Web Technology and Programming

Objective: To expose the students with client and server side web programming

Scope of tutorial
The Server Tier: Web Server Concept, Creating Dynamic content, using control flow to control dynamic control generation, Sessions and State, Error handling, Authentication, Architecting Web Application, Using tag libraries, Writing tag libraries Introduction to Advanced Server side Issues

Web – yes, definitely World Wide Web

History – no history at all i.e.in 1990, Tim Berners-Lee developed www. WWW allows users to locate and view multimedia-based documents (through internet).

Web technology - a basic foundation??

Architectural approach – client/server A client – A web browser A server – A web server

The Server Tier
In a typical Multitiered Web Application - A top-tier,client, directly interacts with user. - A bottom-tier is the database - A middle tier consists all the logic (powered by server)

Web Server
A black box, a magic box, a processor ???? A big buzz is all about IIS (Internet Information services) and Apache (A patchy server - indeed).

“A web server is a computer that is designed to act as a hub for a number of computers that form a network.”

Web Server
Lets be more specific: -a network server that manages access to files, folders and other resources over the internet or a local intranet via the platform-neutral HTTP. -Handles permissions, execute programs, keep track of directories and files and communicate with client computers. -A number of server-side technologies can be used to increase the power of the server like CGI scripts, SSL etc.

Overview of fairly popular web servers

Server-side Scripting
Scope of execution of scripts – so far away. -resides on the server and provides flexibility – especially with database access. -Generates custom responses for clients. -Unlike client-side scripts they are not viewable. -avoid client side scripting – don’t be that mean. (validation, interactivity, Dynamic HTML require it.)

ASP, Active Server Pages – a pick of a day, my man of matches

Active Server Pages
“VBScript has become the de facto standard for writing server-side Active Server Pages” Server side scripts can reside along with client side scripts and HTML in a same single page. An asp file has an extension as .asp. At server asp.dll parses the ASP file. Enclose ASP scripts within “<%” and “%>” Use @Language statement for clarity. Use option explicit for avoiding logical errors due to misspelled variables.

Creating Dynamic Content
Example

A client sends request in following methods; GET – gets information from the server. POST – posts data to the server using form to server-side form handler.

Ways to Send/Get Information from one ASP Page to Another
-the GET method -the POST method -using session variables -passing variables through link

Pros and Cons of Session Variables
Session Variables are similar to global variables in any programming language.
Pros: •If you have a variable that needs to be passed around to a lot of web pages, it may simplify things to use a Session variable, rather than passing the variable around through the QueryString.

Pros and Cons of Session Variables
•Session variables allow for customization of a web site. Each visitor to your site can have a customized experience. While this is true, it is also true that with the advent of LDAP and items such as MS Site Server and the like, it is no longer necessary to put all of your customization that is dependent upon user preference into session variables. •Session variables take you one step closer to VB programming in the sense that you can grab one without initializing the variable, use it whenever you want to, and not have to worry about releasing it when you've finished using it.

Pros and Cons of Session Variables
Cons: •Session variables and cookies are synonymous. So if a user has set his browser not to accept any cookies, your Session variables won't work for that particular web surfer!

An instance of each session variable is created when a user visits the page, and these variables persist for 20 minutes AFTER the user leaves the page! (Actually, these variables persist until they "timeout". This timeout length is set by the web server administrator. I have seen sites that the variables will collapse in as little as 3 minutes, and others that persist for 10, and still others that persist for the default 20 minutes. ) So, if you put any large objects in the Session (such as ADO recordsets, connections, etc.), you are asking for serious trouble! As the number of visitors increase, your server will experience dramatic performance woes by placing large objects in the Session!

•Since Session variables can be created on the fly, used whenever, and do not require the developer to dispose of them explicitly, the overuse of Session variables can lead to very unreadable and unmaintainable code. •Session variables take you one step closer to VB programming in the sense that you can grab one without initializing the variable, use it whenever you want to, and not have to worry about releasing it when you've finished using it. And WHO wants to go there? Not me.

Using @ENABLESESSIONSTATE

You can explicitly tell IIS that you aren't using any Session variables for a particular ASP page. All you need to do is add this single line of code at the top of your ASP page: <%@ ENABLESESSIONSTATE=False %>

What is Authentication?
Verifying that a visitor is authorized to visit a particular part of your website (usually via a username and password) is called Authentication. Authentication allows you to control the access to your entire website.

What are my choices?
IIS NT Challenge Response IIS Basic Authentication Cookie Based Authentication with ASP pages A Basic Database Authentication