HomeBuilding Your WebsiteWeb Programming and Application Development

server side forms and things

Busy posted this at 06:55 — 28th February 2002.

Busy's picture

He has: 6,151 posts

Joined: May 2001

cgi is run via the cgi-bin folder correct?

I read a php tutorial* where it says a form made by using PHP has to be in the cgi-bin (or could be renamed php-bin).
Running PHP forms on localhost I can have the action method pointed anywhere, to any folder/file, so is the bin folder method the old way (PHP3 maybe) or the right way or just another way of doing this?

* Sorry havent got the URL, I printed it a while back and it doesnt have the URL on it

Suzanne posted this at 06:59 — 28th February 2002.

Suzanne's picture

She has: 5,507 posts

Joined: Feb 2000

you don't even have to run cgi from the cgi-bin on some servers. I've never heard of the php-bin, lol. you can put it in the cgi-bin or run it from somewhere else -- depends entirely on the permissions of the server.

Smiling S

Wil posted this at 09:31 — 28th February 2002.

They have: 601 posts

Joined: Nov 2001

All depends on the setup of your server. Most webhosts only execute CGI programs from the cgi-bin for security reasons. They create a 'sandbox' on the machine, an area where anything you do can not affect or damage the server. Some hosts even map the /cgi-bin/ to another machine for this reason.

However, you may be able to override this using .htaccess control files, specifying the content-type of specific files in a directory. Or maybe your webhost allows you to place them anywhere on your server, as long as they have specific extensions ie; php, cgi, pl etc.

- wil

doublehelix posted this at 22:05 — 1st March 2002.

They have: 117 posts

Joined: Feb 2002

I'm going to ramble a little bet to try to explain this cgi-bin/php-bin business. Understanding a couple of simple concepts should clarify what is going on server-side.

The WWW is a network and as such users need to be "logged on" to be able to get to files on the network. Anybody who maintains a site on a remote host is familiar with providing a username and password to access the files on their site. What a lot of people overlook is the fact that a websurfer requesting pages from your site also has to be "logged on" to retrieve a webpage. The web is set up so that websurfers are "logging on" as a special user known as either "nobody" or "anonymous".

When you set up a directory on a server you assign permissions to that directory. These permissions cover whether a user can READ, WRITE or EXECUTE (a script) in that directory. Anonymous users generally are only allowed permission to READ files. Any directory can be changed to allow scrpits to EXECUTE in it (the famous chmod 755 command). The name 'cgi-bin' for the location of scripts is just a convention and need not be followed (in fact, to foil script-kiddie type of hacks many sites no longer use that name for their directory containing executables).

What I'm trying to say -- in answer to the original question -- is the orblem isn't the name of the directory, it is the permissions set for the directory the scripts are running in.

As an aside, NEVER allow a directory having execute permissions to also have write permission (for the script to write log files, etc.). Alway place the files being written in a different directory.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.