.com Solutions Inc. - CGIScripter

CGIScripter - MySQL Files - Title Graphic

File: example_instructions1.txt
Features: This file contains the setup, usage
and troubleshooting instructions
for the Perl CGI scripts generated
by CGIScripter Enterprise Edition.

Used By: Perl CGI Script Developer
Copyright 2003 by .com Solutions Inc.

This output file was created by CGIScripter version 1.48 on Sat Jul 12 10:14:55 2003. By .com Solutions Inc. www.dotcomsolutionsinc.net

Overview
CGIScripter generates Perl CGI scripts for each web form defined within the application for MySQL and Oracle databases. These Perl CGI scripts provide insert, query, update and delete functionality for the migrated data via a web based interface. These scripts allow the web developer to utilize external HTML files for the header and footer sections of the dynamically displayed HTML pages. A webmaster can update these external HTML files without modifying the Perl code used to display the database information.

The generated Perl code is designed to be easily updated due to its organized structure and documentation. Commonly changed parameters such as connection strings, table names and error messages are defined near the start of each script. The generated scripts utilize commonly available open source Perl modules including CGI.pm and DBI/DBD in order to make it practical for a developer to make more extensive changes.

One minor change which can easily be made to the generated scripts involves the display of visible borders for HTML tables. By default, the generated scripts set the table border to "1" which makes the table borders visible. To make the table borders invisible, just change the following line of code to set the border to "0":
print '<table border="1">'; # start table HTML command

Generated CGI Scripts
The following Perl CGI scripts are generated by CGIScripter for this form:
Form Name: example
Database Table Name: example
Database Type: MySQL
Database Connection: database=mysql1:host=mysqlhost1:port=3306

example_create_table1.sql -
The SQL script which creates the database table for which the CGI scripts are being generated.

example_submit1.html - (Submit Flowchart)
The HTML submit page which POSTs information to the example_submit1 CGI script.

example_submit1 -
The CGI script which validates data entry and inserts new records into the database table.

example_header1.html -
The external HTML file used for creating the HTML page header for dynamic web pages.

example_footer1.html -
The external HTML file used for creating the HTML page footer for dynamic web pages.

example_query1.html - (Query Flowchart)
The HTML query page which POSTs information to the example_query1 CGI script.

example_query1 -
The CGI script which queries the database table and displays a list of results. Up to 30 results are displayed per page.

example_display_record1 -
The CGI script which displays one complete record (including GIF/JPEG images).

example_update1.html - (Update Flowchart)
The HTML query for update page which POSTs information to the example_update1 CGI script.

example_update1 -
The CGI script which queries the database table for update purposes and displays a list of results. Up to 30 results are displayed per page.

example_update_record1 -
The CGI script which displays one complete record for update (including GIF/JPEG images). Image/BLOB data update options include Keep, Replace and Remove.

example_update_record_validate1 -
The CGI script which validates data entry for record updates and updates the information in the database table.

example_delete1.html - (Delete Flowchart)
The HTML query for delete page which POSTs information to the example_delete1.html CGI script.

example_delete1 -
The CGI script which queries the database table for delete purposes and displays a list of results. Up to 30 results are displayed per page.

example_delete_record_display1 -
The CGI script which displays one complete record for deletion. The record is not deleted unless the "Delete Record" button is pressed on this page.

example_delete_one_record1 -
The CGI script which accepts the POST information from the example_delete_record_display1 script, validates the referrer URL and then deletes the record specified by the example_delete_record_display1 script. For security purposes the referrer URL must match "http://www.dotcomsolutionsinc.net/cgi-bin/example_delete_record_display1" in order to prevent a web attacker from submitting random delete requests from another website.

example_instructions1.txt -
The customized documentation file for the scripts/files generated for the example form.

Usage Instructions
Prior to generating CGI scripts some consideration needs to be given for the fields which will be included within each web form. In general, each web form should have one column which is considered to be the primary key column for the database table. The primary key should be a column which contains unique values allowing each row of data to be uniquely identified. The primary key is specified in the CGIScripter application by configuring a field to be an Auto-Enter Serial number field.
***** WARNING *****
If a primary key column is not utilized on a form, unexpected data loss may occur. CGIScripter will attempt to automatically determine which field of each web form should be used as the primary key column. CGIScripter will pick the first web form field defined with Auto-Enter Serial Number attributes on the Fields tab within the CGI section of the application. If none of the fields are configured with the Auto-Enter Serial Number attribute, then the first field of the web form is selected as the primary key column. If a record deletion is performed on a table in which the selected primary key column does not contain unique values, then multiple records may be deleted at the same time.

