Server-Side Files

In the preceding section, we demonstrated how to maintain state information about a user via cookies. The other mechanism by which to do so is to create server-side files (i.e., files that are located on the server or on the server's network). This is a slightly more secure method by which to maintain vital information. In this mechanism, only someone with access and permission to change files on the server can alter files. Figures 19.1819.19 ask users for contact information, then store it on the server. Figure 19.20 shows the file that is created by the script.

Figure 19.18. XHTML document to read user's contact information.

(This item is displayed on pages 949 - 950 in the print version)

"http://www.w3.org/1999/xhtml"> 9 10

 1  "1.0"?>
 2  "-//W3C//DTD XHTML 1.1//EN"
 3 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 4
 5 
 6 
 7
 8 
Please enter your contact information 11 12 13 14

Please enter your information in the form below.

15

Note: You must fill in all fields.

16 method = "post" action = "/cgi-bin/savefile.cgi"> 17

18 First Name: 19 "text" name = "firstname" size = "10" /> 20 Last Name: 21 "text" name = "lastname" size = "15" /> 22

23

24 Address: 25 "text" name = "address" size = "25" />
26 Town: "text" name = "town" size = "10" /> 27 State: "text" name = "state" size = "2" />
28 Zip Code: "text" name = "zipcode" size = "5" /> 29 Country: "text" name = "country" size = "10" /> 30

31

32 E-mail Address: "text" name = "email" /> 33

34 "submit" value = "Enter" /> 35 "reset" value = "Clear" /> 36 37 38

Figure 19.19. Creating a server-side file to store user data.

(This item is displayed on pages 950 - 953 in the print version)

 1 // Fig. 19.19: savefile.cpp
 2 // Program to enter user's contact information into a
 3 // server-side file.
 4 #include 
 5 using std::cerr;
 6 using std::cin;
 7 using std::cout;
 8 using std::ios;
 9
10 #include 
11 using std::ofstream;
12
13 #include 
14 using std::string;
15
16 #include 
17 using std::getenv;
18 using std::atoi;
19 using std::exit;
20
21 int main()
22 {
23 char postString[ 1024 ] = "";
24 int contentLength = 0;
25
26 // variables to store user data
27 string dataString = "";
28 string firstname = "";
29 string lastname = "";
30 string address = "";
31 string town = "";
32 string state = "";
33 string zipcode = "";
34 string country = "";
35 string email = "";
36
37 // data was posted
38 if ( getenv( "CONTENT_LENGTH" ) )
39 contentLength = atoi( getenv( "CONTENT_LENGTH" ) );
40
41 cin.read( postString, contentLength );
42 dataString = postString;
43
44 // search for first '+' character
45 string::size_type charLocation = dataString.find( "+" );
46
47 // search for next '+' character
48 while ( charLocation < string::npos ) )
49 {
50 dataString.replace( charLocation, 1, " " );
51 charLocation = dataString.find( "+", charLocation + 1 );
52 } // end while
53
54 // find location of firstname
55 int firstStart = dataString.find( "firstname=" ) + 10;
56 int endFirst = dataString.find( "&lastname" );
57 firstname = dataString.substr( firstStart, endFirst - firstStart );
58
59 // find location of lastname
60 int lastStart = dataString.find( "lastname=" ) + 9;
61 int endLast = dataString.find( "&address" );
62 lastname = dataString.substr( lastStart, endLast - lastStart );
63
64 // find location of address
65 int addressStart = dataString.find( "address=" ) + 8;
66 int endAddress = dataString.find( "&town" );
67 address = dataString.substr( addressStart, endAddress - addressStart );
68
69 // find location of town
70 int townStart = dataString.find( "town=" ) + 5;
71 int endTown = dataString.find( "&state" );
72 town = dataString.substr( townStart, endTown - townStart );
73
74 // find location of state
75 int stateStart = dataString.find( "state=" ) + 6;
76 int endState = dataString.find( "&zipcode" );
77 state = dataString.substr( stateStart, endState - stateStart );
78
79 // find location of zip code
80 int zipStart = dataString.find( "zipcode=" ) + 8;
81 int endZip = dataString.find( "&country" );
82 zipcode = dataString.substr( zipStart, endZip - zipStart );
83
84 // find location of country
85 int countryStart = dataString.find( "country=" ) + 8;
86 int endCountry = dataString.find( "&email" );
87 country = dataString.substr( countryStart, endCountry - countryStart );
88
89 // find location of e-mail address
90 int emailStart = dataString.find( "email=" ) + 6;
91 int endEmail = dataString.find( "&submit" );
92 email = dataString.substr( emailStart, endEmail - emailStart );
93
94 cout << "Content-Type: text/html

