Using apache with C

[ccurran689]

I am building a remote control car, I have the code for making the car move forward and i am wanting to make an Apache server where you can push the forward arrow and it will activate this code on the PI, I've been looking around and I think I have to make an Apache module in C. Any help or links would be greatly appreciated, Thanks!

[DougieLawson]

CGI programs which run in Apache2 (driven from <FORM ACTION=cgi-program-uri METHOD=GET> or from <FORM ACTION=cgi-program-uri METHOD=POST>) can be written in any sensible programming language.

The thing you've got to struggle with is that those programs run with UID=www-data GID=www-data and DO NOT have root privileges (and it's a very Bad Idea™ to give them root privileges). If you need root for GPIO you need to think again and work out any other way to do it.

Joan's exceedingly good pigpiod helps avoid the root needed for GPIO problem.

[-rst-]

...UID=www-data GID=www-data and DO NOT have root privileges (and it's a very Bad Idea™ to give them root privileges). ...

I would assume this only applies if the computer running the web server is connected to internet (or 'intranet' with possibly malicious users) - or am I missing something else?

[DougieLawson]

...UID=www-data GID=www-data and DO NOT have root privileges (and it's a very Bad Idea™ to give them root privileges). ...

I would assume this only applies if the computer running the web server is connected to internet (or 'intranet' with possibly malicious users) - or am I missing something else?

The problem with that assumption is that it may not be connected today, but in six months time the security exposure still exists when the OP opens his/her web server port for some other reason for some other project while forgetting that this is in place.

It's simply better to never open that can of worms. I think with a 4.1.7 (or higher) kernel and the gpiomem module it's going to be easier to wiggle GPIO pins from Apache2 (or Lighttpd or NGINX) without needing sudo or root privileges. I just have to find a way to set the environment variable that's needed by Gordon's WirringPi to run as a www-data CGI program.

[-rst-]

...UID=www-data GID=www-data and DO NOT have root privileges (and it's a very Bad Idea™ to give them root privileges). ...

I would assume this only applies if the computer running the web server is connected to internet (or 'intranet' with possibly malicious users) - or am I missing something else?

The problem with that assumption is that it may not be connected today, but in six months time the security exposure still exists when the OP opens his/her web server port for some other reason for some other project while forgetting that this is in place.
...

Valid point.

I would guess for many 'typical RPi GPIO to web users' a micro web framework similar to flask, tornado and the likes for Python would be a better choice. Maybe http://www.koanlogic.com/klone/index.html or https://github.com/ipkn/crow