1 / 40

Introduction to Server Side Includes (SSI)

Learn about Server Side Includes (SSI), a server-side HTML-embedded language that allows you to dynamically generate web pages, add small pieces of information, and reuse elements. Discover the advantages and disadvantages of SSI, how it works, and how to use SSI directives.

salgados
Download Presentation

Introduction to Server Side Includes (SSI)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Server Side Includes (SSI) Instructor: Joseph DiVerdi, Ph.D., MBA

  2. Server Side Includes • Server-Side, HTML-Embedded Language • Directives Included in HTML Document • Also Known As Commands or Placeholders • Replaced By The Server With HTML Content • Never Seen By the Browser • Looks Just Like Regular-old HTML • Not So Powerful As CGI • Saves You the Trouble of Writing Complete CGI Programs

  3. Server Side Includes • Server Receives Request for Document • Server Examines Document Content • Looking for SSI Directives • Process Known As "Parsing the File" • Server Replaces Directives With HTML Data • Current Time & Date • Contents of Another File • Last Modified Time & Date • Transmits Document to Client

  4. SSI Interaction

  5. SSI Usage • Create Framework for Pages Which Are Dynamically Generated • Elements Which Are Repeatedly Used • Navigation Bar or Header • Elements Which Are Changing • Message of the Day • Last Modified Date • Current Time & Date • Elements Dependent on Environment Variables • Content Varied by Browser Type

  6. SSI Advantages • There Are Many Advantages To Using SSI: • Shallow Learning Curve • Fairly Easy To Learn • Broad Support of SSI by Several Different Servers • Up-To-The-Minute Information to Viewers • No Browser Dependence Like JavaScript • Dependent Upon Server • SSI Cannot Be Seen by Viewers • Unlike JavaScript • Easier to Implement Than Full-up CGI Programs

  7. SSI Disadvantages • Yes, There Are Some Disadvantages: • It Takes More Work for Server to Parse & Deliver Documents Than to Deliver Documents • Slower Response Per Document and/or • Limited Ability to Handle High Request Rate • Greater Security Risk • Principally If Command Execution is Enabled • SSI Directives Are Limited In Power • Need More? Use PHP and/or CGI

  8. To Use Or Not To Use • A Matter of How Much of the Page Is Static • How Much Needs to Be Recalculated Every Time the Page Is Served • SSI Is a Great Way to Add Small Pieces of Information • If a Majority of Your Page Is Being Generated at the Time That It Is Served, You Need Another Solution

  9. SSI Syntax • All SSI Directives Use the Format: <!--#command arg1="value1" arg2="value2" ... --> • Where: • Directive Is Contained in an HTML Comment • Command Begins With a Sharp - "#" • There Is No Space Between Comment Start & Sharp • Command Is an SSI Keyword • arg1, arg2, ... Are the Names of the Arguments • value1, value2, ... Are the Values of The Arguments • Quotes Are Not Always Required Around Values • But a Very Good Idea

  10. SSI Syntax • Allowed Commands: • echo • include • fsize • flastmod • exec • printenv • set • is, elif, else, endif • config

  11. HTML-Embedded Language • Before Transmitting Document to Client • Server Examines Document Looking for SSI Directives • Also Known As "Parsing the File" • Server Then Inserts Requested Data

  12. SSI Document on Server <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --> </BODY> </HTML>

  13. HTML received by Client <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: 6:10 PM (MT) on May 15, 1865 </BODY> </HTML>

  14. Dynamic Content Using SSI <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --> </BODY> </HTML> • Create a File Named ssi_test.shtml • File Must Have a ".shtml" Suffix to Work

  15. Dynamic Content Using SSI <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --><BR> Last modified: <!--#echo var="LAST_MODIFIED" --><BR> </BODY> </HTML>

  16. Dynamic Content Using SSI <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --><BR> Last modified: <!--#echo var="LAST_MODIFIED" --><BR> Welcome to my server at: <!--#echo var="SERVER_NAME" --><BR> </BODY> </HTML>

  17. Dynamic Content Using SSI <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --><BR> Last modified: <!--#echo var="LAST_MODIFIED" --><BR> Welcome to my server at: <!--#echo var="SERVER_NAME" --><BR> Your host's IP address is: <!--#echo var="REMOTE_ADDR" --><BR> Your host's name is: <!--#echo var="REMOTE_HOST" --><BR> </BODY> </HTML>

  18. Dynamic Content Using SSI <HTML> <HEAD> <TITLE>Current Time</TITLE> </HEAD> <BODY> It is now: <!--#echo var="DATE_LOCAL" --><BR> Last modified: <!--#echo var="LAST_MODIFIED" --><BR> Welcome to my server at: <!--#echo var="SERVER_NAME" --><BR> Your host's IP address is: <!--#echo var="REMOTE_ADDR" --><BR> Your host's name is: <!--#echo var="REMOTE_HOST" --><BR> Your user agent is: <!--#echo var="HTTP_USER_AGENT" --> </BODY> </HTML>

