CGI Developer's Resource

“CGI Developer's Resource” is one of many books released in the last year on the Common Gateway Interface. CGI enables HTTP servers to return not just the contents of an HTML file, but also the HTML-formatted text output from a program. (Like many other books on the subject, this book appears to have been rushed out.) There is a lack of attention to detail and the example programs are not well structured and are poorly presented.

Overall, I thought that the book was fairly well-organized, although a number of sections were of questionable value. Books cannot possibly explain all things to all people, and while descriptions of client-server programming, of thin vs. fat clients and of HTTP were all worthwhile, I felt that an explanation of how different types of firewalls work was probably unnecessary.

I disliked the authors' programming style, which used very few subroutines. If the authors were writing short programs, the lack of subroutines would seem reasonable, but there were several five-page program listings that lacked even a single subroutine. (In addition, there were too many unbroken blocks of code in the book.) True, the programs contain extensive comments—some of them holdovers from when the code was discussed and improved on the Internet, and others useful explanations of what the code is doing—but I would have preferred to see them designed as well as they were documented. Given that the front cover claims that the book demonstrates good software design, it would have been nice to see more modular code, perhaps broken up into reusable libraries.

The authors purposely ignored the existing CGI libraries for Perl, preferring to process CGI-related data on their own. Moreover, the authors explicitly decided against using Perl 5 (in favor of Perl 4), because of its object-oriented features; because it “would have required the explanation of the use of modules and OOP in Perl” and because “the folks supporting some of the Perl code shown here are not Perl programmers.” Even non-Perl programmers can and should learn about Perl's error-checking and security mechanisms, which trap problems and make CGI programs safer and easier to debug.

Indeed, very little space was dedicated to the tricky problem of debugging CGI programs or of how to construct error messages that make it easy to find problems in CGI code.

One of the chief benefits of the CGI standard is its portability across platforms. However, as experienced CGI programmers know, portability is guaranteed for the standard itself, not for the languages or operating systems in which CGI programs are written. I appreciated the author's note on the first page of the preface, in which they acknowledge that “this text is a bit Unix-centric”—but that understates the non-portable nature of most of the code in the book. True, every program can be modified so that it will run on other platforms, and they require far fewer modifications than would be necessary if the programs were written in C. However, to claim that the programs are portable is a bit far-fetched, given their reliance on external Unix utilities.

A number of editing and production issues also bothered me: a large number of typographical errors and misspellings, a poor choice of font in program listings, explanatory notes printed on a dark background that makes some words almost illegible and an index that is far too small. There was also no mention of DBM files or relational databases, two data-storage technologies that every CGI programmer will probably use at some time.

There were several nice parts to the book. The program for a monthly-activities calendar was quite good, especially since it allowed for two different views of the same data. There is an extensive treatment of server-side includes, which contained a listing of variables specific to SSIs. Also, a mention of how to write CGI programs that retrieve data left by system utilities in flat files is useful information. The authors explicitly named the requirements for each project before embarking on it—something that I wish more software engineers would do in today's bug-infested world.

Overall, $50US seems a bit steep for this book, given that the programs are often similar to those you can find on-line, the explanations contain bugs and inaccuracies and the code is poorly organized. With some serious editing, this book could have been quite interesting—but in its current incarnation, the book is too weak to stand on its own.