Re: [ProgSoc] Server Side Includes

glennw@nospam.vma.tabnsw.com.au
Tue, 07 Oct 1997 09:13:18 +1000

Tony Young wrote:
> The only way to pass information to cgi scripts is through variables (ie forms)
> or through the name of the script
> itself, as with the counter family used on ftoomsh (see ~www/cgi-bin/count...)
>
> I'm not 100% sure of the syntax, but if you want your finger to show you always
> (ie you don't want people to choose who
> they want to finger) you should be able to do the following:
>
> <FORM ACTION="finger" METHOD="POST">
> <INPUT TYPE="hidden" NAME="person" VALUE="dcafe@nospam.ftoomsh.progsoc.uts.edu.au">
> <INPUT TYPE="submit" VALUE="Finger me">
> </FORM>
>

Hmmm ... not too sure bout that ... Someone could pretty
easily write their own <FORM> to finger anyone else ...
all they'd have to do is stick another name in the hidden
field. Prolly a better idea to execute the finger command
from within the actual script .. from there you can make sure
that _you_ are the only one that it can finger.

> now I may have this around the wrong way, but I think POST method will put the
> values on the "command line" separated
> by '?'s, meaning that you'll need to parse the input line for your values. the
> GET method will set variables for the
> values. ie a variable called 'person' will be set with your email address.

Yeah ... u got it the wrong way around :) .. GET method attaches a
QUERY_STRING to the URL which your CGI script
can grab from the environment. The usual scenario for the
POST method is to send an e-mail to your script, (or upload
a file to it) with the FORM data in it.

Glenn

--
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@nospam.progsoc.uts.edu.au.
If you are having trouble, ask owner-progsoc@nospam.progsoc.uts.edu.au for help.


This list is archived at <http://www.progsoc.uts.edu.au/lists/progsoc/>