1) Fill in the database related fields within the CGIScripter application.
2) Click on the CGI tab within the CGIScripter application.
3) Click the Web Site tab (if necessary).
4) Fill in the fields on the Web Site tab for the web server you will be using.
5) Click on the Add button to the right of the Forms text box to add a new web form. A form with the default name of "form1" will be created. The form may be renamed by changing its name in the Form Name field. The form name will be changed after tabbing out of the field.
6) With a form selected in the Forms list, click on the Add button to the right of the Fields text box to add a new field to the form. Add as many fields as necessary for each web form. Fields may be added or removed from each individual web form.
7) Click on each of the Field names (within the scrollable Fields field) and specify Auto-Enter, Value List and Data Validation parameters for each field.
8) Select Save from the File menu to save the information you have just entered. As you refine your CGI scripts, you may re-load and update the CGI-specific information at any time.
9) Click the Generate CGI button to generate Perl CGI scripts. Perl CGI scripts, database table creation SQL code and instructions will be generated for each web form. The names of these scripts will be prefixed with the name of the web form for which they are designed.
10) Transfer the HTML and Perl CGI scripts to your web server for testing.

Using FmPro Migrator Files with CGIScripter
FmPro Migrator is a MacOS X application which migrates FileMaker database structure and data to a wide range of databases. FmPro Migrator utilizes AppleScript in order to read the database structure information from FileMaker. The CGIScripter application is designed to read and write parameter files in the same format used by FmPro Migrator to facilitate the generation of Perl CGI scripts on multiple platforms. After reading a parameter file created by FmPro Migrator, it is necessary to manually enter the database table name on the General tab of CGIScripter. Parameter files created by CGIScripter will contain this database table name information therefore this information will not require re-entry.

Web Server Setup Instructions
In order to execute Perl CGI scripts, your web server may require some configuration. First, Perl will need to be installed on your web server. If your web server is running MacOS X, Linux or UNIX, you will probably find that Perl was installed when the operating system was installed. For web servers running on Windows, you will need to download and install the ActiveState Perl distribution onto your server. Make sure that the ".pl" file extension is associated with the Perl.exe application - this is the default selection during the install. Also make sure that Perl files are permitted to be executed by the IIS web server - this is also a default option. Make note of the location where the Perl executable has been installed. This information is used for the Path to Perl field on the General tab of the CGIScripter application. For Windows web servers, this path will generally be: C:\Perl\bin\Perl.exe

The CGI.pm Perl module is included as a standard component with current Perl distributions so you should not generally need to install it. If a reinstall of the CGI.pm module is required, it may be downloaded from www.cpan.org.

For database access by scripts running on the web server it is necessary to first install database client software and DBI/DBD driver software on the web server.
For UNIX/Linux/MacOS X servers running the Apache web server software:

Install the MySQL database client only or client and server software on the web server. The MySQL software must be installed before the DBI/DBD software is installed. Configure the MySQL user account for proper authentication to connect to the MySQL database. This will generally mean enabling access to the database from the IP address of the webserver machine. Test the database connection with the mysql utility.
On UNIX servers, the CGI scripts generated by CGIScripter utilize the DBI/DBD::mysql driver. Download and install the DBI/DBD::mysql modules according to the readme file included with the software.

MySQL LONG/BLOB data notes:
Each Perl CGI script generated by CGIScripter which processes LONG/BLOB data is designed to limit the amount of data to the value for the Max Submit Size on the General tab of CGIScripter. The Max Submit Size should be configured to handle the maximum amount of data which will be processed by the script in one submission. Therefore if you have a script which needs to handle 10,000 bytes of text plus the uploading of five 100,000 byte images in the same submission, then the Max Submit Size should be set for 510,000 bytes.

