Upload
seshadri-krishna
View
214
Download
0
Embed Size (px)
Citation preview
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
1/14
Write brief answers to the following questions.
1. What are the different methods CGI uses for returning HTTP ? 3
CGI.pm has two methods for returning HTTP headers: header and redirect.
They correspond to the two ways you can return data from CGI scripts: you can return a document,
or you can redirect to another document.
2. Which are the file locks available in peri ? 3
A shared lock allows more than one program (or other process) to access the file at the same time.
A program should use a shared lock when reading from a file.
An exclusive lock allows only one program or process to access the file while the lock is held. A
program should use an exclusive lock when writing to a file.
File locking is accomplished in Perl using the Fcntl module, EG: use Fcntl qw(:flock);
3. How do you set the environmental variables manually? 3
4. What are the common errors in programming with Perl? 3
Problem Typical Error Message
Application permissions 403 Forbidden
The pound-bang line 403 Forbidden
Line endings 500 Internal Server ErrorMalformed header 500 Internal Server Error
5. What are the advantages of XML? 3
The real power of XML comes from the fact that with XML, not only can you define your own
set of tags, but the rules specified by those tags need not be limited to formatting rules. XML
allows you to define all sorts of tags with all sorts of rules, such as tags representing business
rules or tags representing data description or data relationships.
Some of the benefits are:
With XML, the GUI is extracted. Thus, changes to display do not require futzing
with the data. Instead, a separate style sheet will specify a table display or a list
display.
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
2/14
Searching the data is easy and efficient. Search engines can simply parse the
description bearing tags rather than muddling in the data. Tags provide the
search engines with the intelligence they lack.
Complex relationships like trees and inheritance can be communicated.
The code is much more legible to a person coming into the environment with noprior knowledge.
In the above example, it is obvious that 002 represents an ID whereas
002 might not. XML is self-describing.
Data is provided in a way that makes it easily transportable via HTTP.
By and large, tags make up the majority of XML markup. A tag is pretty much
anything between angular brackets < >
6. Explain the syntax of HTML template. 4
Example 7-1. current_time.tmpl
Current Time
Current Time
Welcome. The current time is .
7. Explain the structure of CGI program. 3
Perl has three types of variables:
Scalars: Scalar variables are variables that can hold only one value at a time. A scalar variable is
defined in Perl by using $,
Arrays: An array stores a list of values. While a scalar variable can only store one value, an array can
store many. Perl array names are prefixed with an at-sign (@)
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
3/14
Hashes:
A hash is a special kind of array - an associative array, or paired group of elements. Perl hash
names are prefixed with a percent sign (%), and consist of pairs of elements - a key and a data
value.
---------
1. What is CGI? Explain with a diagram. 5
Ans: The Common Gateway Interface, or CGI, is a standard for external gateway
programs to interface with information servers such as HTTP servers. A plain HTML
document that the Web daemon retrieves is static, which means it exists in a
constant state: a text file that doesn't change. A CGI program, on the other hand, is
executed in real-time, so that it can output dynamic information
. The interactions are illustrated in the followingdiagram:Web Web CGI Appl.Browser Internet Server Protocol Program
HTTP Env. Var.request stdin
Send --------------> Convert ----------> Process|
HTTP |response stdout V
Receive
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
4/14
2. Mention the programming language that are used for CGI Programming
Ans: Many languages are available for CGI programming, although certain languages are more
suited for CGI programming than others, Some of the most popular languages for CGI
programming include AppleScript, C/C++, C Shell, Perl, Tcl, and Visual Basic.
Before choosing a language, one must consider the following features.
Ease of text manipulation.
Ability to interface with other software libraries and utilities.
Ability to access environment variables (in UNIX).
3. What is the Acronym XML & CSS stands for
a. Extensible Markup Language, Cascading Style sheet4. What are the methods used for sending Form data to the server
a. Get Method and Post Method5. State SSI (Server Side Includes) environment variables
Environment Variable Description
DATE_GMT Current date and time in GMT (Greenwich Mean
Time)
DATE_LOCAL Current date and time in the local time zone
DOCUMENT_NAME The current filename
DOCUMENT_URI Virtual path (relative to the document root) to the
file
LAST_MODIFIED Last modification date and time for current file
QUERY_STRING_UNESCAPED Un-decoded query string with all shell meta
characters escaped with a \.
