Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"

Storing CGI data

by Petras (Friar)
on Nov 17, 2010 at 16:18 UTC ( #872013=perlquestion: print w/replies, xml ) Need Help??
Petras has asked for the wisdom of the Perl Monks concerning the following question:

Hey, hey!

Fast question: I've been told it's not good form to store data generated by a cgi script in the /cgi-bin/ directory (data like survey responses and counter increments and such). Where is a good place to store the data then?

Thanks and cheers!

poke 53280,0
poke 53281,0
ctrl+2 load "zork",8,1

West of House

Replies are listed 'Best First'.
Re: Storing CGI data
by marto (Archbishop) on Nov 17, 2010 at 16:28 UTC
Re: Storing CGI data
by moritz (Cardinal) on Nov 17, 2010 at 16:42 UTC
    The reason for not storing data in /cgi-bin/, or in the document root in general, is that a simple mis-configuration can easily expose that data to the general public.

    So either use a database as marto suggested, or store it somewhere completely different, like /var/data/, or in the home directory of the www user.

Re: Storing CGI data
by kcott (Chancellor) on Nov 17, 2010 at 16:44 UTC

    Data you've collected would probably be best stored in a database. However, if you need to store data directly to disk, the answer really depends on your directory structure. If, say, you store your logs in /var/logs, then perhaps /var/cgi_data might be appropriate.

    Things to consider would be how much data are you saving, how often are you saving this data, how long do you want to keep it for, how often does it need to be backed up, and so on. Basically, aim to get a complete picture of the overall impact of storing your data directly to disk. Armed with this information, you can consult with you SysAdmin or, if that happens to be you, use it to make informed decisions or perhaps use it as part of a management proposal to purchase additional hardware, request changes to backup procedures, change security arrangements and so on.

    -- Ken

Re: Storing CGI data
by sundialsvc4 (Abbot) on Nov 17, 2010 at 20:46 UTC

    You certainly want to store the data in some directory that is not anywhere in the HTML document-tree.   (That is to say, in a place that cannot be reached by means of a URL.)

    A very handy database to use, when you’d otherwise use “a flat file,” is:   SQLite (   This is a flat-file database system (i.e. “no server required”) that, believe it or not, is in the public domain.   Consequently, it winds up “damm near everywhere in the world,” probably including your own shirt-pocket.   It’s rock-solid, and it works.   (Like a furry warm-blooded winged denizen of the dark, freshly escaped from the domain of Beelzebub.)   It might not be the cat’s meow in your situation, but it is definitely worth considering.

      Consequently, it winds up “damm near everywhere in the world,” probably including your own shirt-pocket.
      They've ported SQLite to run on pocket lint now?

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://872013]
Approved by marto
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (6)
As of 2018-06-19 03:44 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (111 votes). Check out past polls.