CGI Applications
Return  to Main Index

Overview
CGI stands for "Common Gateway Interface,". What this means is that they are programs that are commonly run on a server when a web browser invokes them from a web page. This means that the web browser does not need to have any fancy viewers or plugins for the CGI program to run. 

The CGI Scripts provided for you are basically self-contained. There is little, if anything, that needs to be done to them to make them operate.  The complicated part for most users trying to add cgi scripts is file paths and permissions.  Even experienced programmers and webmasters struggle at times to properly configure cgi programs. If you are a Novice User with limited knowledge in this area, it is strongly recommended that you first become highly proficient with HTML and web page creation before attempting to do this yourself. 

Adding CGI Scripts 
We provide many CGI scripts with your account which you will find in a directory called cgi-bin.   We do not provide free support for CGI scripts which we do not install on your server, so if you wish to add new CGI scripts you may want to do a bit of research on them first unless you are familiar with them already. Adding new scripts requires a more advanced knowledge of programming terms and skills and is not generally recommended for Novice Users.

If you are an experienced user, (or a novice who myopically decides to install your own scripts) you can access more technical cgi information in the Advanced User section of this manual.

Where to Put CGI-bin Scripts
Put your cgi-bin scripts in the www subdirectory named "cgi-bin". 

Quick Guidelines For Using SSI's
No! We are not talking about a Social Security Income check from uncle Sam!  SSI stands for Server Side Include... and it means that you can insert the contents of another web page, program or file into the web page that adds the Server Side Include.

A couple of important points you need to follow for SSI to work on your domain.
1.   The web page that adds the SSI instruction to include another page or program MUST end with .shtml or .sht rather than .html or .htm. 
2.  The URL to the page you want to insert must be relative to the current web page rather than a full URL.

The SSI feature on your domain is limited to what is known as a "exec cgi command". This simply means that you can insert into any page the ability to execute any cgi program. The format for a Server Side Include is:
<!--#exec cgi="/cgi-bin/THE-PROGRAM-NAME-HERE.cgi"-->

One quick observation... do you notice how this SSI instruction uses a *relative* URL (/cgi-bin/....) instead of a FULL URL? This is very important to keep in mind when using SSI.

For example, let's say we want to include a counter program (that has the name, counter.cgi) on our home page, called normally index.html.  Remember! Because we want to add a SSI instruction in our home page, it must end with .shtml or .sht. In this case, we would name it index.shtml.

The counter program is named counter.cgi, and like all cgi programs, this program is found in the cgi-bin directory of your domain. 

So the SSI instruction to include on your web page, where you want the counter to be displayed is:
<!--#exec cgi="/cgi-bin/counter.cgi"-->

Permission Settings for Provided Scripts
All of the cgi scripts provided as part of your domain have been setup and configured properly.  As mentioned earlier, one of the most difficult tasks of dealing with CGI programs is correct settings of file permissions.  Listed below are the default permission settings for the installed CGI programs.

 

wwwboard Permission
bbs dir	chmod 755
bbs/messages	chmod 755
bbs/index.sht	chmod 666
bbs/data	chmod 666
cgi-bin/wwwboard.pl	chmod 755

Guestbook Permission
Guestbook dir	chmod 755
Guestbook/guestbook.cgi	chmod 755
Guestbook/guestbook.setup	chmod 666
Guestbook/guestbook.html	chmod 666

Free for all Links Permission
links dir	chmod 755
links/links.htm	chmod 666
cgi-bin/links.pl	chmod 755

Graphic Counter Permission
counter dir	chmod 775
counter/logs	chmod 777
counter/ all other files	chmod 666
cgi-bin/counter	chmod 755

Cgi-bin always chmod 755 all scripts chmod 755 in main bin
cgi-bin/counters (text counter)	chmod 755

Random Text
random dir	chmod 775
random/random.txt	chmod 666

Password Admin
password dir	chmod 755
All password files	chmod 666

Cgiwrap--Secure Server CGI Wrapper
Your domain includes secure server access, allowing you to collect customer information in a secure fashion.  Since you might also want to run a cgi program in secure mode, we make available Cgiwrap - a system that allows safe, secure use of cgi programs. We have created a sort short cut for this as well.