The MySQL database also includes a max-allowed-packet variable which limits the maximum amount of data which can be written into a database row at one time. If large images can't be inserted into the database, check for errors in the webserver error.log file like the following:
Got a packet bigger than 'max_allowed_packet' at scriptname line#

This MySQL variable may be increased by entering the updated value into the mysqld configuration file (/etc/my.conf on UNIX/Linux):
--max-allowed-packet=8M

Make each script executable by the user who owns the web server software:
chmod +x scriptname

The Perl scripts will be executed by the web server software whenever they are accessed because they are associated with the Perl executable by virtue of the fact that each script contains the line: #!/usr/bin/perl

General Folder Tab - Field Descriptions
Customer field - If you are generating scripts for another company, enter the name in this field, otherwise enter your own company name in this field. Each generated script lists copyright text along with the name which is entered within this field.

File Version field - The File Version field is used to add a version number to each generated script and HTML file. Each major revision of the scripts for a website may utilize a different version number. This feature enables webmasters to perform testing of new scripts with differing version numbers while maintaining existing scripts on the website. Once the testing has been completed, the top level HTML filenames may be changed in order to switchover to the new design with minimal impact to web visitors. If problems are encountered with the new scripts, the site can quickly be switched back to the previous HTML and scripts by swapping the top-level HTML files which submit info to the cgi scripts.

Click the Browse button to select an existing or to create a new folder which contain the files created by CGIScripter. You must have write access to the output directory selected, otherwise an error dialog will be displayed.

Path to Perl field - This field contains the path to the Perl executable application for Linux/UNIX/Mac OS X servers.

Database menu - Select the type of database which will be used by the Perl CGI scripts. The output code and instructions will be customized for the type of database selected in this menu.

Table Name field - The name of the database table used by the generated Perl CGI scripts should be entered in this field. If the table does not yet exist, the DBA may use the example_create_table1.sql SQL script generated by CGIScripter to create this table within the database.

Web Site Folder Tab - Field Descriptions
The Web Site folder tab provides overall configuration parameters for the generation of the CGI scripts.

Open... - File Menu item - The Open menu loads migration specific information from the filename.txt file selected by the user. This menu item also loads the filename.cgi file (if it exists) which contains previously saved CGI-specific information.

Save As... - File Menu item - The Save As menu saves database specific information into the filename.txt file (where "filename" is the filename entered by the user). CGI specific information (if it has been entered) is also saved by this menu selection as a file named filename.cgi into the same directory. If no CGI specific information has been entered a filename.cgi file is not created.

Forms field - Once the CGI specific data has been loaded by selecting Open... from the File menu, the fields named Forms and Fields will be populated with information about the web forms and fields. Clicking on any individual form name will present the user with the top level Form screen for that particular form.

Fields field - The Fields field will be populated with the fields associated with an individual form. Clicking on any individual field will present the user with the screen of info for that particular field. Clicking on either a field or form name will instantly present the user with the relevant information for the form or field which has been selected.

Generate CGI button - If CGI specific information has been entered, Perl CGI scripts are generated for each form.

Web Server menu - The two types of supported web servers are UNIX (which includes Linux and MacOS X) and Windows. CGI scripts generated for UNIX web servers are optimized for use with the Apache web server. This means that it is important for the Path to Perl field to be filled out correctly on the General tab for proper execution of the scripts by the web server software. Also, Perl CGI scripts generated for UNIX servers do not utilize the ".pl" filename extension. This feature deprives a potential web attacker of information regarding whether the scripts are created as Perl, PHP, shell scripts or some type of binary compiled application. If Windows is selected as the web server OS, the ".pl" extension is added to each CGI script so that scripts are executed by the Perl interpreter. A creative Windows webmaster could generate scripts for a UNIX server, manually append the ".cgi" extension to each file and then use Windows to associate the ".cgi" extension with the Perl interpreter. [If an Oracle database is used, this creative solution would also require manually compiling the DBD::Oracle driver for use with Oracle 8 if CLOB/BLOB objects were utilized within the database table.]

Display Results menu - Query results lists are limited to the number of results displayed per web page which have been selected in this menu. If additional results are available, the user is able to click on a Next link to display additional information.

