Handling Post Data Sent By Html Form In Cgi C
Solution 1:
A lot of things going on here, and a lot of questions.
First, I recommend that you not output your HTTP header until you're about to output the rest. It's more logical that way, and allows you to output a Redirect
header instead if something in your program requires it.
Second, use strtoul()
instead of atoi()
, since the latter has no error-checking.
You only need one buffer, not two; and I recommend you allocate it dynamically based off the content length. Use malloc()
and don't forget to check the return value. Do NOT try to anticipate the upper bounds of your content length.
You'll have to decode the argument string to get any values out. What you do with them is up to you, but handling user names and passwords is a wholly separate topic that could take days to cover. But suffice it to say, never EVER store a password in plain text in a file.
CONTENT_LENGTH
is text passed by stdin
. That text includes the number of bytes of content. You will have to convert the text to an integer type, probably size_t
, before it is useful to you. That's what your atoi()
function is doing (which, again, you should replace with strtoul()
)
Use HTTPS.
Stop emitting your Content-type
header prematurely. Then, if you decide you need to redirect, you can emit a Redirect
header instead.
getenv()
returns a pointer to a static text block that you cannot change. If you copy the pointer, you cannot change the text in the string. If you copy the string to a new array, you would be able to change the text in the string; however, I cannot think of a reason why you'd want to do that.
In your current code, you do not allocate any memory off the heap so you do not need to call free()
. However, I recommend you rethink this aspect of your design.
Post a Comment for "Handling Post Data Sent By Html Form In Cgi C"