CGI Developer's Resource

Overall, I thought that the book was fairly well-organized, although a number of sections were of questionable value.
  • Author: J. M. Ivler with Kamran Husain

  • Publisher: Prentice Hall, Inc.

  • URL:

  • Price: $49.99 US

  • ISBN: 0-13727-751-2

  • Reviewer: Reuven M. Lerner

“CGI Developer's Resource” is one of many books released in the last year on the Common Gateway Interface. CGI enables HTTP servers to return not just the contents of an HTML file, but also the HTML-formatted text output from a program. (Like many other books on the subject, this book appears to have been rushed out.) There is a lack of attention to detail and the example programs are not well structured and are poorly presented.

Overall, I thought that the book was fairly well-organized, although a number of sections were of questionable value. Books cannot possibly explain all things to all people, and while descriptions of client-server programming, of thin vs. fat clients and of HTTP were all worthwhile, I felt that an explanation of how different types of firewalls work was probably unnecessary.

I disliked the authors' programming style, which used very few subroutines. If the authors were writing short programs, the lack of subroutines would seem reasonable, but there were several five-page program listings that lacked even a single subroutine. (In addition, there were too many unbroken blocks of code in the book.) True, the programs contain extensive comments—some of them holdovers from when the code was discussed and improved on the Internet, and others useful explanations of what the code is doing—but I would have preferred to see them designed as well as they were documented. Given that the front cover claims that the book demonstrates good software design, it would have been nice to see more modular code, perhaps broken up into reusable libraries.

The authors purposely ignored the existing CGI libraries for Perl, preferring to process CGI-related data on their own. Moreover, the authors explicitly decided against using Perl 5 (in favor of Perl 4), because of its object-oriented features; because it “would have required the explanation of the use of modules and OOP in Perl” and because “the folks supporting some of the Perl code shown here are not Perl programmers.” Even non-Perl programmers can and should learn about Perl's error-checking and security mechanisms, which trap problems and make CGI programs safer and easier to debug.

Indeed, very little space was dedicated to the tricky problem of debugging CGI programs or of how to construct error messages that make it easy to find problems in CGI code.

One of the chief benefits of the CGI standard is its portability across platforms. However, as experienced CGI programmers know, portability is guaranteed for the standard itself, not for the languages or operating systems in which CGI programs are written. I appreciated the author's note on the first page of the preface, in which they acknowledge that “this text is a bit Unix-centric”—but that understates the non-portable nature of most of the code in the book. True, every program can be modified so that it will run on other platforms, and they require far fewer modifications than would be necessary if the programs were written in C. However, to claim that the programs are portable is a bit far-fetched, given their reliance on external Unix utilities.

A number of editing and production issues also bothered me: a large number of typographical errors and misspellings, a poor choice of font in program listings, explanatory notes printed on a dark background that makes some words almost illegible and an index that is far too small. There was also no mention of DBM files or relational databases, two data-storage technologies that every CGI programmer will probably use at some time.

There were several nice parts to the book. The program for a monthly-activities calendar was quite good, especially since it allowed for two different views of the same data. There is an extensive treatment of server-side includes, which contained a listing of variables specific to SSIs. Also, a mention of how to write CGI programs that retrieve data left by system utilities in flat files is useful information. The authors explicitly named the requirements for each project before embarking on it—something that I wish more software engineers would do in today's bug-infested world.

Overall, $50US seems a bit steep for this book, given that the programs are often similar to those you can find on-line, the explanations contain bugs and inaccuracies and the code is poorly organized. With some serious editing, this book could have been quite interesting—but in its current incarnation, the book is too weak to stand on its own.

Reuven M. Lerner is an Internet and Web consultant living in Haifa, Israel, who has been using the Web since early 1993. In his spare time, he cooks, reads and volunteers with educational projects in his community. You can reach him at


One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix