Share your knowledge at the LQ Wiki.
Go Back > Forums > Non-*NIX Forums > Programming
User Name
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.


Search this Thread
Old 04-14-2013, 08:41 AM   #1
Registered: Dec 2009
Posts: 38

Rep: Reputation: 6
Cool Run bash command taking input from HTML page - CGI script


I am trying to get input from my browser using a text box and submit button and trying to create a file in the server with the same name as the input. I am also printing the value of the input to the browser.

Though, the browser is displaying the input I gave, the file is not getting created in the server.

PS: None of the bash commands I am giving in the script is running :/

HTML form:
<form action="cgi-bin/" method="get">
Enter a username: <input type="text" name="username"></input><br>
<input type="submit" name="subbtn" value="Submit">
Bash script:
echo "Content-type: text/html"
echo ""
USERNAME=`echo "$QUERY_STRING" | sed -n 's/^.*username=\([^&]*\).*$/\1/p' | sed "s/+/ /g"`
echo "<html><head><title>What You Said</title></head>"
echo "<body>Here's what you said: <br>"
echo "You entered $USERNAME"
touch /tmp/$USERNAME.txt
echo "</body></html>"
Even if I replace touch /tmp/$USERNAME.txt with touch /tmp/haha , it does not work.
I have also tried putting the touch command after the USERNAME parsing line.

Please help.
Old 04-14-2013, 11:14 AM   #2
Registered: Aug 2002
Posts: 11,864

Rep: Reputation: 739Reputation: 739Reputation: 739Reputation: 739Reputation: 739Reputation: 739Reputation: 739
Have you checked the httpd logs for errors?
Does have the proper permissions?

What linux distribution/version are you running?
Old 04-14-2013, 11:50 AM   #3
David the H.
Bash Guru
Registered: Jun 2004
Location: Osaka, Japan
Distribution: Debian sid + kde 3.5 & 4.4
Posts: 6,823

Rep: Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947
BTW, as a quick comment on your script, you should be able to at least reduce the two sed commands to one with multiple "-e" options.

Or even better, replace them with shell built-in parameter expansion or other string manipulations.

$(..) is highly recommended over `..`, too.

Finally, the variable setting and touch commands are not part of the printed output, so for clarity set them apart from the rest.



echo "Content-type: text/html"
echo ""
echo "<html><head><title>What You Said</title></head>"
echo "<body>Here's what you said: <br>"
echo "You entered $USERNAME"
echo "</body></html>" 

touch "/tmp/$USERNAME.txt"

If the output were longer, I might go for a here document instead of a bunch of echos, but since that requires the external cat command, it's not really worth it here.

Last edited by David the H.; 04-14-2013 at 11:53 AM.
Old 04-14-2013, 03:24 PM   #4
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,974
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
Moved: This thread is more suitable in <PROGRAMMING> and has been moved accordingly to help your thread/question get the exposure it deserves.
Old 04-15-2013, 09:21 AM   #5
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
The file is probably not being created as result of security measures enforced by the web server configuration &/or the OS configuration. Check for selinux configuration preventing this. Beware that removing the restriction opens up a significant security hole. Use great prudence and defensive programming tactics to prevent creation of dangerous files. Don't assume that user input is 'friendly' or follows expected patterns.
--- rod.
Old 04-15-2013, 02:00 PM   #6
Registered: Dec 2009
Posts: 38

Original Poster
Rep: Reputation: 6

Thank you all for the replies

Here are the wanted information :-
Apache error logs:
[Tue Apr 16 00:17:06 2013] [error] [client] File does not exist: /var/www/
[Tue Apr 16 00:17:13 2013] [error] [client] File does not exist: /var/www/

Fedora release 17

-rwxr-xr-x 1 root root 774 Apr 14 19:04

[root@vickyfedora cgi-bin]# selinuxenabled && echo enabled || echo disabled

Anymore ideas ?

I will surely take care of all scripting and security recommendations
Old 04-15-2013, 11:36 PM   #7
Registered: Dec 2009
Posts: 38

Original Poster
Rep: Reputation: 6
I solved the problem ! I forgot that apache user was running apache :-/ Hence, I created a directory and gave it 755 permission with ownership of apache and now files are getting created in it. It is just my test VM so no security worries. Also, I thought /tmp is world writable !

Thank you all for your valuable inputs


cgibin, shell scripting

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Passing arguments to a CGI script via HTML page yaron.kadem Linux - Server 2 09-20-2011 03:05 AM
[SOLVED] ? running shell script taking command line arguments in a jsp page? etika Linux - Newbie 1 02-11-2011 01:26 AM
bash CGI script HTML tags issue m4rtin Programming 1 01-19-2010 12:57 AM
passing parameters from cgi script to html page shifter Programming 4 01-18-2010 10:26 AM
Html generated by a CGI page counter script displayed in browser without being parsed gregorian Programming 5 08-19-2009 10:41 AM

All times are GMT -5. The time now is 04:42 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration