Anda di halaman 1dari 19

Web Technology and

Programming
Objective: To expose the students with
client and server side web
programming
Scope of tutorial

The Server Tier:


Web Server Concept, Creating Dynamic content,
using control flow to control dynamic control
generation, Sessions and State, Error handling,
Authentication, Architecting Web Application,
Using tag libraries, Writing tag libraries

Introduction to Advanced Server side Issues


Web – yes, definitely World Wide Web

History – no history at all i.e.in 1990, Tim


Berners-Lee developed www.
WWW allows users to locate and view
multimedia-based documents (through
internet).
Web technology - a basic foundation??

Architectural approach – client/server


A client – A web browser
A server – A web server
The Server Tier
In a typical Multitiered Web Application
- A top-tier,client, directly interacts
with user.
- A bottom-tier is the database
- A middle tier consists all the logic
(powered by server)
Web Server

A black box, a magic box, a processor ????


A big buzz is all about IIS (Internet Information
services) and Apache (A patchy server - indeed).

“A web server is a computer that is designed to


act as a hub for a number of computers that
form a network.”
Web Server

Lets be more specific:


-a network server that manages access to files,
folders and other resources over the internet
or a local intranet via the platform-neutral
HTTP.
-Handles permissions, execute programs, keep
track of directories and files and communicate
with client computers.
-A number of server-side technologies can be
used to increase the power of the server like
CGI scripts, SSL etc.
Overview of fairly popular web
servers
Server-side Scripting
Scope of execution of scripts – so far away.
-resides on the server and provides flexibility –
especially with database access.
-Generates custom responses for clients.
-Unlike client-side scripts they are not viewable.
-avoid client side scripting – don’t be that mean.
(validation, interactivity, Dynamic HTML require it.)

ASP, Active Server Pages – a pick of a day, my man


of matches
Active Server Pages
“VBScript has become the de facto standard for
writing server-side Active Server Pages”

Server side scripts can reside along with client


side scripts and HTML in a same single page. An
asp file has an extension as .asp.

At server asp.dll parses the ASP file.


Enclose ASP scripts within “<%” and “%>”
Use @Language statement for clarity.
Use option explicit for avoiding logical errors due
to misspelled variables.
Creating Dynamic Content
Example

A client sends request in following methods;


GET – gets information from the server.
POST – posts data to the server using form to
server-side form handler.
Ways to Send/Get Information
from one ASP Page to Another

-the GET method


-the POST method
-using session variables
-passing variables through link
Pros and Cons of Session Variables
Session Variables are similar to global
variables in any programming language.

Pros:

•If you have a variable that needs to be passed


around to a lot of web pages, it may simplify things
to use a Session variable, rather than passing the
variable around through the QueryString.
Pros and Cons of Session Variables
•Session variables allow for customization of a web
site. Each visitor to your site can have a
customized experience. While this is true, it is also
true that with the advent of LDAP and items such
as MS Site Server and the like, it is no longer
necessary to put all of your customization that is
dependent upon user preference into session
variables.

•Session variables take you one step closer to VB


programming in the sense that you can grab one
without initializing the variable, use it whenever
you want to, and not have to worry about releasing
it when you've finished using it.
Pros and Cons of Session Variables

Cons:

•Session variables and cookies are synonymous. So if a user has set


his browser not to accept any cookies, your Session variables won't
work for that particular web surfer!
An instance of each session variable is created when a user
visits the page, and these variables persist for 20 minutes
AFTER the user leaves the page! (Actually, these variables
persist until they "timeout". This timeout length is set by the
web server administrator. I have seen sites that the
variables will collapse in as little as 3 minutes, and others
that persist for 10, and still others that persist for the default
20 minutes. ) So, if you put any large objects in the Session
(such as ADO recordsets, connections, etc.), you are asking
for serious trouble! As the number of visitors increase, your
server will experience dramatic performance woes by
placing large objects in the Session!
•Since Session variables can be created on the fly, used
whenever, and do not require the developer to dispose of them
explicitly, the overuse of Session variables can lead to very
unreadable and unmaintainable code.

•Session variables take you one step closer to VB


programming in the sense that you can grab one without
initializing the variable, use it whenever you want to, and not
have to worry about releasing it when you've finished using it.
And WHO wants to go there? Not me.
Using @ENABLESESSIONSTATE

You can explicitly tell IIS that you aren't


using any Session variables for a particular
ASP page. All you need to do is add this
single line of code at the top of your ASP
page:

<%@ ENABLESESSIONSTATE=False %>


What is Authentication?
Verifying that a visitor is authorized to visit a particular
part of your website (usually via a username and
password) is called Authentication. Authentication
allows you to control the access to your entire website.

What are my choices?

IIS NT Challenge Response


IIS Basic Authentication
Cookie Based Authentication with ASP pages
A Basic Database Authentication