E-CommerceCMM503 – Lecture 8

Stuart Watt

S.N.K.Watt@rgu.ac.uk

Room C2

Summary of this week

• Learning outcomes– A basic understanding of server-side scripting,

and its main differences from client-side scripting

– Able to set up a basic site using Microsoft’s Internet Information Services

– A basic understanding of the Active Server Pages object model

Part 1

Server-side scripting and Internet Information Services

1 An overview of server-side scripting

Client Server

Request

Response

JavaScript, or another client-side script, can change your HTML page here, using script tags

JavaScript, or another server-side script, can change your page here, using Active Server Pages

1.1 Why use server-side scripting?

• When you want to give users access to a database• When you want people to be able to share data with

each other• When you want pages to be dynamically generated,

but when you cannot be completely certain that people’s browsers support JavaScript

• When you want to deliver more complex behaviour than you can with JavaScript

• When you want to use more processing power to generate the page than you could reasonably expect the user to have

1.2 Main server-side scripting technologies

• CGI (or: Common Gateway Interface)– Portable, runs outside server, slow

• PHP (or: PHP: Hypertext Preprocessor)– Portable, good for databases, medium to fast

• Cold Fusion– Proprietary, portable, good for databases

• Active Server Pages (or ASP)– Proprietary, Microsoft-specific

• Java Server Pages (or JSP)– Portable, good for Java code

2 Active Server Pages

• Solves almost all the problems associated with static HTML and client-side scripting.

• Advantages– It is simple, you only write your code in the HTML

page itself. – No compiling, no complex interfacing, quick and easy

to update

• Disadvantages– Mostly Microsoft-specific (although the Apache clone

is very good)

2.1 Active Server Pages (ASP)

• Are processed in response to a client request– Server-side scripting

• Are processed by an ActiveX component– A scripting engine

• Have the file extension “.asp”• Contains HTML tags and scripting code

– Scripts are code between “<%” and “%>”

• VBScript is the most widely used language– You can also use JavaScript, or even Perl!

2.2 ASP

• ASP provides a server-side scripting environment

• This includes:– Reading information from an HTTP request– Customising an HTTP response– Storing information about a user– Extracting the capabilities of the user’s

browser

2.3 How does ASP work?

Client ServerScript

processor

Request Request

Response

Response

2.4 ASP Vs (D)HTML

• The main difference between ASP and (D)HTML pages is the location where the script is run. – HTML, DHTML, or client-side script, is run on the

client, in the browser, after the page is sent from the server

– ASP, or server-side script, is run on the server before the page is sent to the browser. The Web server processes the script and generates the HTML pages that are returned to the Web browser

2.5 Coding: ASP Vs. DHTML• Server-side script and client-side script look

very similar because they both use the same languages, VBScript, JavaScript, or even Perl.

Server side script Client side script

<HTML><BODY><H3>RGU Home</H3>The time here is <%=time()%><BR></BODY></HTML>

<HTML><BODY><H3>RGU Home</H3>The time here is<SCRIPT LANGUAGE=JScript>Document.Write(time())</SCRIPT>.<BR></BODY></HTML>

2.6 Coding: ASP v DHTML• In practice, the extended <SCRIPT> tag

makes them even closer!

Server side script Client side script

<HTML><BODY><H3>RGU Home</H3>The time here is<SCRIPT LANGUAGE=JavaScript RUNAT=server>Response.Write(time())</SCRIPT>.<BR></BODY></HTML>

<HTML><BODY><H3>RGU Home</H3>The time here is<SCRIPT LANGUAGE=JavaScript>Document.Write(time())</SCRIPT>.<BR></BODY></HTML>

2.7 A Simple ASP Example<% @LANGUAGE = JScript %><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>A Simple ASP Example</TITLE><META HTTP-EQUIV = "REFRESH" CONTENT = "60; URL=clock.asp"></HEAD><BODY><H2>Simple ASP Example</H2><TABLE BORDER = "6"> <TR> <TD> <% =(new Date).toLocaleTimeString() %> </TD> </TR></TABLE></BODY></HTML>

2.9 Example of an ASP error message

Look for the technical

information! It will tell you where the

error was

2.10 How does ASP work inside?

• ASP files are compiled into procedures– HTML is turned into a “print” statement– Other code is embedded directly

• Advantages– HTML editors (e.g., Dreamweaver) can be

used to create ASP pages– Program control flow is applied to HTML– Much improved performance over simpler

server-side scripting such as CGI

2.11 ASP pages as procedures

• First time around:– The ASP file is read from disk– It is then compiled into a program, and a copy

of the compiled version kept in a “cache”

• Future references to the same page:– Read the compiled procedure and run it

immediately

3. Setting up sites using Internet Information Services

3.1 Initial screen for Internet Information Services

3.2 The Internet Information Services control panel

3.3 To create a new virtual directory

3.4 The virtual directory wizard

3.5 The virtual directory wizard

3.6 Setting the default scripting language to JavaScript

Part 2

Active Server PagesBasics of the object model

4. COM objects in one slide

• Objects consist of:– Properties

• And fields – these are attributes of the object

– Collections• Which give you lists of things

– Methods• Like “Document.Write” in JavaScript, they ask objects to do

things

– Events• Are a way of keeping track of things happening to objects

behind the scenes. Rarely used in ASP, except for sessions

4.1 ASP Built-in Objects

• Request

• Response

• Session

• Application

• Server

• ObjectContext

4.1.1 ASP Built-in Objects

• Request– Retrieves the values that the browser passes

to the server during an HTTP request

• Response– Controls what information is sent to a browser

in the HTTP response message

4.1.2 ASP Built-in Objects

• Session– Used to manage and store information about

a particular user session

• Application– Used to manage and store information about

the Web application

4.1.3 ASP Built-in Objects

• Server– Provides access to resources that reside on a

server

• ObjectContext– Used to commit or abort a transaction

managed by Microsoft Transaction Server (MTS) for ASP pages that run in a transaction

