I said so...
CGI's are emmbeded into HTML pages via a simple link tag, ie. a CGI script incorporated into your page might look something like this:
where picknose.sh is just a simple bash script, located in the /cgi-bin folder. What it does, well, that's a different story, and completly irrelevant to our little debate. :)
For what will I use CGI's one might wonder, and to that question the answer is fairly simple, but to make it even more simplified, I will elaborate it on an example. Imagine you have some sort of a database on your web, and you need to make it searchable to the user surfing the web. The best way to do this is via CGI scripts. You need a way to interact and transmit information between your host, and the user's web browser and that's what the common gateway interface or CGI does. It serves as a gateway between the user and your web. It (CGI script) will be executed by the web daemon to transmit query to the database and send results back to the user, via the same daemon. Kinda of a third party involvment. This is the simplest example of how to use CGI's. Implementation is easy, and the possibilites are limited only by your immagination. Make sure your CGI's are as simple as possible and that they do not take long time to execute. You can read more about the CGI concept and other CGI stuff here.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.