• Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - CGI Programming using Perl, 2nd Edition

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
SF Reviewer
SF Reviewer

Joined: 07 Aug 2003
Posts: 3
Location: India


PostPosted: Thu Sep 30, 2004 11:32 am    Post subject: Book Review - CGI Programming using Perl, 2nd Edition Reply with quote

CGI Programming with Perl (2nd Edition)

Author(s): Scott Guelich, Shishir Gundavaram, Gunther Briznieks
Publisher: O'Reilly www.oreilly.com
Date Published: 2000 (2nd Edition)
Book Specifications: Softcover, 451 of pages
Category: Programming
Reviewer's Recommended User Level: Introductory to CGI, requires entry-level Perl knowledge
Suggested Publisher Price: $34.95 USA/ $51.95 CAN/ Ł24.95 Net UK
ISBN: 1-56592-419-3

Info from back
“CGI Programming with Perl shows how to use CGI to deliver dynamic content on your website. Based on the best-selling CGI Programming on the World Wide Web, this edition has been completely rewritten to demonstrate current techniques available with the CGI.pm module and the latest versions of Perl. The book starts by explaining how CGI and the underlying HTTP protocol work, and then moves quickly into the important details of developing CGI programs.”

The World Wide Web has come a long way since its inception by Tim Berners-Lee, and is totally unrecognizable in its latest avatar from the melee of static pages and images it once was. Its applications have changed completely, and the need to maintain a high level of interactivity with its users has led to dynamically created pages being the requirements of the day. The latter have always fascinated me, and this book seemed like a good way to get intimately acquainted with using Perl for such applications. I also looked at the book from the security perspective, since a majority of exploits on the web are coded in Perl, which itself is widely regarded to be the Swiss Army Knife of the Web.

This book does NOT teach you Perl from scratch. The authors state explicitly that know-how of setting up the Apache web server, and entry level Perl is a pre-requisite. There are a number of good resources on the above, the most notable being Programming Perl (3rd Edition) by Larry Wall. It does however express simply the finer nuances of using Perl in a variety of applications. My main intention when reading this book was to be able to get a grasp of what CGI programming is, and how Perl can be used to create Dynamic websites. This book is highly recommended for those interested in adding yet another powerful tool to their skill-set.

Details of updated material

The first edition of the book came out in March, 1996 and due to the umpteen (and radical!) changes the Web has undergone, the 2nd Edition has had most of its parts rewritten. New topics include CGI.pm, HTML templates, security, JavaScript, XML, Search engines, style suggestions, and compatible high-performance alternatives to CGI. Previous topics such as session management, email, dynamic images and relational databases have been expanded and updated. Another major difference is that the first edition covered other programming languages and their CGI applications; this one focuses solely on Perl.

The book targets beginners to any kind of CGI programming, and is very efficiently organized. The progression of the chapters is such that a continuous flow is maintained for the introductory topics, meaning a new reader will have no problems in mastering the basics very quickly. The book then presents alternative technologies which can help add pizzazz to a normal Perl/CGI site, and goes on to self-contained topics which can be read independently.

The book is organized into 17 chapters, and 2 appendices.

Chapter 1 presents a general introduction to CGI, including its history, web-server configuration (a brief look), and a sample CGI script to initiate the reader into the world of Perl/CGI!

Chapter 2 – 4 cover the basics of CGI – an overview of HTTP, and then a look at how CGI is built on top of it. An introduction is then made to the Form tags of HTML, which are by far the most common method of taking input into CGI scripts.

Chapters 5 and 6 look at popular modules like CGI.pm and HTML Templates which help generate dynamic HTML easily. Several alternative techniques of doing the above are also covered.

Chapter 7 deals with JavaScript and its applications in CGI. It is mostly used to incorporate real time form validation on HTML pages, and this is covered well. Bookmarklets are covered as well

Chapters 8 – 13 deal with providing solutions for common CGI bottlenecks. These include topics such as online security (encryption, data storage), data persistence using DBI and DBM , tracking users across web pages, as well as specific topics like sending email (basic concepts, sendmail, mailx), search engines and creating dynamic images using the GD library (also includes PerlMagick).

Chapter 14 covers middleware and XML, which enable CGI scripts in Perl to interact with other types of information servers.

Chapters 15 – 17 explain how to write better CGI scripts by discussing strategies for debugging those, guidelines for writing good and legible code, and efficiency as well as performance improvement methods.

The 2 appendices contain a bibliography and web references, as well as a guide to the most commonly used Perl modules like CPAN and Perldoc.

Style and Detail
O’Reilly has pulled off a virtual coup by getting the 3 authors of this book together in order to create the 2nd Edition. It comes across as a very well written book – no compromises on its technical content and yet, very lucidly expressed. As befits a programming book, it leads the reader into learning by experimenting with the examples. Sample source code and configuration file internals abound, and tables concisely summarizing already discussed concepts make for very interactive reading.

As with all other O’Reilly books, this one too has an easy going pace, and is sure not to overwhelm its readers with too much detail at the same time.

To conclude, this book will appeal to the large majority of hackers out there who want to master CGI programming. Combining the best of good research, vast experience of the authors, excellent expression of all matters technical, and simple language, this is one book deserving a permanent spot on your bookshelf.

A suggestion to would-be readers is to achieve some level of familiarity with Linux, the Apache web server and Perl. Although Windows may be used with the above tools (which are both open source and cross-platform) the authors have used Linux as the illustrative OS, and most discussions tend to be with reference to it. Advanced Perl knowledge is not required – those into programming and logic should be able to understand most of the topics and their accompanying code, and thus learn the language as they go along. It is better however, to know the basics of Perl before you start with CGI.

In all, a well written book which doesn’t overtly drag its readers into details, instead making them learn by actual coding and examples. This book received a 9/10 from me.

This review is copyright 2004 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register