cgic.html

超级搜索动感版v2.0 - 源码下载常用软件下fastcgi库.cnv2.0 版主要更新： 1、界面更友善 2、优化主代码 3、更新热门词 4、增加搜索排行榜 5、

<html>
<head>
<title>cgic: an ANSI C library for CGI Programming</title>
</head>
<body>
<h1>cgic 2.05: an ANSI C library for CGI Programming</h1>
<h2>By <a href="http://www.boutell.com/boutell/">Thomas Boutell</a></h2>
<em><a href="http://www.boutell.com/cgic/">
The LATEST documentation is available here. Check often
for new releases.</a></em>
<blockquote>
<strong>IMPORTANT NOTICES:</strong>
<p>
If you have CGIC 1.05 or earlier, you should upgrade to CGIC 1.07,
or to CGIC 2.02 or better, in order to obtain important security fixes.
<p>
If you have CGIC 2.0 or CGIC 2.01 and you use the cgiCookie routines, 
you should upgrade to CGIC 2.02 or better, in order to obtain
important security fixes.
</blockquote>
<h3>Table of Contents</h3>
<ul>
<li><a href="#credits">Credits and license terms</a>
<li><a href="#support">How to get support</a>
<li><a href="#whatsnew205">What's new in version XYZ of CGIC?</a>
<li><a href="#whatis">What is cgic?</a>
<li><a href="#obtain">Obtaining cgic</a>
<li><a href="#build">Building and testing cgic: a sample application</a>
<li><a href="#nocompile">What to do if it won't compile</a>
<li><a href="#howto">How to write a cgic application</a>
<li><a href="#images">How can I generate images from my cgic application?</a>
<li><a href="#debug">CGI debugging features: using capture</a>
<li><a href="#functions">cgic function reference</a>
<li><a href="#variables">cgic variable reference</a>
<li><a href="#resultcodes">cgic result code reference</a>
<li><a href="#index">cgic quick index</a>
</ul>

<h3><a name="credits">Credits and License Terms</a></h3>

cgic can be used free of charge, <strong>provided that a
credit notice is provided online.</strong> Alternatively,
a nonexclusive Commercial License can be purchased, which
grants the right to use cgic without a public credit notice.
<p>
Please see the file
<code><a href="license.txt">license.txt</a></code>
for the details of the Basic License and Commercial License,
including ordering information for the Commercial License.
<p>
Thanks are due to Robert Gustavsson, Ken Holervich, Bob Nestor, 
Jon Ribbens, Thomas Strangert, Wu Yongwei, and other CGIC users 
who have corresponded over the years. Although the implementation
of multipart/form-data file upload support in CGIC 2.x is my own, 
I particularly wish to thank those who submitted their own 
implementations of this feature.
<h3><a name="support">How to Get Support</a></h3>
<blockquote>
<h4>STOP! READ THIS FIRST! REALLY!</h4>
    Are you getting a "server error," indicating that your web server
    "cannot allow POST to this URL," or a similar message? <strong>YOU MUST
    CONFIGURE YOUR WEB SERVER TO ALLOW CGI PROGRAMS, AND YOU MUST
    INSTALL CGI PROGRAMS IN THE LOCATION (OR WITH THE EXTENSION) THAT
    YOUR WEB SERVER EXPECTS TO SEE.</strong> Please don't send me email about
    this, unless you wish me to configure your web server for you; I can
    certainly do that for $50/hr, but you can probably straighten this out
    yourself or have your web server administrator do it.
</blockquote>
<h4>Free Support</h4>
Please submit support inquiries about CGIC via our                              <a href="http://www.boutell.com/contact/">contact page</a>.
Please note that we receive a large volume of inquiries and cannot always
respond personally. Sometimes
the response must take the form of an eventual
new release or an addition to a FAQ or other document, as opposed to an
detailed individual response.
<h4>Hourly Support</h4>
Those requiring support in detail may arrange for direct support
from the author, Thomas Boutell, at the rate of $50/hr, billed
directly by credit card. To make arrangements, contact us via our
our <a href="https://www.boutell.com/freeform/">secure
message page</a>. To avoid delay, be sure to specifically mention
that you wish to purchase CGIC support at the hourly rate above.
<h3><a name="whatsnew205">What's new in version 2.05?</a></h3>
Uploaded files properly closed; corrects a resource leak and enables
file uploads to work properly on platforms with particular file
locking semantics.
<h3><a name="whatsnew204">What's new in version 2.04?</a></h3>
Documentation fixes: the cgiHtmlEscape, cgiHtmlEscapeData,
cgiValueEscape, and cgiValueEscapeData routines were named
incorrectly in the manual. No code changes in version 2.04.
<h3><a name="whatsnew203">What's new in version 2.03?</a></h3>
<ul>
<li>Support for setting cookies has been reimplemented. The new
code closely follows the actual practice of web sites that successfully
use cookies, rather than attempting to implement the specification.