6. Mention any 2 image formats used on line
Ans: GIF and JPEG
7. Give basis of CGI Program
8. Java Script is a Scripting Language
9. CGI.PM module has become standard tool for creating CGI scripts in Perl
10.To execute the external program SSI directive is used
11.TextArea tag is used to enter multiple lines of text
12.Hash is also called as Associative array
13.CGI Script is the module used for producing graphs
1. The common applications that are designed using CGI are Forms, gateways and virtual
documents
2. Status code 200 indicates that the request is processed successfully and response is
included in the content. 1
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
5/14
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
6/14
Perl allows rapid development because it is interpreted; the source code does not need
to be compiled before execution.
Perl is easily portable and available on many platforms.
Perl contains extremely powerful string manipulation operators, with regular expression
matching and substitution built right into the language. Perl handles and manipulates binary data just as easily as it handles text.
Perl does not require strict variable types; numbers, strings, and Booleans are simply
scalars.
Perl interfaces with external applications very easily and provides its own file system
functions.
2. What is meant by status code? List any four status code 8
The Status header consists of a three-digit numerical status code, indicating
the status of the initiated operation, return status code helps the programmerto handle the situation accordingly
Status Code Message
200 Success
204 No Response
301Document
Moved
401 Unauthorized
403 Forbidden
404 Not Found
500Internal Server
Error
501 Not Implemented
b) How form data is sent to servers? 7
There are two methods for sending form data: GET and POST. These methods determine howthe form data is sent to the server. In the GET method, the input values from the form are sent
as part of the URL, and saved in the QUERY_STRING environment variable. With POST, data is
sent as an input stream to the program.
If the GET method is used, the input values are simply appended to the URL of the program
when the client issues the request to the server.
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
7/14
The query string is appended to the URL after the ? character. The server then takes this
string and assigns it to the environment variable QUERY_STRING.
The GET method has both advantages and disadvantages. The main advantage is that the CGI
program can be accessed with a query without using a form. Basically, just passing the
parameters to the program
POST is more secure than GET, since the data isnt sent as part of the URL, and more data can
be sent with POST. Also, browser, web server, or proxy server may cache GET queries, but
posted data is resent each time. Web browser, when sending forms data, encodes the data
being sent. Alphanumeric characters are sent as themselves; spaces are converted to plus signs
(+); other characters like tabs, quotes, etc. are converted to %HH a percent sign and
two hexadecimal digits representing the ASCII code of the character. This is called URL
encoding.
6. a) What are the forms used for in CGI applications ? 8
HTML forms are the user interface that provides input to the CGI scripts. They are primarily
used for two purposes: collecting data and accepting commands. Examples of data that may be
collected are registration information, payment information, and online surveys. The
commands that can be accepted via forms are using checkboxes, lists, and buttons to control
various aspects of CGI application.
Thus forms basic functions are data collection and interactive communication.
The great advantage of HTML form is that user can use them to create a front end fornumerous gateways (such as databases or other information servers) that can be accessed by
any client without worrying about platform dependency.
In order to process data from an HTML form, the browser must send the data via an HTTP
request.
A CGI script cannot check user input on the client side; the user must press the submit button
and the input can only be validated once it has travelled to the server. JavaScript, on the other
hand, can perform action in the browser. It can be used in conjunction with CGI script to
provide a more responsive user interface.
A form is simply an area that can contain form fields for example text boxes, drop-down menus or
radio buttons. When the visitor clicks a submit button, the content of the form is usually sent to a
program that runs on the server
.
.
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
8/14
The attributes of the tag are:
METHOD
METHOD specifies the HTTP request method used when calling the CGI script. The options are
GET and POST,
ACTION
ACTION specifies the URL of the CGI script that should receive the HTTP request made by the CGI
script. By default, it is the same URL from which the browser retrieved the form.
ENCTYPE
ENCTYPE specifies the media type used to encode the content of the HTTP request. Because GET
requests do not have a body, this attribute is only meaningful if the form has POST as its method.
This attribute is rarely included. The only reason to specify another media type is when creating a
form that accepts file uploads. File uploads must use multipart/form-data instead.
b) What does SSI mean? Explain with a neat diagram the working of SSI. 7
Server Side Includes (SSI) is a simple interpreted server-side scripting language used almost
exclusively for the Web, SSI has a simple syntax: . Directives are placed in HTML comments so that if SSI is not enabled,
users will not see the SSI directives on the page
Refer to 5.3.1
7. a) Write a note on Perl taint mode. 8
The purpose of taint mode is (to stop) / not to allow any outside application data affect theapplication in ay manner. Thus perl will not allow user inputted values to be used in an eval,
passed through a shell or used in any of the Perl commands that affect files and process. It was
created for situations when security is important such as writing perl programs that run as root
or CGI scripts. You should always use taint mode in your CGI scripts.
