3. Codewrap

In this section, I concentrate just on how to run a PHP script in the ACCC environment. At the moment, codewrap is limited to PHP, although that might change in the future.

Note added January, 2008: We have just upgraded to PHP 5.2.5 with XML support on tigger:

http://tigger.uic.edu/htbin/codewrap/bin/depts/accc/cgi-bin/foo/info.php

and are in the process of upgrading the www.uic.edu machines as well as icarus as this update is being written.

• Create an appropriate directory.
• Make a php script, and put it in the proper directory.
• Set the file permissions.
• Figure out the URL and point your browser.

The mechanics are fairly simple. You'll need to create a directory named cgi-bin, and set file permissions correctly.

If you are doing this from your personal account and home directory, do this:

    cd
    mkdir cgi-bin
    chmod u+rx,o-rx cgi-bin

   chmod a+x ~

If you are doing this from a deparmental directory, it's very similar, but you get a choice of where the cgi-bin goes.

    cd /usr/local/etc/httpd/htdocs/depts/accc   (something appropriate for you!)
    mkdir cgi-bin
    chmod u+rx,o-rx cgi-bin

<HTML>
<HEAD>
<TITLE>Hello, world!</TITLE>
</HEAD>
<BODY>
<?php
echo "<H1>Hello, world!</H1>\n";
?>
</BODY>
</HTML>

NOTE: Make sure the filename ends in .php so that codewrap can recognize it as php code.

Just put this into a file called hi.php in your cgi-bin directory, or into a directory below the cgi-bin. That's it. Note that however you make your CGI scripts, you need to give execute permission to the usr. Unlike normal html files, the CGI scripts do not have to have public read permissions. (In fact, I recommend against public read permission. You want the web server to execute your script, but you generally don't want the public crawling through your code, looking for vulnerabilities.) Do this:

    chmod u+x,o-rx hi.php

Once your script is set up, all you have to do is run it. This is slightly different, depending on use of a personal account or departmental directory.

In the personal case, if your netid happened to be adabyron, you would use the following url:

    http://www2.uic.edu/htbin/codewrap/~adabyron/hi.php

    http://www.uic.edu/htbin/codewrap/bin/depts/accc/cgi-bin/hi.php

Anyone at UIC could connect to the above example anonymously. Suppose you wanted to force the user to authenticate, to give you his/her netid, which your script could then process or record. Of course, this is done safely, so that the user's password is never compromised.

You can have codewrap invoke the Bluestem system quite easily. In fact, all you need do is change the url. And, you probably want to modify your script to deal with the authenticated netid. Here's an example script:

<HTML>
<HEAD>
<TITLE>Hello, world!</TITLE>
</HEAD>
<BODY>
<?php
echo "HI ", $_ENV['REMOTE_USER'];
echo "This is my second CGI!";
?&rt;
</BODY>
</HTML>

https://www.uic.edu/htbin/codewrap-auth/~adabyron/backatcha.php

1. You must use https, rather than http.
2. You must use codewrap-auth, not codewrap.
3. The authenticated netid is placed in the REMOTE_USER environment variable.
4. Use your netid instead of adabyron, or a url appropriate for your departmental cgi-bin directory.

Debugging a CGI script is normally painful. Much worse than debugging a normal program, because it is hard to make the error messages come out in a place you can read them. In this regard, using codewrap has a big advantage -- a debug mode.

Do everything normally, but instead of using codewrap in your URL, use codewrap-d. Try it, you'll get all sorts of information, including spooling of STDOUT. You can also use codewrap-auth-d instead of codewrap-auth.