The new code can successfully set more than one cookie at a time in
typical web browsers.
</ul>
<h3><a name="whatsnew202">What's new in version 2.02?</a></h3>
<ul>
<li>In CGIC 2.0 and 2.01, if the HTTP_COOKIE environment variable
was exactly equal to the name of a cookie requested with cgiCookieString,
with no value or equal sign or other characters present, a buffer
overrun could take place. This was not normal behavior and it is
unknown whether any actual web server would allow it to occur, however
we have of course released a patch to correct it. 
Thanks to Nicolas Tomadakis.
<li>cgiCookieString returned cgiFormTruncated when cgiFormSuccess would
be appropriate. Fixed; thanks to Mathieu Villeneuve-Belair.
<li>Cookies are now set using a simpler Set-Cookie: header, and with
one header line per cookie, based on data collected by Chunfu Lai. 
<li>Memory leaks in cgiReadEnvironment fixed by Merezko Oleg. These
memory leaks were <em>not</em> experienced in a normal CGI situation, only
when reading a saved CGI environment.
</ul>
<h3><a name="whatsnew201">What's new in version 2.01?</a></h3>
<ul>
<li>Makefile supports "make install"
<li>Compiles without warnings under both C and C++ with strict
warnings and strict ANSI compliance enabled
<li>Builds out of the box on Windows (#include &lt;fcntl.h&gt; was needed)
<li>Rare problem in cgiReadEnvironment corrected; no impact on
normal CGI operations
<li>cgiCookieString now sets the result to an empty string
when returning cgiFormNotFound
<li>Minor code cleanups
</ul>
<h3><a name="whatsnew200">What's new in version 2.0?</a></h3>
1. CGIC 2.0 provides support for file upload fields. User-uploaded
files are kept in temporary files, to avoid the use of
excessive swap space (Solaris users may wish to change the
<code>cgicTempDir</code> macro in cgic.c before compiling).
The <code><a href="#cgiFormFileName">cgiFormFileName</a></code>, 
<code><a href="#cgiFormFileContentType">cgiFormFileContentType</a></code>, 
<code><a href="#cgiFormFileSize">cgiFormFileSize</a></code>, 
<code><a href="#cgiFormFileOpen">cgiFormFileOpen</a></code>, 
<code><a href="#cgiFormFileRead">cgiFormFileRead</a></code>, and
<code><a href="#cgiFormFileClose">cgiFormFileClose</a></code> functions
provide a complete interface to this new functionality. Remember,
the <code>enctype</code> attribute of the <code>form</code> tag
must be set to <code>multipart/form-data</code> when
<code>&lt;input type="file"&gt;</code> tags are used.
<p>
2. CGIC 2.0 provides support for setting and examining cookies
(persistent data storage on the browser side).
The <code><a href="#cgiCookieString">cgiCookieString</a></code>,
and <code><a href="#cgiCookieInteger">cgiCookieInteger</a></code>
and <code><a href="#cgiCookies">cgiCookies</a></code>
functions retrieve cookies. The 
<code><a href="#cgiHeaderCookieSetString">cgiHeaderCookieSetString</a></code>
and <code><a href="#cgiHeaderCookieSetInteger">cgiHeaderCookieSetInteger</a></code> functions set cookies.
<p>
3. CGIC 2.0 offers a convenient way to retrieve a list of all form fields.
The new <code><a href="#cgiFormEntries">cgiFormEntries</a></code>
function performs this operation.
<p>
4. CGIC 2.0 provides convenience functions to correctly escape
text before outputting it as part of HTML, or as part of the 
value of a tag attribute, such as the <code>HREF</code> or
<code>VALUE</code> attribute. See 
<code><a href="#cgiHtmlEscape">cgiHtmlEscape</a></code>,
<code><a href="#cgiHtmlEscapeData">cgiHtmlEscapeData</a></code>,
<code><a href="#cgiValueEscape">cgiValueEscape</a></code> and
<code><a href="#cgiValueEscapeData">cgiValueEscapeData</a></code>.
<p>
5. Users have often asked the correct way to determine which submit
button was clicked. This could always be accomplished in previous versions,
but CGIC 2.0 also provides 
<a href="#cgiFormSubmitClicked">cgiFormSubmitClicked</a>,
a convenient alternate label for the 
<a href="#cgiFormCheckboxSingle">cgiFormCheckboxSingle</a> function.
<h3><a name="whatsnew107">What's new in version 1.07?</a></h3>
A problem with the cgiFormString and related functions has been
corrected. These functions were previously incorrectly returning cgiFormTruncated
in cases where the returned string fit the buffer exactly.
