Dynamic Web Programming

Download Report

Transcript Dynamic Web Programming 

Dynamic Web Programming
Dr. Hsiang-Fu Yu
National Taipei University of
Education
Original by Andy Powell
Overview




‘Dynamic’ = ‘Interactive‘
Web Form
Common Gateway Interface (CGI)
Server-side programming


Client-side programming



Perl, PHP, ASP
Javascript, Java
Database connectivity
Security
2
Why interact?
Registration and requests for
information
 User feedback
 Dynamic information


Particular services might want to
solicit contributions from people
3
Simple Web form
<html>
<head><title>simple form</title></head>
<body>
<form name="simpleForm" method=“get"
action="simpleHandler.cgi">
Your email address:
<input type="text" name="email">
<input type="submit" value="Submit">
</form>
</body>
</html>
4
Interacting With Web Forms

Steps




Validate user input
Process user input
Generate a response
These three steps may be done within



the Web browser (client-side) or
the Web server (server-side) or
some combination of both
5
Common Gateway Interface
(CGI)


Mechanism for a Web browser to send
data to a Web server
Allow browser to submit data to a
program running on the server


Program is often called a ‘CGI script’,
typically written in Perl, PHP or ASP
Or an execution binary file, compiled from
a programming language such as C
6
CGI (cont.)
Used primarily for form submission
 Also be used to upload local files
 ‘CGI’ URLs often contain ‘?’ and ‘&’
characters
 Output from CGI usually dynamic and
therefore not cached

7
CGI (cont.)
Web
form
Email
Data sent
using
CGI
Web browser
File
Web server
Results
Database
8
CGI Programming - Perl







Perl - Practical Extraction and Report
Language
Developed as general purpose (UNIX) utility
Freely available on all platforms (though most
often used under UNIX)
Very good at manipulating textual data
Interpreted - so fast development cycle
A new Perl process is started for each new
CGI script, so can be heavy on resources
Many modules are freely available. See CPAN
9
<www.cpan.org>
What do I need to do





Install Perl (if you have a UNIX box, it is
already installed.)
Install at least the CGI.pm Perl module from
CPAN
Configure your Web server to recognise files
ending in ‘.pl’ (and ‘.cgi’) as Perl programs
Buy one of the O’Reilly Perl books
Visit <www.perl.org> and <www.perl.com>
for tutorials, tips, and example code
10
CGI Programming - PHP



PHP - originally stood for Personal Home
Pages
C-style language
HTML embedded scripting language




PHP commands are embedded into the HTML
page
Hidden inside HTML comments
Freely available - <www.php.net>
Lots of code available
11
CGI Programming – PHP
(cont.)



Tight integration with databases particularly with MySQL
Quick development time for database
driven applications
Available under UNIX and Windows
12
What do I need to do
Install PHP
 Configure Web server to recognise files
ending in ‘.php’, ‘.php3’ and ‘.php4’ as
PHP-enabled pages
 Buy the O’Reilly PHP book!
 Visit <uk.php.net> and
<www.phpwizard.net> for tutorials and
sample code

13
CGI Programming - ASP
ASP - Active Server Pages developed by
Microsoft
 HTML embedded scripting language
 bundled in with MS Web server, e.g. IIS
 Free and commercial UNIX version
available (though not sure about
compatibility)
 GUI development tools available

14
What do I need to do
If you are using Microsoft Web server, it
should all be ready to go.
 If you are using a UNIX-based server,
use Perl or PHP.
 Check your Microsoft documentation
 Visit <www.learnasp.com>

15
JavaScript
A browser programming language
developed originally by Netscape
 Simple language - not Java
 Object-oriented approach
 Embedded into HTML Web page
between <script> and </script> tags
 Can also <link> to external JavaScript
file

16
JavaScript and Forms


JavaScript typically used in combination with
forms to validate input
Simple ‘event’ model, e.g.




Use ‘onChange’ or ‘onClick’ methods to validate
input before sending data to server-side CGI script
Check that email addresses have ‘@’ in them
Check that numbers contain only digits
Check that mandatory fields are filled in
17
What do I need to do




Nothing to install! JavaScript is supported by
the major graphical browsers.
Buy the O’Reilly JavaScript book.
Visit <www.javascript.com>
Warning - if you enhance your Web forms
using JavaScript, make sure that they still
work if JavaScript is disabled in the browser.
18
Java
Developed by Sun - not standardised
 Supposedly write-once/run anywhere,
supposedly secure
 Applications - stand-alone
 Applets - embedded into browser
 Interpreted by the Java Virtual Machine
(JVM)

19
Java (cont.)

Applets have not taken off widely





Inconsistencies between JVM implementations
Resource requirements
Can be embedded into server-side
applications - Java Server Pages
Good support for database connectivity
Good GUI development environments
available
20
What do I need to do




Install Java 2 SDK (Software Developers Kit)
Try it by hand-coding using text editor initially
Buy one of the O’Reilly Java books.
Visit <java.sun.com/docs/books/tutorial/> for
introduction to Java
21
Database Connectivity

Data from a Web form is




processed directly and used as basis for
response to users
e-mailed to someone for further processing
saved to a file (for further processing)
processed/stored in a database
22
Open Database Connectivity
(ODBC)
Developed by Microsoft
 Generic interface to databases
 A CGI script developed using ODBC and
SQL should work against any SQL
database that offers an ODBC driver



Oracle, MS-Access, MySQL
Perl, PHP and ASP all offer access to
databases via ODBC
23
Security
Web sites that offer interaction through
CGI scripts are inherently a little more
insecure than sites that don’t
 Watch out that



Critical files can’t be downloaded or
overwritten
Other programs can’t be uploaded or
started unintentionally
24
Using Cookies

Remember preferences using cookies





Usually user name and password
‘cookies’ are small chunks of information that
are stored in the browser but shared with the
server
Developed by Netscape but widely adopted
Cookies should be only shared with the server
that set them
Support for cookies in Perl, PHP and ASP
25
Summary


It is useful to know these basics
Don’t need to develop all the CGI scripts
yourself



Products like Microsoft Frontpage come with
bundled suites of CGI utilities.
Use externally hosted services
Build on what’s already out there - chances
are that someone has already developed the
CGI script you need
26