270 likes | 446 Views
Dynamic Web Programming. Dr. Hsiang-Fu Yu National Taipei University of Education Original by Andy Powell. Overview. ‘ Dynamic ’ = ‘ Interactive ‘ Web Form Common Gateway Interface (CGI) Server-side programming Perl, PHP, ASP Client-side programming Javascript, Java
E N D
Dynamic Web Programming Dr. Hsiang-Fu Yu National Taipei University of Education Original by Andy Powell
Overview • ‘Dynamic’ = ‘Interactive‘ • Web Form • Common Gateway Interface (CGI) • Server-side programming • Perl, PHP, ASP • Client-side programming • Javascript, Java • Database connectivity • Security
Why interact? • Registration and requests for information • User feedback • Dynamic information • Particular services might want to solicit contributions from people
Simple Web form <html> <head><title>simple form</title></head> <body> <form name="simpleForm" method=“get" action="simpleHandler.cgi"> Your email address: <input type="text" name="email"> <input type="submit" value="Submit"> </form> </body> </html>
Interacting With Web Forms • Steps • Validate user input • Process user input • Generate a response • These three steps may be done within • the Web browser (client-side) or • the Web server (server-side) or • some combination of both
Common Gateway Interface (CGI) • Mechanism for a Web browser to send data to a Web server • Allow browser to submit data to a program running on the server • Program is often called a ‘CGI script’, typically written in Perl, PHP or ASP • Or an execution binary file, compiled from a programming language such as C
CGI (cont.) • Used primarily for form submission • Also be used to upload local files • ‘CGI’ URLs often contain ‘?’ and ‘&’ characters • Output from CGI usually dynamic and therefore not cached
Web form Email Data sent using CGI File Results Database CGI (cont.)
CGI Programming - Perl • Perl - Practical Extraction and Report Language • Developed as general purpose (UNIX) utility • Freely available on all platforms (though most often used under UNIX) • Very good at manipulating textual data • Interpreted - so fast development cycle • A new Perl process is started for each new CGI script, so can be heavy on resources • Many modules are freely available. See CPAN <www.cpan.org>
What do I need to do • Install Perl (if you have a UNIX box, it is already installed.) • Install at least the CGI.pm Perl module from CPAN • Configure your Web server to recognise files ending in ‘.pl’ (and ‘.cgi’) as Perl programs • Buy one of the O’Reilly Perl books • Visit <www.perl.org> and <www.perl.com> for tutorials, tips, and example code
CGI Programming - PHP • PHP - originally stood for Personal Home Pages • C-style language • HTML embedded scripting language • PHP commands are embedded into the HTML page • Hidden inside HTML comments • Freely available - <www.php.net> • Lots of code available
CGI Programming – PHP (cont.) • Tight integration with databases - particularly with MySQL • Quick development time for database driven applications • Available under UNIX and Windows
What do I need to do • Install PHP • Configure Web server to recognise files ending in ‘.php’, ‘.php3’ and ‘.php4’ as PHP-enabled pages • Buy the O’Reilly PHP book! • Visit <uk.php.net> and <www.phpwizard.net> for tutorials and sample code
CGI Programming - ASP • ASP - Active Server Pages developed by Microsoft • HTML embedded scripting language • bundled in with MS Web server, e.g. IIS • Free and commercial UNIX version available (though not sure about compatibility) • GUI development tools available
What do I need to do • If you are using Microsoft Web server, it should all be ready to go. • If you are using a UNIX-based server, use Perl or PHP. • Check your Microsoft documentation • Visit <www.learnasp.com>
JavaScript • A browser programming language developed originally by Netscape • Simple language - not Java • Object-oriented approach • Embedded into HTML Web page between <script> and </script> tags • Can also <link> to external JavaScript file
JavaScript and Forms • JavaScript typically used in combination with forms to validate input • Simple ‘event’ model, e.g. • Use ‘onChange’ or ‘onClick’ methods to validate input before sending data to server-side CGI script • Check that email addresses have ‘@’ in them • Check that numbers contain only digits • Check that mandatory fields are filled in
What do I need to do • Nothing to install! JavaScript is supported by the major graphical browsers. • Buy the O’Reilly JavaScript book. • Visit <www.javascript.com> • Warning - if you enhance your Web forms using JavaScript, make sure that they still work if JavaScript is disabled in the browser.
Java • Developed by Sun - not standardised • Supposedly write-once/run anywhere, supposedly secure • Applications - stand-alone • Applets - embedded into browser • Interpreted by the Java Virtual Machine (JVM)
Java (cont.) • Applets have not taken off widely • Inconsistencies between JVM implementations • Resource requirements • Can be embedded into server-side applications - Java Server Pages • Good support for database connectivity • Good GUI development environments available
What do I need to do • Install Java 2 SDK (Software Developers Kit) • Try it by hand-coding using text editor initially • Buy one of the O’Reilly Java books. • Visit <java.sun.com/docs/books/tutorial/> for introduction to Java
Database Connectivity • Data from a Web form is • processed directly and used as basis for response to users • e-mailed to someone for further processing • saved to a file (for further processing) • processed/stored in a database
Open Database Connectivity (ODBC) • Developed by Microsoft • Generic interface to databases • A CGI script developed using ODBC and SQL should work against any SQL database that offers an ODBC driver • Oracle, MS-Access, MySQL • Perl, PHP and ASP all offer access to databases via ODBC
Security • Web sites that offer interaction through CGI scripts are inherently a little more insecure than sites that don’t • Watch out that • Critical files can’t be downloaded or overwritten • Other programs can’t be uploaded or started unintentionally
Using Cookies • Remember preferences using cookies • Usually user name and password • ‘cookies’ are small chunks of information that are stored in the browser but shared with the server • Developed by Netscape but widely adopted • Cookies should be only shared with the server that set them • Support for cookies in Perl, PHP and ASP
Summary • It is useful to know these basics • Don’t need to develop all the CGI scripts yourself • Products like Microsoft Frontpage come with bundled suites of CGI utilities. • Use externally hosted services • Build on what’s already out there - chances are that someone has already developed the CGI script you need