CGI: What the Heck Is That?

Written by Richard Lowe

Continued from page 1

3) Each ofrepparttar input tags includes a variable name. The data which is retrieved fromrepparttar 107132 visitor (or directly set ifrepparttar 107133 tag includesrepparttar 107134 "hidden" qualifier) is placed inrepparttar 107135 variable name.

4) Whenrepparttar 107136 visitor pressesrepparttar 107137 "submit" button,repparttar 107138 CGI routine which was specified inrepparttar 107139 form tag is executed. At this time,repparttar 107140 CGI routine "takes control", meaningrepparttar 107141 browser essentially is waiting for it to complete.

5) This CGI routine can get data from variable names. It retrievesrepparttar 107142 data and does whatever action is required.

6) Whenrepparttar 107143 CGI routine finishes, it returns control back torepparttar 107144 web client (the browser).

Some important things to remember about CGI routines:

- You can install CGI routines on your own site if your host allows it - Addr.Com is an example of a web host which allows for CGI routines. Some web hosts do not allow you to install your own routines but do provide some pre-written ones to you. If these are not sufficient for your needs, you can find a remote hosting service to providerepparttar 107145 necessary functions.

- Generally, if you install your own routines they must be installed inrepparttar 107146 cgi-bin directory of your site. This is a special location which allows scripts and programs to be executed.

- CGI routines work best on Apache-style servers. Windows NT and Windows 2000 does support CGI, but it tends to be slow and problematic.

- If you use a remote hosting service, you must remember that although they appear to be giving you this for free, you are actually paying a price. Usually they want to display advertisements, although some of them actually take visitors away from your site.

- When you write a CGI routine, you haverepparttar 107147 choice of a scripting language like PERL or a compiled language such as C++ or Visual Basic. Anything which can execute onrepparttar 107148 web server is acceptable.

I hope this short introduction to CGI has cleared up some ofrepparttar 107149 mystery.

Richard Lowe Jr. is the webmaster of Internet Tips And Secrets. This website includes over 1,000 free articles to improve your internet profits, enjoyment and knowledge. Web Site Address: Weekly newsletter: Daily Tips:

How to Stop Digital Thieves with CGI

Written by Steve Humphrey

Continued from page 1

I admit that I discovered this by trial and error - and a lucky guess or two. Your merchant account gateway software may have radically different behavior than mine, but here's what I've learned:

The gateway usesrepparttar POST method to sendrepparttar 107131 customer to your specified return URL (which can be a script as well as a web page). It also POSTs most of its input data items atrepparttar 107132 same time. They are usually ignored, but your script can read them if you want to!

Userepparttar 107133 names given torepparttar 107134 form inputs. Have your script extractrepparttar 107135 values of these "named parameters" atrepparttar 107136 time it createsrepparttar 107137 download page. Record what you want to save aboutrepparttar 107138 transaction in your orders file or database.

Now here'srepparttar 107139 real secret to foilingrepparttar 107140 thieves. Insiderepparttar 107141 script, check to see thatrepparttar 107142 variables you extract contain non-empty values. Did you get that? Here's an example:

if ($email eq "") {exit;}

In this example,repparttar 107143 script expects to get an email address. If it contains no characters,repparttar 107144 script quits instantly. By testing forrepparttar 107145 presence of some data in such fields as customer name, email address, item #, price, etc., you can tell whetherrepparttar 107146 script was called after a successful transaction - or by a thief...

Put all your security checks prior torepparttar 107147 code that createsrepparttar 107148 download page. If any test fails,repparttar 107149 script exits andrepparttar 107150 thief is left empty- handed. If your form-handling script can convert a product name to a product ID that's never visible to a browser, this provides even more security. This will be POSTed back torepparttar 107151 script and you can check for it before allowingrepparttar 107152 download.

Close these security holes and you'll make more money. You may even sleep a little better knowing that people can't steal that product you worked so hard to create. I know I do!

Steve Humphrey promises that you can learn to use CGI to turn your own website into a marketing machine in two hours or less with his excellent CGI learning system: "Learn to Use CGI in 2 Hours." We highly recommend this book as required reading for anyone who wants to automate their website or their marketing efforts. Click here for immediate access:

    <Back to Page 1 © 2005
Terms of Use