When you want to use a cgi script or program in secure mode, you
must change the URL to follow this format:
https://machine.safe-order.net/cgi-domain/script.cgi

Machine - that is the machine name that is hosting your domain.
cgi-domain - replace the word domain with your domain name.
script.cgi - use the name of the cgi script located in your cgi-bin directory.
For nph-style scripts, use nph-cgiwrap or nph-cgiwrapd instead. 

This section contains all of the information you need to create your web pages for use with the CGI scripts we provide for you as part of your account. These scripts are recommended for users with Advanced knowledge and experience with HTML and web page creation.

NOTE: Due to the width restrictions of this page some code strings appear broken. Do NOT duplicate the breaks. Enter code strings in one continual line.

FormMail.
FormMail  is a generic www form to e-mail gateway, which will parse the results of any form and send them to the specified user. This script has many formatting and functional options, most of which can be specified through the form. This means you don’t need any programming knowledge, nor do you need multiple scripts for multiple forms. This also makes FormMail the perfect system wide solution for allowing users form-based user feedback capabilities without the risks of allowing freedom of CGI access.

Note: If you wish to use FormMail on a secure server please see the special instructions here.

There is only one form field that you must have in your form, for FormMail to work correctly. This is the recipient field. Other hidden configuration fields can also be used to enhance the operation of FormMail on your site. 

The action of your form needs to point towards this script, and the method must be POST in capital letters. Here's an example of the form fields to put in your form:
 <FORM METHOD=POST ACTION="http://yourdomain.com/cgi-bin/formmail.cgi">
 <input type=hidden name="recipient" value="whoever@yourdomain.com">
 <input type=hidden name="subject" value="Order">
 <input type=hidden name="return_link_url" value="http://yourdomain.com/">
 <input type=hidden name="return_link_title" value="Back to Main Page">

 The following are descriptions and the proper syntax for fields you can use with FormMail.

Recipient Field 
Description:. This form field allows you to specify to whom your form results will be mailed Most likely  you will want to configure this option as a hidden form field with a value equal to that of your email address.
Syntax: <input type=hidden name="recipient" value="email@yourdomain.com">

Subject Field
Description: The subject field will allow you to specify the subject that you wish to appear in the email that is sent to you after the form has been filled out. If you do not have this option turned on, then the script will default to a message subject: "WWW Form Submission".
Syntax: If you wish to choose what the subject is:
 <input type=hidden name="subject" value="Your Subject"> 
To allow the user to choose a subject:
<input type=text name="subject">

 Email Field
Description: This form field will allow the user to specify their return email address. If you want to be able to return e-mail to your user, it is strongly suggested that you include this form. This will be put into
the From: field of the message you receive. If you want to require an email address with valid syntax, add this field name to the 'required' field.
Syntax: <input type=text name="email"> 

 Realname Field
 Description: The realname form field will allow the user to input their real name. This field is useful for identification purposes and will also be put into the From: line of your message header.
Syntax: <input type=text name="realname"> 

Redirect Field
Description: If you wish to redirect the user to a different URL, rather than having them see the default response to the fill-out form, you can use this hidden variable to send them to a pre-made HTML page. 
 Syntax: To choose the URL they will end up at:
 <input type=hidden name="redirect" value="http://yourdomain.com/to/file.html">
 To allow them to specify a URL they wish to travel to once the form is filled out:
 <input type=text name="redirect">

 Required Field
 Description: You can require certain fields in your form to be filled in before the user can successfully submit the form. Simply place all field names that you want to be mandatory into this field, separated by commas. If the required fields are not filled in, the user will be notified of what they need to fill in, and a link back to the form they just submitted will be provided.
To use a customized error page, see 'missing_fields_redirect'
 Syntax: If you want to require that they fill in the email and phone fields in your form, so that you can reach them once you have received the mail, use the syntax like:
 <input type=hidden name="required" value="email,phone"> 

