I’ve had a request on information on how to use uncgi, a simple little wrapper that reads, then decodes the GET/POST variables from form fields and sticks them into environment variables for easy use within a shell script, a C program, a Perl script, or whatever you like, then executes whatever other program you specify.
Assuming that you’ve compiled uncgi, and have it setup and functioning on your system, this is a trivial little script that checks for the WWW_ipaddr variable being set – if it isn’t, it’ll print a tiny form. If it is, it’ll execute ‘traceroute’ with the variable given.
#!/bin/sh PATH=/bin:/sbin:/usr/bin:/usr/sbin UNCGIPATH=”/cgi-bin/uncgi” echo ‘Content-type: text/html’ echo ‘’ echo ‘' traceroute "$WWW_ipaddr" echo '’ fi echo ‘’
Yes, it’s amazingly simple, but that’s by design – you could get quite exotic – which is beyond the scope of this text.
The form provides a text entry field with the misnomer of ‘ipaddr’, and a size of 40, allowing people to enter either text, or a dotted quad (traceroute supports this natively). uncgi will store this value (by default) as WWW_ipaddr. We test for the existance of WWW_ipaddr, and if it exists, execute traceroute with that information – otherwise, print the form.
Keep in mind that there are several implications here – executing upon an escaped variable is inherently a bad idea, even if it ‘should be safe’.
Happy scripting!