  19. Environment Variables <HTML> <HEAD><TITLE></TITLE></HEAD> <BODY> <PRE> <!--#printenv --> </PRE> </BODY> </HTML> • Create a File Named env.shtml

  20. Server Configuration • Server Must Know Which Documents to Parse for SSI Directives • Too Much Server Load to Parse Every Document • Several Server Options • Parse Certain Directory or Directories • Parse Documents With Certain Extensions • Usually ".shtml" • Security-Minded Server Option • Enable External Program Execution

  21. Server Configuration • Site Administrator Enables SSI • On a Directory-By-Directory Basis • Performed Using Server Configuration File • Server Must be Restarted • For Changes To Take Effect

  22. Sample Server Configuration <Directory /home/*/html> Options MultiViews IncludesNoExec AllowOverride FileInfo AuthConfig Limit </Directory> • "Options Includes" • Server-Side Includes Are Permitted • "Options IncludesNoExec" • Server-Side Includes Are Permitted • The #exec Command Is Disabled • linus Is Configured With IncludesNoExec

  23. Server Configuration • Site Administrator May Set Server Configuration To Permit You To Enable SSI Yourself • Using Directory-Specific htaccess Files • Directives Are Not Just For Authentication • They Are General Purpose Tools

  24. Server Configuration <Directory /home/*/html> Options MultiViews AllowOverride FileInfo AuthConfig Limit Options </Directory> • "AllowOverride Options" • Permits the Web Developer to Enable Certain Features & Functions • On a Directory-by-directory Basis • Using htaccess Files

  25. Sample htaccess File Options +IncludesNoExec • Server-Side Includes Are Permitted • The #exec Command Is Disabled • Plus Indicates That This Directive Merges Options Directives With Those Already In Effect • Rather Than Superceding Them • The Use of This Directive Is Not Necessary On linus Because SSI Is Already Enabled

  26. SSI Without Extensions • Server Efficiency Requires Selective Use of SSI • Because of Additional Server Load Caused by Document Parsing • Using a Special Extension Is One Way to Do It • Obvious to Knowledgeable Viewer • Inclusion or Exclusion Requires Links Update • It Is Possible to Identify SSI Documents • Behind the Scenes • Without the Use of a Special Extension • Without Letting the Viewer Know About It

  27. SSI Without Extensions • Use a Directive Known As XbitHack • Enable SSI in a Particular Directory or Entire Server • Same Location Rules As Options & AllowOverride Directives • Used in Server Configuration File or htaccess Files • Use File Permissions • Enable SSI on a Particular File

  28. SSI Without Extensions • Use a Directive Known As XBitHack • Enable SSI in a Particular Directory or Entire Server • Same Location Rules As Options & AllowOverride Directives • Used in Server Configuration File or htaccess Files • Use File Permissions • Enable SSI on a Particular File • This is Only Available on UNIX Servers • Because Only UNIX Offers Suitable File Permissions

  29. XBitHack Directive • Syntax: XBitHack on | off | full • Default is off • off - No special treatment of executable files • on - Any File That With User-Execute Bit Set Will Be Treated As an SSI HTML Document • User-Execute Bit Is Also Known As Owner-Execute Bit • full - For More Information See: http://httpd.apache.org/docs/mod/mod_include.html#xbithack

  30. Adding a htaccess File • Create htaccess File in Your HTML Directory • Edit It to Include the Following: XBitHack on • That's It

  31. Setting the User-Execute Bit • Standard Procedure • Provide the Minimum Amount of Permission to Each File to Accomplish Goal • For HTML Files This Means 644 in Octal Format rw-r--r-- in Bit Format • User: Read, Write • Group: Read • Other: Read

  32. Setting the User-Execute Bit • To Signal That a Particular HTML File Contains SSI Turn on the User Execute Bit • For HTML Files This Means 744 in Octal Format rwxr--r-- in Bit Format • User: Read, Write, Execute • Group: Read • Other: Read

  33. SSI Without Extensions • Modify ssi_test.shtml File • Change Extension to ".html" • Use Html-Kit to Accomplish This Task • Change Permission From 644 to 744 • Use Tera Term Pro to Accomplish This Task • Log In to Your Account • Navigate to Appropriate Directory Using cd Command cd html • Use Change Mode Command: chmod 744 ssi_test.html • Test ssi_test.html Using Your Browser

  34. The #exec Command

  35. Including Files

  36. Included Files & LAST_MODIFIED

  37. Conditional Execution

  38. Modifying Timestamp Format

  39. Accessing the Query String

  40. Apache SSI Documentation • Apache Organization "How-To" http://httpd.apache.org/docs/howto/ssi.html • Apache Week Short Tutorial http://www.apacheweek.com/features/ssi

More Related