Env_report Field
Description: Allows you to have Environment variables included in the email message you receive after a user has filled out your form. Useful if you wish to know what browser they were using, what domain they were coming from or any other attributes associated with environment variables. The following is a short list of valid environment variables that might be useful:
 REMOTE_HOST - Sends the hostname making the request.
 REMOTE_ADDR - Sends the IP address of the remote host.
 HTTP_USER_AGENT - The browser the client is using.
 (Note: In our case, both REMOTE_HOST and REMOTE_ADDR are the same, since our servers don't do the reverse DNS lookup needed to generate the true REMOTE_HOST string).
Syntax: If you wanted to find all the above variables, you would put the following into your form:
 <input type=hidden name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT">

Sort Field
Description: This field allows you to choose the order you would like your variables to appear in the email form that FormMail generates. You can choose to have the field sorted alphabetically or specify a set order in which you want the fields to appear in your email message. By leaving this field out, the order will simply default to  the order in which the browsers send the information to the script (which is usually the exact same order as they appeared in the form). When sorting by a set order of fields, you should include the phrase "order:" as the first part of your value for the sort field, and then follow that with the field names you want to be listed in the email message separated by commas.
 Syntax: To sort alphabetically:
 <input type=hidden name="sort" value="alphabetic"> 
To sort by a set field order:
 <input type=hidden name="sort" value="order:name1,name2,etc..."> 

Print_config Field
Description: print_config allows you to specify which of the config variables you would like to have printed in your e-mail message. By default, no config fields are printed to your email. This is because the important form fields, like email, subject, etc. are included in the header of the message. However some users have asked for this option so they can have these fields printed in the body of the message. The config fields that you wish to have printed should be in the value attribute of your input tag separated by commas.
Syntax: If you want to print the email and subject fields in the body of your message, you would place the following form tag: 
 <input type=hidden name="print config" value="email, subject"> 

 Print_blank_fields Field
 Description: print_blank_fields allows you to request that all form fields are printed in the return HTML, regardless of whether or not they were filled in. FormMail defaults to turning this off, so that unused form fields aren't emailed.
Syntax: <input type=hidden name="print_blank_fields" value="1">

Title Field
Description: This form field allows you to specify the title and header that will appear on the resulting page if you do not specify a redirect URL.
Syntax: If you wanted a title of 'Feedback Form Results':
<input type=hidden name="title" value="Feedback Form Results"> 

Return_link_url Field
Description: This field allows you to specify a URL that will appear, as return_link_title, on the following report page. This field will not be used if you have the redirect field set, but it is useful if you allow the user to receive the report on the following page, but want to offer them a way to get back to your main page.
Syntax: 
<input type=hidden name="return_link_url"value="http://
yourdomain.com/index.htm">

Return_link_title
Description: This is the title that will be used to link the user back to the page you specify with return_link_url. The two fields will be shown on the resulting form page as:
Back to Main Page
Syntax: <input type=hidden name="return_link_title" value="Back to Main Page">

Cgiemail
Cgiemail is another form processing script, totally different than FormMail. It is a program written in the C language that takes the contents of fill-in boxes on a form and emails them to a specified location. In addition to the form specification in the .html file, a mail specification in a .txt file is required to format the resulting email message.

We provide the cgiemail in the cgi-bin directory of your server. You need to have an action in your order.htm file to call it. It should look like this:
 <form method=post action="http://www.yourdomain.com/cgi-bin/cgiemail/order.txt"> 

Details are provided below. While there are a number of subsections below this one, they all work together and are meant to be read from start to finish.

order.htm
Look for a file in your www directory called order.htm. This is our example form we put on your site that shows how a form should be configured to work with Cgiemail. Look at it in a browser, and download it to your hard drive using FTP so you can see how it works. If you've never dealt with HTML forms before, don't worry, they're easy to create and understand. 

