This book is an update to the publisher's CGI Programming on the World Wide Web by Shishir Gundavaram, which I have not read.
The first couple of chapters are an introduction, and for me at least, they filled in a lot of information gaps. I'm not a webmaster, so I have always just learned what I needed to, in order to get the job done. Now I have a better understanding of the basics.
Part of the process of going through this book is building on what
you learned in earlier chapters, so if you already know certain things,
you may read some of the beginning material and think that there is a
better way, and you would be correct. For example, why write your own
forms handler, when you can use
CGI.pm? (On the other hand,
I still prefer
printing my HTML output (usually with HERE documents) to using
simply because it's obvious what the markup is. I prefer knowing exactly
what output I'm generating by seeing it directly.)
The book would be incomplete without talking about security. The topic is handled fairly well, though more generally than specifically. For example, the authors will not give you a universal regex for untainting your variables. Rather, they guide you the opposite direction, encouraging you to figure out what data to accept than what to reject. I was encouraged to see a separate discussion on sending email, which included gotchas which, contrary to their assertion, continue to see extensive exploitations - the formmail.cgi script comes to mind.
My only complaint is with the chapter on site searching. The authors provide details on setting up an inverted index search and a CGI to provide the results, but there are many other methods, such as htdig, or even providing a Google search form. I would have liked to see some details for alternate search methods.
All in all, a clearly written book with plenty of examples and guidelines.