Examination answers


Question 2 (CGI part, 4 marks)

- What is the least secure thing to do in a CGI script? (1 or 2 lines answer) (1 mark)

Allow the user to (directly or indirectly) access a command interpreter
on the server machine.

- Create a CGI script in C that prints its GET parameters (names and values) (3 marks)

#include <stdio.h> #include <stdlib.h> char unescapeURLchar (char c1, char c2) { register char c = (c1 >= 'A') ? ((c1 & 0xdf) - 'A')+10 : (c1 - '0'); c *= 16; c+= (c2 >= 'A') ? ((c2 & 0xdf) - 'A')+10 : (c2 - '0'); return c; } int main () { int c,c1,c2, i; if (!strcmp(getenv("REQUEST_METHOD"),"GET")) { char *query= getenv("QUERY_STRING"); /* *queryBeginning=query */ if (!query || !*query) { fprintf(stderr,"No query information to process\n"); return 0; } for (i=0; ((c = *query)); i++, query++) { if (c=='+') putchar(' '); else if (c=='%') { c1= *(++query); c2= *(++query); putchar(unescapeURLchar(c1,c2)); } else if (c=='=') putchar(' '); else if (c=='&') { putchar('\n'); i=-1; } else putchar(c); } if (i>0) putchar('\n'); } return 0; }

Question 1 (CSS part, 4 marks)

Create an HTML header such that:
a) links are by default blue on screen and underlined on printed copies (1 mark)
b) visited links red are on screen and in normal font on printed copies (1 mark)
c) paragraphs are justified and have a width of 20cm (1 mark)
d) unordered list elements are indented of 1cm to the right (1 mark)

Question 3 (HTML and Javascript part, 12 marks)

Create an HTML program such that:
a) it displays a text area and 5 buttons (1 mark)
b) it displays its GET parameters (3 marks)
c) it displays the document properties on 1 level (1 mark)
d) when the first button is clicked, the content of the text area
  is cleared (1 mark)
 e) when the third button is clicked, the content of the text area
  is displayed onto the status bar (1 mark)
f) when the fourth button is clicked, the content of the text area
  scrolls in the status bar (2 marks)
g) when the fifth button is clicked, it generates a window containing
  an button titled "YES" and a button titled "NO". When one of these buttons
  is clicked, the corresponding title should be put into the global variable
  "Result" in the HTML program (not the generated program, the parent one).
  (3 marks)

See the source of this document for the answers to the questions 1 and 3. Below are the results for Question 3.