CGI Developer's Resource
Author: J. M. Ivler with Kamran Husain
Publisher: Prentice Hall, Inc.
Price: $49.99 US
Reviewer: Reuven M. Lerner
“CGI Developer's Resource” is one of many books released in the last year on the Common Gateway Interface. CGI enables HTTP servers to return not just the contents of an HTML file, but also the HTML-formatted text output from a program. (Like many other books on the subject, this book appears to have been rushed out.) There is a lack of attention to detail and the example programs are not well structured and are poorly presented.
Overall, I thought that the book was fairly well-organized, although a number of sections were of questionable value. Books cannot possibly explain all things to all people, and while descriptions of client-server programming, of thin vs. fat clients and of HTTP were all worthwhile, I felt that an explanation of how different types of firewalls work was probably unnecessary.
I disliked the authors' programming style, which used very few subroutines. If the authors were writing short programs, the lack of subroutines would seem reasonable, but there were several five-page program listings that lacked even a single subroutine. (In addition, there were too many unbroken blocks of code in the book.) True, the programs contain extensive comments—some of them holdovers from when the code was discussed and improved on the Internet, and others useful explanations of what the code is doing—but I would have preferred to see them designed as well as they were documented. Given that the front cover claims that the book demonstrates good software design, it would have been nice to see more modular code, perhaps broken up into reusable libraries.
The authors purposely ignored the existing CGI libraries for Perl, preferring to process CGI-related data on their own. Moreover, the authors explicitly decided against using Perl 5 (in favor of Perl 4), because of its object-oriented features; because it “would have required the explanation of the use of modules and OOP in Perl” and because “the folks supporting some of the Perl code shown here are not Perl programmers.” Even non-Perl programmers can and should learn about Perl's error-checking and security mechanisms, which trap problems and make CGI programs safer and easier to debug.
Indeed, very little space was dedicated to the tricky problem of debugging CGI programs or of how to construct error messages that make it easy to find problems in CGI code.
One of the chief benefits of the CGI standard is its portability across platforms. However, as experienced CGI programmers know, portability is guaranteed for the standard itself, not for the languages or operating systems in which CGI programs are written. I appreciated the author's note on the first page of the preface, in which they acknowledge that “this text is a bit Unix-centric”—but that understates the non-portable nature of most of the code in the book. True, every program can be modified so that it will run on other platforms, and they require far fewer modifications than would be necessary if the programs were written in C. However, to claim that the programs are portable is a bit far-fetched, given their reliance on external Unix utilities.
A number of editing and production issues also bothered me: a large number of typographical errors and misspellings, a poor choice of font in program listings, explanatory notes printed on a dark background that makes some words almost illegible and an index that is far too small. There was also no mention of DBM files or relational databases, two data-storage technologies that every CGI programmer will probably use at some time.
There were several nice parts to the book. The program for a monthly-activities calendar was quite good, especially since it allowed for two different views of the same data. There is an extensive treatment of server-side includes, which contained a listing of variables specific to SSIs. Also, a mention of how to write CGI programs that retrieve data left by system utilities in flat files is useful information. The authors explicitly named the requirements for each project before embarking on it—something that I wish more software engineers would do in today's bug-infested world.
Overall, $50US seems a bit steep for this book, given that the programs are often similar to those you can find on-line, the explanations contain bugs and inaccuracies and the code is poorly organized. With some serious editing, this book could have been quite interesting—but in its current incarnation, the book is too weak to stand on its own.
Reuven M. Lerner is an Internet and Web consultant living in Haifa, Israel, who has been using the Web since early 1993. In his spare time, he cooks, reads and volunteers with educational projects in his community. You can reach him at email@example.com.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Death of RoboVM
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide