asg06.htm

apache技术手册

#

# Use the following example code:

# <!--#exec cmd="/yourpath/random.cgi"-->

#

# Of course, substitute your actual path to the random.cgi for / yourpath. Again,

# this won't work unless Server-Side Includes are activated for Apache...

use strict; # Declare all our variables before using them

$| = 1; # Flush the output buffer

#Variables

my( $conf_file, $quote );

my( @Quotes );

my( $num_quotes, $rand_quote );

$conf_file = "/NextLibrary/WebServer/htdocs/AccessLink.htmld/cgi/quotes.conf";

srand;

open( IN, $conf_file ) || die "Cannot open $conf_file: $!";

@Quotes = <IN>;

close( IN );

$num_quotes = @Quotes; #How many quotes are there?

$rand_quote = int( rand( $num_quotes - 1 ) );

$quote = $Quotes[$rand_quote];

print $quote;

exit( 0 );</FONT></PRE>

<P>Finally, envvar.cgi is a trivial Perl program that prints out two of my CGI environment variables. (See Listing 6.3.) If you are using Apache 1.1.1's SSI module or XSSI, CGI variables are available as any of the standard SSI variables, so there's no need for this program.

<BR>

<P>

<FONT COLOR="#000080"><B>Listing 6.3. </B><B>envvar.cgi</B><B>.</B></FONT>

<BR>

<PRE>

<FONT COLOR="#000080">#!/usr/local/bin/perl -w

#

use strict; # Declare all our variables before using them

$| = 1; # Flush the output buffer

print &quot;HTTP_USER_AGENT = $ENV{HTTP_USER_AGENT}&lt;BR&gt;\n&quot;;

print &quot;REMOTE_ADDR = $ENV{REMOTE_ADDR}&lt;BR&gt;\n&quot;;</FONT></PRE>

<BR>

<A NAME="E68E49"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>Extended Server Side Includes (XSSI)</B></FONT></CENTER></H3>

<BR>

<P>To circumvent some of the limitations of the standard SSI Apache module, Fear developed an extended SSI module that provides additional functionality and directives.

<BR>

<P>XSSI is a plug-in replacement module for the built-in mod_include module. Extended Server Side Includes (XSSI) enhances the server side include syntax and provides serveral additional features, including:

<BR>

<UL>

<LI>Conditional inclusion with if-then-else constructs

<BR>

<BR>

<LI>User-defined variables

<BR>

<BR>

<LI>Additional output directives

<BR>

<BR>

<LI>Regular expression support

<BR>

<BR>

</UL>

<P><B>[ic:cd icon]</B>The SSI module is available on the CD-ROM included with this book. The latest version can be found at http://pageplus.com/~hsf/xssi.

<BR>

<BR>

<A NAME="E69E63"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Variables</B></FONT></CENTER></H4>

<BR>

<P>XSSI supports the notion of user-defined variables that you can use on all value tags, with the exception of var=, which you can use on all directives.

<BR>

<P>To define a variable, you use the <I>set</I> directive:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#set var=&quot;<I>variableName</I>&quot; value=&quot;<I>variable_value</I>&quot;--&gt;</FONT></PRE>

<P>For example, to define a variable <I>program</I> that holds the value &quot;<I>/cgi-bin/printenv</I>&quot;, you would set the following:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#set var=&quot;program&quot; value=&quot;/cgi-bin/printenv&quot; --&gt;</FONT></PRE>

<P>You can then use this variable on any value tag, except on the var=tags:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#exec cgi=&quot;$program&quot; --&gt;</FONT></PRE>

<P>Alternatively, you can specify additional arguments by enclosing the variable in braces like the following:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#exec cgi=&quot;${program} <I>additional_text</I>&quot;--&gt;</FONT></PRE>

<P>In addition to the variables defined for SSI, you can use any of the CGI environment variables (for a complete listing of these variables, please refer to the Chapter 5), which help create very simple, yet powerful, SSI programs without the need to write a CGI program.

<BR>

<P>It's worth noting that the $ syntax to denote variable names may cause problems in exec cmd constructs where the $ may be used by another program to denote an argument. For example:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#exec cmd=&quot;/usr/local/etc/httpd/cgi-bin/finger @${HOST_NAME} |/bin/ awk '{print $1}'&quot; --&gt;</FONT></PRE>

<P>This SSI won't work as expected. The $1 is set to a null value, which causes awk to print the complete line instead of the first word as intended. The solution to this minor inconveniece is to have an sh script handle all the output properly and return the data to you.

<BR>

<BR>

<A NAME="E69E64"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Output Commands</B></FONT></CENTER></H4>

<BR>

<P>In addition to the echo, fsize, and flastmod commands, which work as I've described, XSSI provides printenv, which prints all variables currently set (this includes CGI environment variables):

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#printenv --&gt;</FONT></PRE>

<BR>

<A NAME="E69E65"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Flow Control</B></FONT></CENTER></H4>

<BR>

<P>XSSI provides you with basic flow control with the following directives:

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#if expr=&quot;<I>condition</I>&quot; --&gt;

&lt;!--#elif expr=&quot;<I>condition</I>&quot; --&gt;

&lt;!--#else --&gt;

&lt;!--#endif --&gt;</FONT></PRE>

<P>The if constructs work as they do in any programming language. If <I>condition</I> evaluates to true, all text specified until the next elif, else, or endif is included in the output. If <I>condition</I> evaluates to false, text specified after the else statement is included in the output.

