CGI: What the Heck Is That?Written by Richard Lowe
Let's unlock a little bit of mystery about something called CGI. If it helps any, CGI means Common Gateway Interface. This is a method which is used to exchange data between server (the hardware and software that actually allows you to get to your web site) and a web client (your browser). CGI is actually a set of standards where a program or script (a series of commands) can send data back to web server where it can be processed.Typically, you use standard HTML tags to get data from a person, then pass that data to a CGI routine. The CGI routine then performs some action with data. Some of more common uses of CGI include: - Guestbooks - The CGI routine is responsible for accepting data, ensuring it is valid, sending an email acknowledgement back to writer, perhaps sending an email to webmaster, and creating guestbook entry itself. - Email Forms - A simple CGI forms routine just formats data into an email and sends it back to webmaster. More complicated routines can maintain a database, send an acknowledgement and validate data. - Mailing List Maintenance - These routines allow visitors to subscribe and unsubscribe from a mailing list. In this case, CGI routine maintains a database of email addresses, and better ones send acknowledgements back to visitor and webmaster. A CGI routine can be anything which understands CGI standard. A popular CGI language is called PERL, which is simple to understand and use (well, compared to other languages). PERL is a scripting language, which means each time a PERL routine is executed web server must examine PERL commands to determine what to do. In contrast, a compiled language such as C++ or Visual Basic can be directly executed, which is faster and more efficient. Okay, in a nutshell (and greatly simplified), here's how it works: 1) You (the webmaster) specify a form tag which includes name of CGI routine. 2) You create HTML tags which retrieves data from your visitors.
| | How to Stop Digital Thieves with CGIWritten by Steve Humphrey
I'm going to assume you're serious about your business. If you're not, I can't help you anyway. You've gone as far as getting a real merchant account to accept credit card payments online. You know that this was neither easy or cheap. So does everyone else! So, a merchant account shows that you've made a serious commitment to your business. That's good for customer confidence, which is good for business. So far so good... Now there's issue of selling stuff to people online. Your order form leads them to feed their credit card info to a secure gateway, using software you bought or leased from (or through) your merchant account provider. Finally, transaction is approved or denied. If approved, software generates a receipt and emails you and customer each a copy. At this point, customer is returned to a page you specified. In case of downloadable products, this is often page where they download your product. So, you've got entire process fully automated. For a product or service with a fairly low price point and a potential for many thousands of sales, this seems ideal. You can quite literally make sales and earn income 24 hours a day. So, what's problem? The form code on your order page is problem. If someone uses ViewSource function of their browser, they can see all your code. If they have even a tiny bit of initiative and skill, they can locate URL of your download page. After all, it's right there in your form code! CGI provides two ways of fixing this problem. One involves using a script that makes it impossible to view source code. You can find a source for such a script by searching web. Expect to pay a lot for this technology. Another way is to make return path a script instead of actual download location. The script would be used to create and display download page. It would not be visible to surfer, since it's not an HTML document. The script can also record details of transaction for book-keeping purposes.
|