The form prompts the user for data which is sent to the server as simple key-value pairs. Each <input> tag
 specifies a record. The key is given by the name attribute, and the value is given by the value attribute. The type attribute tells the browser what kind of data to expect. Now, try looking at the example.

 Please note that the hidden items are used to transmit critical info to Cgiemail. They provide the location of the success file, the name of the person the results should be sent to, and the subject of the form. When making your own forms, you may want to change the email address in the "required-to" field, and likely the subject in the "subject" field. The first item tells Cgiemail what to show the user after successfully completing the form. You can, but don't need to customize this. 

Return  to Main Index          Go To Top of Page

 After that come the items that are actually presented to the user. You'll want to use type=text input items with cgiemail: it's a simple tool. The size=60 tells the browser how big to make the box. The name=something is required in each input tag, otherwise the browser wouldn't know how to send the data to the server. The value=" " attribute is correct in most cases, unless you want a default value in the form.

Note that if a field begins with required-, cgiemail will require that the user enter a value for this field. This is particularly useful if you want to require a user to submit their email address.

 When the user presses the Submit button, the data goes to our machine where cgiemail starts doing something with it. What is does is controlled by the order.txt file discussed below.

 By the way, you can name your HTML form anything you want to.

order.txt
Now that we have all this data, what do we do with it? Mail it, of course! But for flexibility, cgiemail requires that you create a mail.txt file to show it what to send. (If you didn't want flexibility you'd use a mailto link.) The program will read this file, perform substitutions, and pass it to the mail system.

 Make sure that you upload mail.txt in ASCII mode. Failure to upload mail.txt in ASCII mode will generate the message:
 "Server Error: The server encountered an internal error or misconfiguration and was unable to complete your request."
There is already an example order.txt document in the forms directory in your www directory. 

 By the way, there's nothing magical about the name order.txt. Feel free to call it mail1.txt or form1.mail, or whatever suits you, as long as the form has the correct name for what you uploaded.

 Note that the first several lines are mail headers. You probably shouldn't change that part, or the corresponding parts in your form. In particular, there must be a To: header or the mail won't go anywhere!

 What cgiemail does is simply replace every string that looks like [key] with the value the user typed into the field with name=key. That's all. You can lay out your form as is best for your users, but lay out your mail.txt as is best for you to read. You can even insert gobs of text to help format the output. Only the [key] parts will be replaced by cgiemail. 

 Cgiemail does not report environmental variables like FormMail will, but other than that, it is an excellent program, allowing you more flexibility in the way you want your data returned by the form.

Secure Server Order Forms 
Normally, any text (such as your credit card number) sent from your browser to the web server is sent as plain text. This means that a hacker could potentially intercept (however unlikely) the information sent from your browser and read it. However, by using the secure server, the information is encrypted before it is sent from your browser. It would be practically impossible for anyone to decrypt it without knowing the key. Please use the secure server only when necessary, as when requesting sensitive information from your visitors.

The domains hosted by us are housed on many different computers, each of which have a different machine name. To find out what machine name to use for your secure order access calls, check the faq file of your domain at: 
http://www.yourdomain.com/faq.html 

Each server has its own safe-order site, and although you will be putting your form on your own domain, it must be called through the safe-order server in order for the form to be secure.

To do this, create your form as usual and put it somewhere in your www directory. You can put your form anywhere you want to, but for this example, let's assume the normal URL for your form can be accessed from a browser with this URL: 
 http://www.yourdomain.com/signup/secureform.html 

To call the form through the secure-order server, you need to use the following URL to access your pages via the secure server (even though your form resides on your own domain space): 
https://machinename.safe-order.net/yourdomain/signup/secureform.html. 
That would be the URL you would put as an <HREF> to link to your form from whatever page you have your visitors link from. Don't forget the "s" in "https."