When taint mode is enabled perl monitors every variable to see if it is tainted. Tainted data,
according to Perl, is any data that comes from outside your code. Because this includes anything
read from the STDIN (or any other file input) as well as all environment variables this covers
everything your CGI script receives from the user.
What is monitored by Taint Mode: The base rule as we have said, is that Perl considers any action
that could modify resources outside the script subject to enforcement. Thus you may open a file
using a tainted filename and read from it as long as you did so in read only mode. However if you
try to open the file to write to it, using a tainted filename Perl will abort with an error.
It is generally better to determine what characters to allow than to try determining what not to
allow. Build your untaint regular expressions with this in mind
http://en.wikipedia.org/wiki/Server-side_scriptinghttp://en.wikipedia.org/wiki/Server-side_scripting7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
9/14
Explain the environment variable content length
One of the methods that the web server uses to pass information to a cgi script is through environmental
variables. These are created and assigned appropriate values within the environment that the server spawns
for the cgi script. They can be accessed as any other environmental variable
The length, in bytes, of the input stream is being passed through standard input. This is needed when a script
is processing input with the POST method, in order to read the correct number of bytes from the standard
input. Some servers end the input string with EOF, but this is not guaranteed behavior, so, in order to be sure
that you read the correct input length you can do something
like read(STDIN,$input,$ENV{CONTENT_LENGTH})
What is DHTML? Explain. 9
Ans: Dynamic HTML (DHTML) is a set of innovative features which enables authors to dynamically
change the rendering and content of a document. DHTML gives authors the ability to create visually
outstanding HTML documents that interact with the user, without the burden of relying on server-
side programs or complicated sets of HTML pages to achieve special effects.
With DHTML, you can easily add effects to your documents that previously were difficult to achieve.
For example, you can:
Hide text and images in your document and keep this content hidden until a given time
elapses or the user interacts with the page.
Animate text and images in your document, independently moving each element from any
starting point to any ending point, following a path that you choose or that you allow the
user choose.
Create a ticker that automatically refreshes its content with the latest news, stock quotes, or
other data.
Create a form and then instantly read, process, and respond to the data the user enters in
the form.
Explain CGI.PM, How is input handled in CGI.PM / Explain http, https, self-url.
CGI.pm primarily handles two separate tasks: it reads and parses input from the user,
and it provides a convenient way to return HTML output, inputs are accepted with
help of Environment variables, Most of these CGI.pm methods take no arguments and returnthat same value as the corresponding environment variable.
HTTP: If the http method is called without arguments, it returns the name of the
environment variables available that contain an HTTP_ prefix. If you call http with an
argument, then it will return the value of the corresponding HTTP_ environment
variable. When passing an argument to http, the HTTP_ prefix is optional,
capitalization does not matter, and hyphens and underscores are interpreted the
same
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
10/14
HTTPS: The https method functions similarly to the http method when it is passed a
parameter. It returns the corresponding HTTPS_ environment variable. These
variables are set by your web server only if you are receiving a secure request via
SSL. When https is called without arguments, it returns the value of the HTTPS
environment variable, which indicates whether the connection is secure (its values
are server-dependent).
Self_URL: This method does not correspond to a standard CGI environment variable,
although you could manually construct it from other environment variables. It
provides you with a URL that can call your CGI with the same parameters. The path
information is maintained and the query string is set to the value of
the query_string method.
Your CGI script may have been called because of an internal redirection by the web
server. Also, because all of the parameters are moved to the query string, this new
URL is built to be used with a GET request, even if the current request was a POST
request.
What is CSS? How it works?
Cascading Style Sheets (CSS) are a collection of formatting rules that control the appearance of
content in a web page. They are very useful for maintaining a web site since its appearance
(controlled by properties of HTML tags) can be managed from just one file. CSS Styles also enhance
your sites look, accessibility and reduces file size. Another main advantage is reusability - instead ofdefining the properties of fonts, backgrounds, borders, bullets, uniform tags, etc. each time you use
them you can just assign the corresponding CSS style in the class property. You can store CSS styles
directly in each document or, for more control and flexibility, in an external style sheet.
There are 3 types of CSS Styles:
Custom CSS (Class) styles: create a customized style with the set attributes. These class
styles can be applied to any tag.
HTML Tag styles: redefine the formatting for a particular tag, such as . All text
formatted with the h1 tag is immediately updated.
