Basic CGI Form data submit - post & get - webserver

1. #!/bin/bash
2. echo -e "Content-type: text/html\n\n"
3. cat <<EOF
4. <html>
5. <body>
6. <form action="?foo=1234" method="POST" enctype="application/x-www-form-urlencoded">
7. bar: <input type="text" name="bar"><br/>
8. foobar: <textarea name="foobar"></textarea></br>
9. <input type="submit">
10. </form>
11. EOF
12.  
13.  
14. # (internal) routine to store POST data
15. function cgi_get_POST_vars()
16. {
17.     # check content type
18.     # FIXME: not sure if we could handle uploads with this..
19.     [ "${CONTENT_TYPE}" != "application/x-www-form-urlencoded" ] && \
20.     echo "bash.cgi warning: you should probably use MIME type "\
21.          "application/x-www-form-urlencoded!" 1>&2
22.     # save POST variables (only first time this is called)
23.     [ -z "$QUERY_STRING_POST" \
24.       -a "$REQUEST_METHOD" = "POST" -a ! -z "$CONTENT_LENGTH" ] && \
25.         read -n $CONTENT_LENGTH QUERY_STRING_POST
26.     # prevent shell execution
27.     local t
28.     t=${QUERY_STRING_POST//%60//} # %60 = `
29.     t=${t//\`//}
30.     t=${t//\$(//}
31.     t=${t//%24%28//} # %24 = $, %28 = (
32.     QUERY_STRING_POST=${t}
33.     return
34. }
35.  
36. # (internal) routine to decode urlencoded strings
37. function cgi_decodevar()
38. {
39.     [ $# -ne 1 ] && return
40.     local v t h
41.     # replace all + with whitespace and append %%
42.     t="${1//+/ }%%"
43.     while [ ${#t} -gt 0 -a "${t}" != "%" ]; do
44.     v="${v}${t%%\%*}" # digest up to the first %
45.     t="${t#*%}"       # remove digested part
46.     # decode if there is anything to decode and if not at end of string
47.     if [ ${#t} -gt 0 -a "${t}" != "%" ]; then
48.         h=${t:0:2} # save first two chars
49.         t="${t:2}" # remove these
50.         v="${v}"`echo -e \\\\x${h}` # convert hex to special char
51.     fi
52.     done
53.     # return decoded string
54.     echo "${v}"
55.     return
56. }
57.  
58. # routine to get variables from http requests
59. # usage: cgi_getvars method varname1 [.. varnameN]
60. # method is either GET or POST or BOTH
61. # the magic varible name ALL gets everything
62. function cgi_getvars()
63. {
64.     [ $# -lt 2 ] && return
65.     local q p k v s
66.     # prevent shell execution
67.     t=${QUERY_STRING//%60//} # %60 = `
68.     t=${t//\`//}
69.     t=${t//\$(//}
70.     t=${t//%24%28//} # %24 = $, %28 = (
71.     QUERY_STRING=${t}
72.     # get query
73.     case $1 in
74.     GET)
75.         [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
76.         ;;
77.     POST)
78.         cgi_get_POST_vars
79.         [ ! -z "${QUERY_STRING_POST}" ] && q="${QUERY_STRING_POST}&"
80.         ;;
81.     BOTH)
82.         [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
83.         cgi_get_POST_vars
84.         [ ! -z "${QUERY_STRING_POST}" ] && q="${q}${QUERY_STRING_POST}&"
85.         ;;
86.     esac
87.     shift
88.     s=" $* "
89.     # parse the query data
90.     while [ ! -z "$q" ]; do
91.     p="${q%%&*}"  # get first part of query string
92.     k="${p%%=*}"  # get the key (variable name) from it
93.     v="${p#*=}"   # get the value from it
94.     q="${q#$p&*}" # strip first part from query string
95.     # decode and evaluate var if requested
96.     [ "$1" = "ALL" -o "${s/ $k /}" != "$s" ] && \
97.         eval "$k=\"`cgi_decodevar \"$v\"`\""
98.     done
99.     return
100. }
101.  
102.  
103.  
104. # register all GET and POST variables
105. cgi_getvars BOTH ALL
106.  
107. echo "<pre>foo=$foo</pre>"
108. echo "<pre>slug=$slug</pre>"
109. echo "<pre>bar=$bar</pre>"
110. echo "<pre>foobar=$foobar</pre>"
111.  
112. cat <<EOF
113. </body>
114. </html>
115. EOF