<h3><a name="whatsnew106">What's new in version 1.06?</a></h3>
1. A potentially significant buffer overflow problem has been
corrected. Jon Ribbens correctly pointed out to me (and to the
Internet's bugtraq mailing list) that the cgiFormEntryString
function, which is used directly or indirectly by almost all
CGIC programs, can potentially write past the buffer passed
to it by the programmer. This bug has been corrected.
Upgrading to version 1.06 is <strong>strongly recommended.</strong>
<P>
2. The function <code>cgiSaferSystem()</code> has been
removed entirely. This function escaped only a few metacharacters,
while most shells have many, and there was no way to account for
the many different operating system shells that might be in use
on different operating systems. Since this led to a false sense
of security, the function has been removed. It is our recommendation
that user input should never be passed directly on the command line
unless it has been carefully shown to contain only characters
regarded as safe and appropriate by the programmer. Even then, it is
better to design your utilities to accept their input from standard
input rather than the command line.
<h3><a name="whatsnew105">What's new in version 1.05?</a></h3>
Non-exclusive commercial license fee reduced to $200.
<h3><a name="whatsnew104">What's new in version 1.04?</a></h3>
For consistency with other packages, the standard Makefile
now produces a true library for cgic (libcgic.a). 
<h3><a name="whatsnew103">What's new in version 1.03?</a></h3>
Version 1.03 sends line feeds only (ascii 10) to end 
Content-type:, Status:, and other HTTP protocol output lines,
instead of CR/LF sequences. The standard specifies CR/LF.
Unfortunately, too many servers reject CR/LF to make
implementation of that standard practical. No server
tested ever rejects LF alone in this context. 
<h3><a name="whatsnew102">What's new in version 1.02?</a></h3>
Version 1.02 corrects bugs in previous versions:
<ul>
<li>
<a href="#cgiFormDoubleBounded">cgiFormDoubleBounded</a> specified
its arguments in the wrong order, with surprising results.
This bug has been corrected.
<li>
Many small changes have been made to increase compatibility.
cgic now compiles with no warnings under the compilers
available at boutell.com.
</ul>
<h3><a name="whatsnew101">What's new in version 1.01?</a></h3>
Version 1.01 adds no major functionality but corrects 
significant bugs and incompatibilities:
<ul>
<li>
<a href="#cgiFormInteger">cgiFormInteger</a>,
<a href="#cgiFormIntegerBounded">cgiFormIntegerBounded</a>,
<a href="#cgiFormDouble">cgiFormDouble</a> and
<a href="#cgiFormDoubleBounded">cgiFormDoubleBounded</a> now
accept negative numbers properly. They also accept positive
numbers with an explicit + sign.
<li>Hex values containing the digit <code>9</code> are
now properly decoded.
<li><a href="#cgiFormString">cgiFormString</a> now
represents each newline as a single line feed (ascii 10 decimal)
as described in the documentation, not a carriage return
(ascii 13 decimal) as in version 1.0. The latter approach
pleased no one.
<li><a href="#cgiFormString">cgiFormString</a> and
<a href="#cgiFormStringNoNewlines">cgiFormStringNoNewlines</a>
no longer erroneously return cgiFormEmpty in place of
cgiFormSuccess.
<li>The main() function of cgic now flushes standard output
and sleeps for one second before exiting in order to inhibit
problems with the completion of I/O on some platforms. This was
not a cgic bug per se, but has been reported as a common problem
with CGI when used with the CERN server. This change should
improve compatibility.
<li>The single selection example in the testform.html
example now works properly. This was an error in the
form itself, not cgic.
<li><a href="#cgiRemoteUser">cgiRemoteUser</a> and
<a href="#cgiRemoteIdent">cgiRemoteIdent</a> are now
documented accurately. They were reversed earlier.
</ul>
<h3><a name="whatis">What is cgic?</a></h3>
cgic is an ANSI C-language library for the creation of CGI-based
World Wide Web applications. For basic information about
the CGI standard, see the <a href="http://hoohoo.ncsa.uiuc.edu/cgi/">
CGI documentation</a> at NCSA.
<p>
cgic performs the following tasks:
<ul>
<li>Parses form data, correcting for defective and/or inconsistent browsers
<li>Transparently accepts both GET and POST form data
<li>Accepts uploaded files as well as regular form fields
<li>Provides functions to set and retrieve "cookies"
(browser-side persistent information)
<li>Handles line breaks in form fields in a consistent manner
<li>Provides string, integer, floating-point, and single- and
multiple-choice functions to retrieve form data
<li>Provides bounds checking for numeric fields
<li>Loads CGI environment variables into C strings which are always non-null
<li>Provides a way to capture CGI situations for replay in a debugging
environment, including file uploads and cookies
</ul>
<p>
cgic is compatible with any CGI-compliant server environment, and
compiles without modification in Posix/Unix/Linux and Windows
environments.
<h3><a name="obtain">Obtaining cgic</a></h3>