Bash.CGI

Features

• Most importantly: it works (for me) in a Bash CGI script served by thttpd.
• Does not call any external programmes.
• Handles application/x-www-form-urlencoded data (%xx and + special chars).
• Handles both POST and GET methods.
• Does only register variables specified (can register globally, though).
• Handles multi-line data.

Usage

• Usage: cgi_getvars <method> <variablename1> [.. <variablenameN>]
  • Where <method> is one of GET, POST or BOTH
  • and <variablenameX> is the name of the variable to register (or ALL to get them all).
• cgi_getvars BOTH ALL would probably be similar to register_globals=on in PHP (or so..).

Code

As a script example.

#!/bin/bash
echo -e "Content-type: text/html\n\n"
cat <<EOF
<html>
<body>
<form action="http://${HTTP_HOST}:${SERVER_PORT}${SCRIPT_NAME}?foo=1234" method="POST">
<input type="text" name="bar">
<textarea name="foobar"></textarea>
<input type="submit">
</form>
EOF


# (internal) routine to store POST data
function cgi_get_POST_vars()
{
    # check content type
    # FIXME: not sure if we could handle uploads with this..
    [ "${CONTENT_TYPE}" != "application/x-www-form-urlencoded" ] && \
	echo "Warning: you should probably use MIME type "\
	     "application/x-www-form-urlencoded!" 1>&2
    # save POST variables (only first time this is called)
    [ -z "$QUERY_STRING_POST" \
      -a "$REQUEST_METHOD" = "POST" -a ! -z "$CONTENT_LENGTH" ] && \
	read -n $CONTENT_LENGTH QUERY_STRING_POST
    return
}

# (internal) routine to decode urlencoded strings
function cgi_decodevar()
{
    [ $# -ne 1 ] && return
    local v t h
    # replace all + with whitespace and append %%
    t="${1//+/ }%%"
    while [ ${#t} -gt 0 -a "${t}" != "%" ]; do
	v="${v}${t%%\%*}" # digest up to the first %
	t="${t#*%}"       # remove digested part
	# decode if there is anything to decode and if not at end of string
	if [ ${#t} -gt 0 -a "${t}" != "%" ]; then
	    h=${t:0:2} # save first two chars
	    t="${t:2}" # remove these
	    v="${v}"`echo -e \\\\x${h}` # convert hex to special char
	fi
    done
    # return decoded string
    echo "${v}"
    return
}

# routine to get variables from http requests
# usage: cgi_getvars method varname1 [.. varnameN]
# method is either GET or POST or BOTH
# the magic varible name ALL gets everything
function cgi_getvars()
{
    [ $# -lt 2 ] && return
    local q p k v s
    # get query
    case $1 in
	GET)
	    [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
	    ;;
	POST)
	    cgi_get_POST_vars
	    [ ! -z "${QUERY_STRING_POST}" ] && q="${QUERY_STRING_POST}&"
	    ;;
	BOTH)
	    [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
	    cgi_get_POST_vars
	    [ ! -z "${QUERY_STRING_POST}" ] && q="${q}${QUERY_STRING_POST}&"
	    ;;
    esac
    shift
    s=" $* "
    # parse the query data
    while [ ! -z "$q" ]; do
	p="${q%%&*}"  # get first part of query string
	k="${p%%=*}"  # get the key (variable name) from it
	v="${p#*=}"   # get the value from it
	q="${q#$p&*}" # strip first part from query string
	# decode and evaluate var if requested
	[ "$1" = "ALL" -o "${s/ $k /}" != "$s" ] && \
	    eval "$k=\"`cgi_decodevar \"$v\"`\""
    done
    return
}



# register all GET and POST variables
cgi_getvars BOTH ALL

echo "<pre>foo=$foo</pre>"
echo "<pre>bar=$bar</pre>"
echo "<pre>foobar=$foobar</pre>"

cat <<EOF
</body>
</html>
EOF

Credits

• http://www.fpx.de/fp/Software/ProcCGIsh.html (for the urldecode algorithm).

Copying

Full credits, please.