"; // output header
95
96 // output XML declaration and DOCTYPE
97 cout << ""
98 << "
99 << ""http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">";
100
101 // output html element and some of its contents
102 cout << ""
103 << "Contact Information entered";
104
105 ofstream outFile( "clients.txt", ios::app ); // output to file
106
107 if ( !outFile ) // file was not opened properly
108 {
109 cerr << "Error: could not open contact file.";
110 exit( 1 );
111 } // end if
112
113 // append data to clients.txt file 
114 outFile << firstname << " " << lastname << "
" << address << "
"
115  << town << " " << state << " " << country << " " << zipcode 
116  << "
" << email << "

"; 
117
118 // output data to user
119 cout << "
First Name: " << firstname 120 << "
Last Name: " << lastname 121 << "
Address: " << address 122 << "
Town: " << town 123 << "
State: " << state 124 << "
Zip Code: " << zipcode 125 << "
Country: " << country 126 << "
Email: " << email 127 << "
"; 128 return 0; 129 } // end main

Figure 19.20. Contents of clients.txt data file.

(This item is displayed on page 953 in the print version)

 Jane Doe
 123 Main Street
 Boston MA USA 12345
 jane@doe.com
 

The XHTML document in Fig. 19.18 posts the form data to the CGI script in Fig. 19.19. In the CGI script, lines 4592 decode the parameters that were sent by the client. Line 105 creates an instance of the output file stream (outFile) that opens a file for appending. If the file clients.txt does not exist, it is created. Lines 114116 output the personal information to the file. (See Fig. 19.20 for the contents of the file.) The remainder of the program outputs an XHTML document that summarizes the user's information.


There are a few important points to make about this program. First, we do not perform any validation on the data before writing it to disk. Normally, the script would check for bad data, incomplete data, etc. Second, our file is located in the cgi-bin directory, which is publicly accessible. Someone who knew the filename would find it relatively easy to access someone else's contact information.

This script is not robust enough for deployment on the Internet, but it does provide an example of the use of server-side files to store information. Once the files are stored on the server, users cannot change them unless they are allowed to do so by the server administrator. Thus, storing these files on the server is safer than storing user data in cookies. [Note: Many systems store user information in password-protected databases for higher levels of security.]


Note that, in this example, we show how to write data to a server-side file. In the next section we show how to retrieve data from a server-side file, using the techniques used for reading from a file in Chapter 17, File Processing.

Introduction to Computers, the Internet and World Wide Web

Introduction to C++ Programming

Introduction to Classes and Objects

Control Statements: Part 1

Control Statements: Part 2

Functions and an Introduction to Recursion

Arrays and Vectors

Pointers and Pointer-Based Strings

Classes: A Deeper Look, Part 1

Classes: A Deeper Look, Part 2

Operator Overloading; String and Array Objects

Object-Oriented Programming: Inheritance

Object-Oriented Programming: Polymorphism

Templates

Stream Input/Output

Exception Handling

File Processing

Class string and String Stream Processing

Web Programming

Searching and Sorting

Data Structures

Bits, Characters, C-Strings and structs

Standard Template Library (STL)

Other Topics

Appendix A. Operator Precedence and Associativity Chart

Appendix B. ASCII Character Set

Appendix C. Fundamental Types

Appendix D. Number Systems

Appendix E. C Legacy Code Topics

Appendix F. Preprocessor

Appendix G. ATM Case Study Code

Appendix H. UML 2: Additional Diagram Types

Appendix I. C++ Internet and Web Resources

Appendix J. Introduction to XHTML

Appendix K. XHTML Special Characters

Appendix L. Using the Visual Studio .NET Debugger

Appendix M. Using the GNU C++ Debugger

Bibliography



C++ How to Program
C++ How to Program (5th Edition)
ISBN: 0131857576
EAN: 2147483647
Year: 2004
Pages: 627

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net