Max Submit Size field (Bytes) - For security purposes is it necessary to limit the amount of info which is accepted by the script from submit forms. This limitation is implemented in order to prevent a web attacker from accomplishing a denial of service or buffer overflow attack on the web server. Exceeding the specified limit defined in this field causes CGI.pm to zero out the data for all submitted fields. When this occurs, all data validation subroutines which require a minimum number of characters to be entered will fail - even if info has been properly entered into the field. The web developer needs to plan for the maximum amount of data which will be processed by the script in order to prevent unexpected behavior for web users. The default value of 10000 bytes is generally a high enough number for most text forms, but often won't be high enough for insertion of images into the database. Each Perl CGI script generated by CGIScripter which processes LONG/BLOB data is also designed to limit the amount of LONG/BLOB data to the value specified for the Max Submit Size on the Web Site tab of CGIScripter. The Max Submit Size should be configured to handle the maximum amount of data which will be processed by the script in one submission. A script which needs to handle 10,000 bytes of text plus the uploading of five 100,000 byte images in the same submission should be configured with the Max Submit Size set for 510,000 bytes.

Website URL field - The website URL entered into this field is used for creating script submission URLs. The string "http://" may be prefixed to the URL, or it will be added by CGIScripter if it is omitted. For testing purposes, an IP address to a test web server may be entered into this field. Once testing has been completed, the correct website URL may be entered here in order to generate scripts for the production web server.

Forms Folder Tab - Field Descriptions
The Forms folder tab provides Form-specific configuration parameters for the generation of Perl CGI scripts.

Form Name field - This field displays the name of the form which is currently being viewed. To change the name of a form, change the name of the form in this field. The name of the form will be changed once the cursor is moved to another field on the screen.

HTML Header field - The information contained within this field is used to create an external HTML file which is loaded and displayed dynamically by the CGI scripts. This external HTML file is expected to be located by default from within the cgi-bin directory - however the Perl scripts may be updated manually to change this location. This external HTML file may be edited independently by the webmaster without any knowledge of Perl CGI programming. If no information is entered into this field, default HTML header information located within each Perl script is used for creating each dynamic web page.

HTML Header Replace All button - Clicking this button replaces the HTML Header information on all of the other forms with the contents of the HTML Header field on the form currently being viewed.

HTML Footer field - This information is used to create the external footer HTML file. This is the HTML footer information which is displayed after the dynamically generated information on dynamic web pages.

HTML Footer Replace All button - Clicking this button replaces the HTML Footer information on all of the other forms with the contents of the HTML Footer field on the form currently being viewed.

Security menu - The two options on this menu are None and Secure. If the Secure option is selected, the URLs created for posting info to web pages will be created with an "https" prefix instead of an "http" prefix.
Note: It is recommended that all elements of a web page should be located within the same security zone. If a secure web page is being created, then all images for the secure page should also be served from secure directories. This process is necessary in order to prevent web users from seeing a warning dialog box warning them that all elements of the HTML page are not secure. Since all elements of a secure web page need to be encrypted by the web server and decrypted by the web browser they should be kept small in size to minimize delays.

Submit Success URL field - If the Submit Success URL is filled in, the user will be redirected to the URL specified in this field upon successful completion of insert, update and delete scripts.

Submit Success Text field - If the Submit Success URL field is not filled in, the text listed in the Submit Success Text field will be displayed upon successful completion of insert, update and delete scripts.

Fields Folder Tab - Field Descriptions
The Fields folder tab provides configuration for the CGI script processing related to an individual field.

Display As field - The default value for the Display As field content is the as the field name. The field name may not be suitable for display on a web page therefore this field provides a way to change the displayed name of each field.

Field Type - The Field Type menu is used to specify the type of data which will be stored in the field. The following menu options are available for the Field Type menu:
Text-Small - The Text-Small option is intended to be used for defining fields which will store a relatively small amount of text within the database. For Oracle databases this selection will utilize a VARCHAR2(4000) column and for MySQL a VARCHAR(255) column will be used.
Text-Large - The Text-Large option is intended for storing large amounts of text within the database column. For Oracle databases this selection will utilize a CLOB column able to store up to 4GB of text and for MySQL a TEXT column storing up to 65K of text will be used.
Number - The Number option is intended for storing numeric information. For Oracle databases a NUMBER column is used, and for MySQL a DOUBLE column is used.
Date-Time - The Date-Time option utilizes a DATE column with Oracle databases which contains date and time information within the same column. For MySQL databases a TIME column is used if the text 'time' appears within the field name, otherwise a DATE column is used.
Image - The Image option is used for storing images or any other binary data within the database. For Oracle databases a BLOB column is used which allows up to 4GB of data storage per column and for MySQL a LONGBLOB column is used which also allows 4GB of binary storage per column.

