Dynamic Web Programming

coordinatedcapableSoftware and s/w Development

Nov 4, 2013 (3 years and 7 months ago)

47 views

Dynamic Web Programming

Dr. Hsiang
-
Fu Yu

National Taipei University of
Education

Original by Andy Powell

2

Overview



Dynamic


=

Interactive



Web Form


Common Gateway Interface (CGI)


Server
-
side programming


Perl, PHP, ASP


Client
-
side programming


Javascript, Java


Database connectivity


Security

3

Why interact?


Registration and requests for
information


User feedback


Dynamic information


Particular services might want to
solicit contributions from people

4

Simple Web form

<html>

<head><title>simple form</title></head>

<body>

<form name="simpleForm" method=

get"
action="simpleHandler.cgi">

Your email address:

<input type="text" name="email">

<input type="submit" value="Submit">

</form>

</body>

</html>

5

Interacting With Web Forms


Steps


Validate user input


Process user input


Generate a response


These three steps may be done within


the Web browser (client
-
side) or


the Web server (server
-
side) or


some combination of both

6

Common Gateway Interface
(CGI)


Mechanism for a Web browser to send
data to a Web server


Allow browser to submit data to a
program running on the server


Program is often called a

CGI script

,
typically written in Perl, PHP or ASP


Or an execution binary file, compiled from
a programming language such as C

7

CGI (cont.)


Used primarily for form submission


Also be used to upload local files



CGI


URLs often contain

?


and

&


characters


Output from CGI usually dynamic and
therefore not cached

8

CGI (cont.)

Web

form

Results

Data sent

using

CGI

Email

File

Database

Web browser
Web server
9

CGI Programming
-

Perl


Perl
-

Practical Extraction and Report
Language


Developed as general purpose (UNIX) utility


Freely available on all platforms (though most
often used under UNIX)


Very good at manipulating textual data


Interpreted
-

so fast development cycle


A new Perl process is started for each new
CGI script, so can be heavy on resources


Many modules are freely available. See CPAN
<www.cpan.org>

10

What do I need to do


Install Perl (if you have a UNIX box, it is
already installed.)


Install at least the CGI.pm Perl module from
CPAN


Configure your Web server to recognise files
ending in

.pl


(and

.cgi

) as Perl programs


Buy one of the O

Reilly Perl books


Visit <www.perl.org> and <www.perl.com>
for tutorials, tips, and example code

11

CGI Programming
-

PHP


PHP
-

originally stood for Personal Home
Pages


C
-
style language


HTML embedded scripting language


PHP commands are embedded into the HTML
page


Hidden inside HTML comments


Freely available
-

<www.php.net>


Lots of code available

12

CGI Programming


PHP
(cont.)


Tight integration with databases
-

particularly with MySQL


Quick development time for database
driven applications


Available under UNIX and Windows

13

What do I need to do


Install PHP


Configure Web server to recognise files
ending in

.php

,

.php3


and

.php4


as
PHP
-
enabled pages


Buy the O

Reilly PHP book!


Visit <uk.php.net> and
<www.phpwizard.net> for tutorials and
sample code

14

CGI Programming
-

ASP


ASP
-

Active Server Pages developed by
Microsoft


HTML embedded scripting language


bundled in with MS Web server, e.g. IIS


Free and commercial UNIX version
available (though not sure about
compatibility)


GUI development tools available

15

What do I need to do


If you are using Microsoft Web server, it
should all be ready to go.


If you are using a UNIX
-
based server,
use Perl or PHP.


Check your Microsoft documentation


Visit <www.learnasp.com>

16

JavaScript


A browser programming language
developed originally by Netscape


Simple language
-

not

Java


Object
-
oriented approach


Embedded into HTML Web page
between <script> and </script> tags


Can also <link> to external JavaScript
file

17

JavaScript and Forms


JavaScript typically used in combination with
forms to validate input


Simple

event


model, e.g.


Use

onChange


or

onClick


methods to validate
input before sending data to server
-
side CGI script


Check that email addresses have

@


in them


Check that numbers contain only digits


Check that mandatory fields are filled in

18

What do I need to do


Nothing to install! JavaScript is supported by
the major graphical browsers.


Buy the O

Reilly JavaScript book.


Visit <www.javascript.com>


Warning

-

if you enhance your Web forms
using JavaScript, make sure that they still
work if JavaScript is disabled in the browser.

19

Java


Developed by Sun
-

not standardised


Supposedly write
-
once/run anywhere,
supposedly secure


Applications
-

stand
-
alone


Applets
-

embedded into browser


Interpreted by the Java Virtual Machine
(JVM)

20

Java (cont.)


Applets have
not

taken off widely


Inconsistencies between JVM implementations


Resource requirements


Can be embedded into server
-
side
applications
-

Java Server Pages


Good support for database connectivity


Good GUI development environments
available

21

What do I need to do


Install Java 2 SDK (Software Developers Kit)


Try it by hand
-
coding using text editor initially


Buy one of the O

Reilly Java books.


Visit <java.sun.com/docs/books/tutorial/> for
introduction to Java

22

Database Connectivity


Data from a Web form is


processed directly and used as basis for
response to users


e
-
mailed to someone for further processing


saved to a file (for further processing)


processed/stored in a database

23

Open Database Connectivity
(ODBC)


Developed by Microsoft


Generic interface to databases


A CGI script developed using ODBC and
SQL should work against any SQL
database that offers an ODBC driver


Oracle, MS
-
Access, MySQL


Perl, PHP and ASP all offer access to
databases via ODBC

24

Security


Web sites that offer interaction through
CGI scripts are inherently a little more
insecure than sites that don

t


Watch out that


Critical files can

t be downloaded or
overwritten


Other programs can

t be uploaded or
started unintentionally

25

Using Cookies


Remember preferences using cookies


Usually user name and password



cookies


are small chunks of information that
are stored in the browser but shared with the
server


Developed by Netscape but widely adopted


Cookies should be only shared with the server
that set them


Support for cookies in Perl, PHP and ASP

26

Summary


It is useful to know these basics


Don

t need to develop all the CGI scripts
yourself


Products like Microsoft Frontpage come with
bundled suites of CGI utilities.


Use externally hosted services


Build on what

s already out there
-

chances
are that someone has already developed the
CGI script you need