To call scripts in your cgi-bin via the secure server you should use a URL like this:
 https://machinename.safe-order.net/cgi-yourdomain/your-cgi.cgi

Special instructions for using FormMail.cgi with the Secure Server
If you are using formmail.cgi through the secure server, you can still place your form anywhere on your webspace you want to, but you MUST use the following URL as the ACTION of your form:
https://machinename.safe-order.net/cgi-bin/formmail.cgi 

 Here's an example of how the first parts of your form might look:
 <FORM METHOD=POST ACTION="https://machinename.safe-order.net/cgi-bin/formmail.cgi">
 <input type=hidden name="recipient" value="whoever@yourdomain.com">
 <input type=hidden name="subject" value="Order">
 <input type=hidden name="return_link_url" value="http://yourdomain.com/">
 <input type=hidden name="return_link_title" value="Back to Main Page">

It is still important that you call your order page through a secure URL in order for it to work properly. You must use:
https://machinename.safe-order.net/yourdomain/order.htm. 
If you call formmail.cgi through the secure server, you must also call the order form through the secure server. Otherwise, a "bad referrer" message will result.

Guestbook 
http://yourdomain.com/vbpro/

Put your domain name instead of "your domain.com"

Free-For-All Links Page
Free For All Link Page allows you to set up a web page which your users can then add links to in specified categories. The newest links are added to the top of each category. A running total of the number of links present, as well as the time when the last link was added, is shown at the top of the page. Your preconfigured Free For All Links page is already set up on your server at http://www.yourdomain.com/links/links.htm. 

The only configuration you may want to do is to customize the look of the links.htm page. Just leave the method and input tags the way they are. If you decide to change the category names, you must do so in the links.htm document, AS WELL AS the links.pl file in your cgi-bin.

Random Text Generator
This script is preconfigured for your server. There is a directory in your www directory called "random." Inside that directory is a file called random.txt. Just download this file to your hard drive and edit it with any random text you would like placed in an html document. Remember to keep the %% separator between quotes. You can use any html formatting tags you want to, including <href> tags so you can configure it as a random link generator. You can put in as many quotes as you wish. Upload the random.txt file to your server in the same location you found it, remembering to upload it in ASCII or text mode.

 The script uses SSI (Server Side Includes) so the page you want to use random text on must have the .sht, .shtm, or .shtml extension. On your page, just put this tag wherever you want the random text to appear: 
 <!--#exec cgi="/cgi-bin/randomtext.cgi"--> 
 That's all there is to it!

WWW Board 
WWW Board is a threaded World Wide Web discussion forum and message board, which allows users to post new messages, follow-up to existing ones and more. It is already preconfigured for your server. Just go to:
 http://www.yourdomain.com/bbs to post your messages there.

There are several options you may want to configure. First of all, the index.sht file in the bbs directory can be customized any way you wish as long as you leave the method and input tags the way they are.

 Additionally, here are some options contained in the wwwboard.pl script itself (located in your cgi-bin directory) which you may want to change, depending on your needs: 

 $show_faq = 1;
This option allows you to choose whether or not you want to display a link to the FAQ on every individual message page or not. It defaults to 1 and the link will be put in at the top of the message along with links to Followups, Post Followup and Back to $title. Setting this to 0 will turn it off, and keeping it at 1 will keep the link. You need to create a faq.html file and put it inside the bbs directory. The FAQ can contain any information you want to give your visitors about how the board works, your organization, types of postings that will be allowed, etc.

 $allow_html = 1;
This option lets you choose whether or not you want to allow HTML mark-up in your posts. If you do not want to allow it, then everything that a user submits that has <>'s around it will be cut out of the message. Setting this option to 1 will allow HTML in the posts and you can turn this option off by setting it to 0.

 $quote_text = 1;
By keeping this option set to 1, the previous message will be quoted in the followup text input box. The quoted text will have a ':' placed in front of it so you can distinguish what had been said in the previous posts from what the current poster is trying to get across. Setting this option to 0 will leave the followup text box empty for the new poster.