Auto-Enter menu - The Auto-Enter menu enables auto-enter values. Fields may contain Auto-Enter Creation Time, Creation Date, Data, Modification Date, Modification Time, Perl Calculation or Serial Number. The Auto-Enter Creation Date/Time parameters are only used when new records are created. The Auto-Enter Modification Date/Time parameters are only used when a record is updated, not when it is created. The Auto-Enter Data parameter is a static value consisting of text or numbers which is entered upon record creation or modification. The static Data value needs to be entered into the "Result =" field. The Perl Calculation parameter is used during record creation and updating. The Perl code for the calculation needs to be entered into the "Result =" field and does not need to be terminated with a ";".
Tip: For situations in which differing behavior is required for database record creation vs updating scripts, two different forms could be created. One form would be used for inserting records and the other form could be used for updating records. The insert data form could be configured with a different set of Auto-Enter options compared to the options used for the update data form.

Result = field - This field is used for additional parameter specifications based upon the value selected for the Auto-Enter menu. If using the Auto-Enter Data or Auto-Enter Perl Calculation, the appropriate values or Perl code need to be entered into this field. The Perl calculation may make use of any existing Perl variables which have already been declared in the output script at the time the Auto-Enter directives are processed. Any syntax errors in the entered Perl code will cause the CGI script to stop running (script processing errors can be found within the web server error.log file).

Display Value List menu - The two options for this menu are None and From Value List. If the From Value List menu item is selected, the values for the value list should be entered into the Value List Items field. Value List items are used to build Submit, Query and Delete HTML pages.

Value List Items field - If the "From Value List" option is selected in the Display Value List menu, the value list items should be entered in this field.

Validate Data Entry menu - The options for this menu include None, Not Empty, Characters Only, Numbers Only, Numbers and Characters Only and Email Address. These validation options are checked during Submit and Update form processing.

Validate Numeric Range Low field - If validation of a numeric range is required, the lower range should be entered into this field.

Validate Numeric Range High field - If validation of a numeric range is required, the higher range should be entered into this field.

Number of Characters Min field - If a minimum number of characters must be entered into the field, the minimum number should be entered into this field.

Number of Characters Max field - If a maximum number of characters should not be exceeded for the field, this maximum number should be entered into this field.

Custom Validation Text field - A standard generic error message is generated for each validation test. However a custom error text message may be specified within this field in order to override the standard message. This message will be displayed for each validation error which occurs for the field. The text entered within this field should be terminated by an HTML <BR> command. All other HTML commands may be included as well.

Troubleshooting
Troubleshooting Tips:

Most web development troubleshooting may be performed by using information written to the web server error.log file. Additional information may be written to this file by using the Perl warn "" feature to write variable contents to the error.log file.

Perl DBI/DBD module related information may also be written to a log file. Each CGI script generated by CGIScripter contains a debug variable near the start of the program. Changing this variable from 0 to 1 will enable DBI/DBD debugging the next time the script is executed. On UNIX servers you may find that your web server software user does not have enough privileges to write the dbitrace.log file specified in the CGI script. Directory permissions may be changed to allow this file to be written if desired, however this information gets written to the Apache error.log file anyhow. On Apache web servers running on Windows, this log file will generally be created and can be viewed within the directory containing the CGI script.

Example Errors

Form validation fails while uploading images (or no data is written to the database) - If the combined data submitted to the database exceeds the value defined for $CGI::POST_MAX, then CGI.pm will often clear the data for all of the fields prior to passing the info to the script for processing. This feature is designed to prevent a web attacker from sending enough data to your script to cause a buffer overflow in an attempt to gain root access over the web server.
Solution: If the amount of submitted data is valid, then increase the value for POST_MAX by increasing the number which is entered into the CGIScripter Max Submit Size field.

syntax error at C:/test/Apache2/cgi-bin/form_-_depreciation_query1.pl line 283, near "abcdef - This error shows how a syntax error may show up in the error log.
Solution: Carefully check the syntax of Perl code entered into the Auto-Enter Perl Calculation field. Look at the output code to see how the Perl Calculation gets integrated into the rest of the script.

DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' - Even if the value for $CGI::POST_MAX is high enough for processing by CGI.pm, the MySQL max-allowed-packet database variable may be configured for a lower value.
Solution: The max-allowed-packet MySQL variable may be increased by entering the updated value into the mysqld configuration file (my.ini on Windows or /etc/my.conf on UNIX):
--max-allowed-packet=8M