Advanced CSS Selector styles: redefine the formatting for:
1. A particular combination of tags (for example, td h2 applies whenever an h2 header
appears inside a table cell) and pseudo-class styles (for example, a:link, a:hover,
a:visited)
2. A specific ID attribute (for example, #myStyle applies to all tags that contain the
attribute-value pair id=myStyle)
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
11/14
Or
External style sheet, which you use when you want to apply the same styles consistently across all the
pages in your Web site that are linked to it. Also known as linked style sheet.
Embedded style sheet, which you use when you want to define styles for the current page
Inline style sheet, which you apply to individual elements on a page.
CSS styles are defined within the tag. If you define the styles embedded within your current
document you will find code similar to the following in your head content:
.bluetext ..
>
Explain the different applications of SSI
SSI (Server Side Includes) is directives that are placed in HTML pages, and evaluated
on the server while the pages are being served. They let you add dynamically
generated content to an existing HTML page, without having to serve the entire page
via a CGI program, or other dynamic technology.
SSI is certainly not a replacement for CGI, or other technologies used for generating
dynamic web pages. But it is a great way to add small amounts of dynamic content to
pages, without doing a lot of extra work
Basic SSI directives
Today's date
Today is
Modification date of the file
This document last modified
Including the results of a CGI program
This is one of the more common uses of SSI - to output the results of a CGI program,
such as everybody's favorite, a ``hit counter.''
Executing commands
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
12/14
You can actually have SSI execute a command using the shell (/bin/sh, to be precise -
or the DOS shell, if you're on Win32). The following, for example, will give you a
directory listing.
1. Explain loops and conditionals in HTML:: Template
2. Explain the following SSI directives. 8
3. i) fsize ii) flastmod
The #flastmod and #fsize server-side includes provide important information on web pages
hosted by classic ASP web sites.
The #flastmod include prints the date when the file was last modified. The #fsize include
prints the size of the specified file.
When you apply these includes to a web site that allows users to download files, they allow usersto check and see whether a file is new, and also the size, so that the user can estimate how longthe download will take.
Also, these commands are dynamic. This means that if the file size changes or the last modifieddate changes, the files are updated automatically.
SSI Include
The file available for download isDownload.zip, its size is. The file was last updatedon
4. What are the different modules available for creating graphs?
5. Explain how to prevent catching of images
a. Expires HTTP header is one of the option however this is not supported by
many browsers
b. Alternately we can use generate the file name dynamically along with the
tag name as well in order not to have the same cached, this approach
needs to be used sparingly
my $time = time;print $q->img( { -src => /cgi/survey_graph.cgi/$time/survey.png } );
6. What are gateways
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
13/14
Ans : Gateways, are programs or scripts used to access information that is not directly readableby the client, CGI provides solution to this in the form of a gateway. To read the informationcontained within the database, a language such asoraperlor a DBI extension to perl to form SQLqueries can be used. In these cases, the CGI program serves as a gateway to the database, asshown in Figure
7. b) What is the security threats associated with browser? 7
8. b) What do you mean by dynamic web pages? 7
9. a) Explain the internal working of CGI with architecture. 8
10. With a neat diagram, explain the steps involved in form interaction with CGI. 8
11.b) What are the benefits of server redirections? Explain with diagram. 7
12. What are environment variables? Explain any four with suitable example. 813.What programming language features are required for CGI programming? 5
14.Mention two coding techniques used in perl to develop stable applications, Explain one
of them. 5
15.Which are the applications that are designed in CGI
16.Explain any two control structures in Perl. 8
17.Explain the basic structure of Perl program 8
18. Explain the variable type hash with the functions to access the contents of the hash. 8
Ans: A hash is a special kind of array - an associative array, or paired group of elements. Perl
hash names are prefixed with a percent sign (%), and consist of pairs of elements - a key and adata value. Heres how to define a hash:
The exists function can be used to see if a particular key/value pair exists in the hash:exists $hashname{key}
To empty out the entire hash, do:%hashname = ();
7/30/2019 Previous Question Paper MSc III Semister - 3B Internet Programming
14/14
19.Explain the different image file formats. 7
20. What are the design goals of XML ? 8
21.Explain the added features of PNG over GIF. 7
22.Explain the importance of web security. 7
23.Explain the methods of developing scheme solution. 8
24.Write a perl program which does the same as the UNIX cat command on text file. 7
$file = /abcd; # Name the fileopen(INFO, $file); # Open the file
@lines = ; # Read it into an arrayclose(INFO); # Close the fileprint @lines; # Print the array