Can CGI scripts be compiled or must they be in plaintext and runtime interpreted?
E
CGI Scripts
Moderators: Klaus, FourthWorld, heatherlaine, kevinmiller, robinmiller
-
FourthWorld
- VIP Livecode Opensource Backer
- Posts: 8418
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: CGI Scripts
Are you looking for speed or security?
Richard Gaskin
LiveCode Community Liaison
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode Community Liaison
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: CGI Scripts
Generally load / execution speed but also security around IP protection especially where one has to embedd plaintext passwords for database connections
E
E
-
FourthWorld
- VIP Livecode Opensource Backer
- Posts: 8418
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: CGI Scripts
LiveCode is, as its name implies, a dynamically-compiled language, so there is no method by which we can compile to pure object code. In this regard it's very similar to other popular server scripting languages (Python, JavaScript, Perl, PHP, etc.), so I think you'll find the performance at least on par with those.
Data security is always a good concern, and you have as many options as those using other server scripting languages, such as keeping sensitive data outside the site's root folder, storing it with encryption, etc.
And with LiveCode you have at least two additional options:
If you're using the Commercial Edition of the server engine, you can include password-protected libraries which can be called from your scripts. A password-protected stack is stored on disk encrypted, making it a good option for sensitive data which may be included in scripts.
Another option might be to consider a Linux standalone as a CGI, but as much as I've enjoyed that for some specialized deployments I'll admit it's more work to set up, and lacks the syntactic sugar of the Server's implied "merge" functionality that makes using LC Server such a joy.
Data security is always a good concern, and you have as many options as those using other server scripting languages, such as keeping sensitive data outside the site's root folder, storing it with encryption, etc.
And with LiveCode you have at least two additional options:
If you're using the Commercial Edition of the server engine, you can include password-protected libraries which can be called from your scripts. A password-protected stack is stored on disk encrypted, making it a good option for sensitive data which may be included in scripts.
Another option might be to consider a Linux standalone as a CGI, but as much as I've enjoyed that for some specialized deployments I'll admit it's more work to set up, and lacks the syntactic sugar of the Server's implied "merge" functionality that makes using LC Server such a joy.
Richard Gaskin
LiveCode Community Liaison
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode Community Liaison
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: CGI Scripts
I would second putting anything sensitive (passwords etc) into a config file in an access restricted folder outside of web server root and having the script load it as needed.
This is also a good thing to do with anything configuration related - anything that might have to be updated (paths, urls for services you connect to, etc) can be stored outside of the script, allowing you to easily change it as needed, without having to go in and modify the script. I keep all my stuff separated like this and it makes maintenance much easier.
This is also a good thing to do with anything configuration related - anything that might have to be updated (paths, urls for services you connect to, etc) can be stored outside of the script, allowing you to easily change it as needed, without having to go in and modify the script. I keep all my stuff separated like this and it makes maintenance much easier.