CGI Programming on the World Wide Web

Previous Chapter 5 Next
 

5. Server Side Includes

Contents:
Introduction
Configuration
Environment Variables
Including Boilerplates
File Statistics
Executing External Programs
Executing CGI Programs
Tailoring SSI Output
Common Errors

5.1 Introduction

You're starting to get the hang of CGI, but aren't too thrilled with the fact that you have to write full-fledged CGI programs even when you want to output a document with only a minimum amount of dynamic information, right? For example, say you want to display the current date and time, or a certain CGI environment variable in your otherwise static document. You can go through the trouble of writing a CGI program that outputs this small amount of virtual data, or better yet, you can use a powerful feature called Server Side Includes (or SSI).

Server Side Includes are directives which you can place into your HTML documents to execute other programs or output such data as environment variables and file statistics. Unfortunately, not all servers support these directives; the CERN server cannot handle SSI, but the servers from NCSA and Netscape can. However, there is a CGI program called fakessi.pl that you can use to emulate Server Side Includes if your server does not support them.

While Server Side Includes technically are not really CGI, they can become an important tool for incorporating CGI-like information, as well as output from CGI programs, into documents on the Web.

How do Server Side Includes work? When the client requests a document from the SSI-enabled server, the server parses the specified document and returns the evaluated document (see Figure 5.1). The server does not automatically parse all files looking for SSI directives, but only ones that are configured as such. We will look at how to configure documents in the next section.

Figure 5.1: Server Side Includes

[Graphic: Figure 5-1]

SSI sounds like a great feature, but it does have its disadvantages. First, it can be quite costly for a server to continually parse documents before sending them to the client. And second, enabling SSI creates a security risk. Novice users could possibly embed directives to execute system commands that output confidential information. Despite these shortcomings, SSI can be a very powerful tool if used cautiously.

Table 5.1 lists all the SSI directives. In this chapter, I'll discuss each of these directives in detail.

Table 5.1: SSI Directives

Command

Parameter

Description

echo

var

Inserts value of special SSI variables as well as other environment variables

include

Inserts text of document into current file

file

Pathname relative to current directory

virtual

Virtual path to a document on the server

fsize

file

Inserts the size of a specified file

flastmod

file

Inserts the last modification date and time for a specified file

exec

Executes external programs and inserts output in current document

cmd

Any application on the host

cgi

CGI program

config

Modifies various aspects of SSI

errmsg

Default error message

sizefmt

Format for size of the file

timefmt

Format for dates


Previous Home Next
Decoding Forms in Other Languages Book Index Configuration

HTML: The Definitive Guide CGI Programming JavaScript: The Definitive Guide Programming Perl WebMaster in a Nutshell