CGI Book The CGI Book, by William E. Weinman

Review date: January 28, 1997
Reviewed by: Kevin Drum
Overall grade: C+

As part of my quest to learn more about creating database-driven Web pages, I went down to Micro Center a few days ago to look for a book on CGI. I found over 50 titles, and I chose The CGI Book because I assumed that (1) CGI must be a complex subject, so (2) I should start with a short, nonthreatening introduction. I couldn't have been more wrong. Not only is CGI not complex, it's so simple that it barely exists at all, and only the first 30 pages of The CGI Book are really about CGI at all.

Here's the skinny: CGI is nothing more than a set of 19 standard variables that allow a Web server to send strings back and forth to a browser. For example, the server tells you the type of browser being used via the string HTTP_USER_AGENT, the protocol being used via SERVER_PROTOCOL, etc. In the other direction, the variable QUERY_STRING accepts data typed into a browser form and makes it accessible to the server in a standard (and somewhat bizarre) format. For example, if you have a form with entries for Name and Address, and the user types in "Kevin Drum" and "97 Greenfield Avenue," this is what QUERY_STRING looks like:

Name=Kevin+Drum&Address=97+Greenfield+Avenue

So what does all this have to do with databases? Virtually nothing. In fact, CGI itself does nothing more than allow you to accept form data, and it's up to you to parse it and send it to a database. The basic drill seems to go like this:

  1. User types query data into a form that contains a reference to a CGI program.
  2. QUERY_STRING is filled in.
  3. The CGI program referenced in the form parses the string. This program is written by you and runs on the Web server.
  4. The same program submits the query data to your database.
  5. The database returns its results.
  6. The program formats the results and returns them to the user.

In other words, you have to have a database engine resident on the server (Oracle, Informix, whatever), and you have to write a standard kind of database program to make the appropriate SQL calls for your application. It's exactly like accessing a database in any other kind of environment, except that (1) you have a little added overhead because of the CGI formatting nonsense, (2) you can't use any cool report writing tools, and (3) the reports have to be formatted by you, and of course you're limited to the formatting capabilities of HTML. This is progress?

There's both good news and bad in all this. The good news is that working with databases is pretty much the same on the Web as anywhere else, so you don't have to learn anything new if you're already SQL literate. The bad news is that it's no easier than before. It's also now clear to me why Windows NT is becoming so popular as a platform for Web servers: if you've got a Windows-based database program that you want to port onto the Web, it will run fine on a Windows NT server, but not on UNIX (or NetWare).

CGI programs themselves can be written in any language that's supported on your server: C, C++, a shell script, etc. Perl is very popular for this purpose, and it turns out that the only reason for this is that Perl excels at text handling. It's also an interpreted language, which makes it fairly portable, and it's supported on virtually all server platforms.

Once the basics of CGI are out of the way (and basics are all there is), the remaining 270 pages of The CGI Book are devoted to topics that have nothing to do with CGI but that are generally related to creating dynamic Web pages. For example:

  • Server-Side Includes are a mechanism for allowing programs to build HTML pages on the fly. SSI commands can be used to include files, echo strings, execute programs, etc., with the general objective of creating an HTML page programmatically that will be returned to the user. (The recent reviews page on this Web site, for example, is nothing more than a series of ten SSI statements that glue together the ten most recent reviews I've posted.)

  • Cookies allow you to maintain state during a Web session. My home page, for example, sets a cookie with the current date in it whenever it's loaded. The next time you visit, it reads the cookie and tells you what's new since the last time you visited.

  • User authentication allows you to request usernames and passwords and restrict access to particular areas of a Web site.

  • Imagemaps allow you to create clickable images. Inline animation allows you to create animated GIFs. The "Welcome to drum.net" image on my home page is an animated GIF.

The CGI Book is easy to understand, and if all you're looking for is a simple introduction it fills the bill just fine. However, computer books are expensive, and since CGI is so simple I'd recommend that you buy a more complete book the first time around. An advanced tutorial probably won't be very intimidating if you're at all programming literate, and one that has detailed descriptions of CGI, SSI, and Perl programming (which you'll probably end up using if your server is UNIX based) should save you the cost of buying two or three books.

Better yet, check out the Yahoo pages on CGI and Perl to get a taste of it first. A page called CGI Made Really Easy presents a quick lesson on CGI, and there are plenty of other sites that have more detail.

Back to DrumNet Home Page