 $subject_line = 0;
 There are three options for the way that you can display the subject line for the user posting a followup. Leaving
 this option at 0 which is the default value, will put the previous subject line into the followup form and allow users to edit the subject however they like. Setting this option to 1, however, will quote the subject, but simply display it to the user, not allowing him or her to edit the subject line. The third and final option can be achieved by setting the $subject_line variable to 2. If it is set to 2, the subject will not be quoted and instead the user will be prompted with an empty subject block in their followup subject line.

 $use_time = 1;
This option allows you to choose whether or not you want to use the hour:minute:second time with the day/month/year time on the main page. Day/Month/Year will automatically be placed on the main wwwboard.html  page when a new entry is added, but if you leave this variable at 1, the hour:minute:second time will also be put there. This is very useful for message boards that get a lot of posts, but if you would like to save space on your main page, you can set this to 0, causing the hour:minute:second display not to be added.

Search.cgi 
 Search will look at all your html pages for words you enter, and return all pages on a list with links. This program is completely configured and ready to run, but for Search.cgi to return a response, it need to be activated. This is easily done by logging in via telnet and at the prompt after login type the following command: 
chmod +r /www/yourdomain
 Now you can access search.cgi with the following URL: http://yourdomain.com/cgi-bin/search.cgi. 
There is a configuration file called search_define.pl which accompanies search.cgi and sets up the variables for it. You can customize which files you wish to exclude from searches, and also the cosmetics of the search and result. pages. 

Single Page Shopping Cart  (on qualifying accounts only)
Lets Take A Order shop cart - allows 25 item cart to be easily created via a web page. For instructions for use go to 
http://your-domain-here.com/lto.htm

Page Counters 
There are 3 different types of page counters you can place on your pages. The first is a no-frills graphical counter: 

To use this one, put the following tag somewhere on your page, but change the yourpage.htm to be the address of the actual page you are putting this counter on. Also, don't break up the tag like we did. We had to do that to fit it on the page. The width=5 part refers to how many digits you want in your counter. This counter is not as reliable as the others available.
<IMG SRC="/cgi-bin/nph-count?
width=5&link=http://yourdomain/yourpage.htm"> 

Virtual Publisher Counter (on qualifying accounts only).
 Another page counter you may want to use is the Virtual Publisher Counter (on qualifying accounts only). It is another graphical counter, but it will give you all kinds of stats such as time and date of visits, and domains that your visitors come from.

To put this counter on your page, insert the following tag somewhere... please note that the line had to be broken up to fit on this page, but the line should not be broken on your page. 

 <img src="http://yourdomain.com/cgibin/counter/counter.cgi?
fnam=testcount&viz=yes&isinv=yes&setup=/home/www/
yourdomain/cgi-bin/counter/setup.txt">

 Where you see fnam=testcount, put in the name of the page you want to put the counter on instead of the word testcount. The viz=yes part tells the counter script whether your counter should be invisible or not. If you want the counter to be visible, leave it as yes. If you want it to be invisible, make it say viz=no. 

 The isinv=yes part is for whether you want the counter to be inverted or not. The default as below means that it is inverted (as shown in the graphic above). If you wish for it to be just a black number against a white background, make it say isinv=no. 

Another great thing about this one is that you can access the log files for each page you have the counter on, and also reset the count to any number you wish. To see the instruction page, go to http://yourdomain.com/counter/   with your web browser.

 Please be aware that a count file will not be created until a page is accessed for the first time.

Text-based Counter
Finally, the simplest kind of page counter is a text-based counter. It uses SSI so the page you are putting it on must have the .sht, .shtm, or .shtml extension. It will look like whatever text and size attributes you give it on your page. The tag looks like this:

 <!--#exec cgi="/cgi-yourdomain/counters/counter.cgi"--> 

 After you've put the counter on your page, look at it with your browser. If you don't see the counter the first time, hit reload. Then you should see the number 1. If you want to change the page count, FTP to your site, and look in the counters directory in your cgi-bin. There will be a file there with the name of whatever page you placed this counter on. Just upload a new text file with a new number on it, and that will be the new count on the page next time you hit reload. Remember to upload the file in ASCII or text format.