4.1.4 ASP Built-in Objects

Request Retrieve information passed from the browser to the server

Response Send output to the browser

Session Store information for a specific user

Application Share information among all users of your application

Server Work with the properties and methods of components on the server

4.2 What is a collection?

• A collection is simply a set of objects– They may be

• Indexed by number (usually from 1, but not always)

• Indexed by string

• A collection is an object in its own right– Properties: Count, Item– Methods: Add, Remove

4.3 Request Object Collections

• ClientCertificate

• Cookies

• Form

• QueryString

• ServerVariables

4.3.1 Request Object

• ClientCertificate– The values of the certification fields in the

HTTP request

• Cookies– The values of cookies sent in the HTTP

request

4.3.2 Request Object

• Form– The values of form elements posted to the

body of the HTTP request message by the form's POST method

• We’ll see an example in a moment

4.3.3 Form Collection<html><head><title>Ice cream parlour</title></head><body><form action="process_ice_cream_form.asp" method="POST">Name: <input type="text" name="name"><p>Favourite Flavour:<br><select multiple name="flavour"><option>Mint<option>Vanilla<option>Coffee</select></p><p><input type="submit" name="iceSubmit" value="Submit"></p></form></body></html>

Using form collections

• Access to named fields:Request.Form.Item("name")

Request.Form.Item("flavour")

• Access to the form collection:var myForm = Request.Form;

var myCount = myForm.Count;

for (my index = 1; index <= myCount; index++) {

…

};

– See the example: ice_cream_form.asp

Full data recording script<html><head><title>Ice cream

results</title></head><body>

<table><tr><th>Field name</th><th>Field value</th></tr><% var myForm = Request.Form();var myCount = myForm.Count();

for (index = 1; index <= myCount; index++) {

%><tr><td><% =myForm.Key(index) %></td><td><% =myForm.Item(index) %></td></tr><% };%></table></body></html>

4.3.4 Request Object

• QueryString– The values of variables in the HTTP query

string, specifically the values following the question mark (?) in an HTTP request

• ServerVariables– The values of predetermined Web server

environment variables• See an example: servervariables.asp

4.4 Response Object

• Buffer– indicates whether a response is buffered

• Expires– Specifies the length of time before a page

cached on a browser expires. If the user returns to the same page before it expires, the cached version is displayed

4.4.1 Write method

• Really important!!– The Write method of Response object adds text to the

HTTP response message

if (Request.Form.Item("name") == "Stuart") {

Response.Write("<p>No room for you here!");

};

– You can put any data in the parameter you like, but strings are most common

The Write shortcut

• The Write method is so common there’s a short cut:– <% Response.Write("my value"); %>

can be written:– <% ="my value" %>

• Note that this doesn’t end with a semicolon!

• This is much shorter, and is preferred for simple expressions and values

Write method

var myCount = Request.Form.Count;for (index = 1; index <= myCount; index++) {

Response.Write(Request.Form.Item(index));};

<% Response.Write("<TABLE WIDTH = 80%\>“); %>

• The string returned by the Write method cannot contain the characters %> in an HTML tag, so the escape sequence %\> is used instead

4.4.2 Redirect method

• Instead of sending content from the response message to the user, the Redirect method of Response object can be used to redirect the user to another URL.

• The URL specifies the absolute or relative location to which the browser is redirected.

<% if (Request.ServerVariables("HTTP_UA_PIXELS") ==

"640x480") {Response.Redirect("poorscreen.htm");

} else {Response.Redirect("nicescreen.htm");

};%>

5. Session Tracking and Cookies

• Enable a web server to distinguish between clients– A server performs session tracking by

keeping track of when a specific user visits a site. A unique session ID will be assigned to the user

– Cookies are small files sent by an ASP page (or another similar technology, such as a Perl CGI script) as part of a response to a client

5.1 The core of an application: global.asa

• Defines events for sessions and the application– Events are “triggered” by a change in the

environment

function Session_OnStart {

Application.Lock();

var visits = Application.Contents("NumberOfVisitors");

Application.Contents("NumberOfVisitors") = visits + 1;

Application.Unlock();

};

6. @ directives in ASP

• @: processing directives – Send information to server about how to process .asp

files, e.g.• @CODEPAGE• @ENABLESESSIONSTATE• @LANGUAGE• @TRANSACTION

• @LANGUAGE is most frequently used– Specifies the scripting language to be used in the .asp

file. For example:– “@Language=VBScript” sets the scripting language to

VBScript

7. Summary

• Active Server Pages versus JavaScript– Server-side versus client-side

• Easier to access databases and other programs• Better control of the scripting environment

• For more information:– See the documentation installed with IIS:

• http://localhost/