<BR>

<P>The elif <I>condition</I> is evaluated if the preceding if statement evaluated to false. Statements specified after an elif statement are included in the output if the elif expression evaluates to true.

<BR>

<P>All conditional constructs must be terminated by an endif construct.

<BR>

<P>Any token that is not recognized as a variable or an operator is treated as a string. Strings can be quoted; variable substitution is done within quoted strings (if you need a $ within a string, you can escape it by preceding it with a backslash (\) character). Unquoted strings cannot contain whitespace because spaces are used to separate other tokens. <I>condition</I> can be any of the following:

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>string</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Evaluates to true if the string or variable is not empty

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>stringA</I> = <I>stringB</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Evaluates to true if <I>stringA</I> is equal to <I>stringB</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>stringA </I>!=<I> stringB</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Evaluates to true if <I>stringA</I> is not equal to <I>stringB</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

(<I>condition</I>)

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

True if the condition evaluates to true

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

!<I>condition</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

True if the condition is false

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>conditionA</I> &amp;&amp; <I>conditionB</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

True if both conditions are true

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

conditionA || conditionB

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

True if either conditionA or conditionB is true</FONT>

</TABLE><P>More interesting than a straight comparison is that XSSI allows you to test using regular expressions that follow the UNIX egrep syntax. In Table 6.1, <I>character</I> excludes newline.

<BR>

<BR>

<P ALIGN=CENTER>

<CENTER>

<FONT COLOR="#000080"><B>Table 6.1. </B><B>egrep</B><B> syntax.</B></FONT></CENTER>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>Syntax</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>Effect</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

\<I>character</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches that character.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

^

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches the beginning of a line.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

$

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches the end of a line.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

.

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches any character.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

[<I>string</I>]

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches any single character in the string. You can abbreviate ranges of ASCII character codes as a-z0-9. A ] may occur only as the first character of the string. A literal (a character) must be placed where it can't be mistaken as a range indicator.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>character</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches that character, as long as that character doesn't have another meaning on a regular expression

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>expresion</I>*

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches a sequence of 0 or more matches of the regular expression.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>expresion</I>+

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches a sequence of 1 or more matches of the regular expression.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

expresion?

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Matches a sequence of 0 or 1 matches of the regular expression.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>expression expression</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Two regular expressions concatenated match a match of the first followed by a match of the second.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>expression</I>|<I>expression</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Two regular expressions separated by | or a newline can either match the first or the second.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

(<I>expression</I>)

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A regular expression enclosed in parentheses matches the regular expression definition.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

The order of precedence of operators at the same parenthesis level is [], then *+?, then concatenation, and then | and newline.

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080><BR></FONT>

</TABLE><P>The following example shows you how to output HTML based on the browser detected:

<BR>

<PRE>

<FONT COLOR="#000080">&lt;!--#if expr=&quot;${HTTP_USER_AGENT} = /Mozilla/&quot; --&gt;

Output NETSCAPE specific HTML

&lt;!--#else --&gt; Output HTML 2.0 compliant formatting

&lt;!--#endif --&gt;</FONT></PRE>

<BR>

<A NAME="E68E50"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>Summary</B></FONT></CENTER></H3>

<BR>

<P>The benefits of Server Parsed HTML don't come gratis. The parsing process is costly in terms of server performance, and also adds some security issues. If you are concerned about security, you may want to disable the IncludeNoExecs option, which allows SPML but disables the #exec and #include commands from SSI. Obviously, this severely hampers the usefulness of SSI severely. For more information on the security issues involved, take a tour to <A HREF="asg16.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg16.htm">Chapter 16</A>, &quot;Web Server Security Issues.&quot;

<BR>

<P>In terms of programming, SPML gives you the capability to embed some &quot;programming&quot; into your pages. However, there are many features that have to be lacking for it to become a serious option to CGI programs.

<BR>

<P>If you are interested in pursuing HTML scripting type languages, of which SSI is a member, you may want to explore PHP/FI, which is another HTML-embedded scripting language. For more information on PHP/FI, check its home page at <A HREF="javascript:if(confirm('http://www.vex.net/php  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.vex.net/php'" tppabs="http://www.vex.net/php"> http://www.vex.net/php</A>.<A NAME="I5"></A><A NAME="I6"></A>

<BR>

<P ALIGN=LEFT>

<A HREF="asg05.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg05.htm" TARGET="_self"><IMG SRC="purprev.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purprev.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Previous Page"></A>

<A HREF="#I0" TARGET="_self"><IMG SRC="purtop.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purtop.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Page Top"></A>

<A HREF="index.htm" tppabs="http://docs.rinet.ru:8080/Apachu/index.htm" TARGET="_self"><IMG SRC="purtoc.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purtoc.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="TOC"></A>

<A HREF="asg07.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg07.htm" TARGET="_self"><IMG SRC="purnext.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purnext.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Next Page"></A>


</BODY></HTML>