On Thu, Aug 5, 2010 at 11:52 AM, Bob Sneidar <[email protected]> wrote: > Problem is, I don't want to learn how to do web CGI's yet. I got the On-Rev > account for 2 reasons: It was an AWESOME deal, and it had an SQL server I > could use for my development wherever I go. > > Bob >
Bob, There's nothing to "CGI". The term has gone through many iterations. But, think of it like this: When someone makes an HTTP request to your web server (typically through a browser, but not required), the web server accepts the incoming connection, looks at the REST command (typically a GET or POST) and then attempts to fulfill the request. Let's try an example: GET /index.html HTTP/1.1 That would be the command sent by the socket (with more information, but that's primarily the important part). Your web server (Apache w/ On-Rev) looks at the file requested and says, ".HTML files are just sent verbatim back." So it loads /index.html and sends all the data back over the connection. With CGI, all that's different is that there's a level of indirection added to the process. Let's perform a similar command: GET /register_user.irev HTTP/1.1 Now, the On-Rev Apache server is configured to understand that .IREV files don't get sent verbatim back to the client. Instead, they are opened, parsed, portions of them are executed, and the results are then sent on to the client. That "executing" part of the story is a form of CGI. In your register_user.irev script, you can then do something like this (pseudo-code as I don't remember all of it correctly from memory): <?rev put $_GET["username"] into tLogin put $_GET["password"] into tPasswd put connectToDatabase(...) into tDB revExecuteSQL tDb, "INSERT INTO ... WITH tLogin & tPasswd" ?> You've just executed a database action using CGI and a REST API (note: REST is just a glorified way of saying "via HTTP"). There's a lot to begin thinking about (security-wise*) once you've gotten it working, but you can use the above to do all sorts of things. And best of all, you don't need a browser. You can just send commands through Rev if you wan: get url "http://.../register_user.irev?username=bob&password=luggage12345"; Hope this helps, Jeff M. * I -highly- recommend that you take some time an look up DOS attacks on Wikipedia and follow the links there to all the other kinds of attacks you should worry about once a database is exposed to the world (DOS is just the most common). Some key ones: - Data validation - Captcha - IP validation _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
