ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
IMO it is only a matter of "taste" if you will. Using CGI will allow you to code whatever you want to do in C / C++ or another compiled / non-PHP language, and then have the application run as a normal process on your machine, triggered via CGI. If however, the task that you want to do does not require some kind of "non-php" (again, depends on your point of view) behaviour / service / activity, it might make more sense to simply use the PHP FastCGI executable to do whatever you want, thus having some cohesion across your setup.
For example, poweralert.co.za uses "deferred" PHP (executed by Apache OR via the CGI PHP executable) to build the site pages and update them every 10 minutes.
AFAIK using CGI to call a binary application is mostly useful if you have a precompiled binary that does something useful you want to tie to a webpage / site. If however, you want a high degree of consistency across your code, just do everything with PHP since PHP can run as an Apache module as well as a CGI-callable / cronnable script.
It can be seen as either a blessing or a curse, depending on your situation, but PHP can be used from $HOME/public_html directories, whereas Perl used as a CGI cannot. I'm no expert on Apache or other web server configuration, so I suppose it may be possible to override these conditions, but they have always been the standard configuration on any web server I've set up.
Perl can easily be made to enforce programming rules using 'use strict;' and the '-w' switch. These can save no end of aggravation and debugging time. I don't think PHP has such a feature.
Of course Apache can be (easily) configured to serve Perl CGIs from a user's web dir - if a webhoster offers Perl, they usally serve traditional Perl CGIs just fine.
But this is no issue of the programming language itself but of the style and configuration of the webhoster/webserver.
PHP will scale a bit better in heavy duty than perl/cgi and in perl you can integrate more complex functionality more easily.
If you want to create an object oriented application you will be better off using mod_perl. Here all classes can be loaded by the server at server start. But it requires some more reading. So if you expect a lot of visitors this would be a good alternative.
You can use both languages in a web application simultaneously, though. You can even share sessions among the both parts with perl module PHP::Session.
Actually mod_perl loads the perl into apache, so minimizing the startup overhead, and caching any perl scripts already run once.
mod_php does the same for PHP.
Result is a much faster site for busy sites. There are some gotchas, but the main one is that it actually caches the script state, so not just the code, but the last variable values set. So, always init all variables to a known value at first use/declaration, otherwise old values may be used.
The application failed the audit because of the possibility to bypass login and the fact that it does not check for POST or GET. So I can pass all my parameters in the URL and it will happily do what I tell it to do and not what the refering page wanted it to do.
@chrism01
you can configure mod_perl to cache all scripts or not using different handlers Registry vs. PerlRun and others. If you use PerlRun the srcipts are parsed with every request as in PHP. It is still much faster than CGI but you can use usual CGI programs without completely rewriting them as it would be necessary with the Registry handler.
The application failed the audit because of the possibility to bypass login and the fact that it does not check for POST or GET. So I can pass all my parameters in the URL and it will happily do what I tell it to do and not what the refering page wanted it to do.
And _that's_ just bad programming.
Just sad, that people still don't read one of the 98604860 tutorials about web programming...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.