mark dixon, socce soft 131page 1 19 – web applications: server-side code (asp)
Post on 22-Dec-2015
218 views
TRANSCRIPT
Mark Dixon, SoCCE SOFT 131 Page 1
19 – Web applications:Server-side code (ASP)
Mark Dixon, SoCCE SOFT 131 Page 2
Session Aims & Objectives• Aims
– To introduce the fundamental ideas involved in server-side code
• Objectives,by end of this week’s sessions, you should be able to:
– add dynamic server-side functionality, using VB Script
Mark Dixon, SoCCE SOFT 131 Page 3
networkconnection
Web Hardware and Software
ClientServer
BrowserApplication(MS Explorer,
Netscape)
Web-serverApplication
(MS IIS,Apache)
Mark Dixon, SoCCE SOFT 131 Page 4
Request-Response Cycle
BrowserApplication(MS Explorer,
Netscape)
Web-serverApplication
(MS IIS,Apache)
http://mdixon.soc.plym.ac.uk/
Request
<html> <head> <title>Mark Dixon's web site</title> </head> <body background="BackGround.JPG"> <font size=+3><center><b><p>Mark Dixon's web site</b></center> <font size=+2> <p>Welcombe to my web server. Please select from the following list: <ul> <li><a href="./Soft131/Index.htm">Soft131: Introduction to programming for Multimedia and Internet applications.</a> </ul> </font> </body></html>
Response
Mark Dixon, SoCCE SOFT 131 Page 5
Server-side Script (what)• ASP – active server pages
– executed on server• takes time – request-response cycle• requires server software (e.g. IIS)
– not sent to client• secure (can't be viewed by client)
– results (response) sent to client
• pages will NOT work by double clicking on file
Mark Dixon, SoCCE SOFT 131 Page 6
Server-side Script (IIS)• IIS / personal web server on Windows CD
Start, Settings, Control Panel, Add/Remove Programs
Add/RemoveWindows
Components
IIS
Mark Dixon, SoCCE SOFT 131 Page 7
Enabling/Disabling IIS• Start, Settings, Control Panel,
Administrative Tools, Internet Services Manager StopStart
Mark Dixon, SoCCE SOFT 131 Page 8
Server-side Script (how)• ASP code:
– .asp (not .htm)– between <% and %>
– Response object: page sent back to client
• write method: adds text to response object
– Date() function:• current date (server)
<html> <head> <title>Today's date</title> </head> <body> <p>The date today is <% Response.Write Date() & "<br>" %> <p>The time is currently <% Response.Write Time() & "<br>" %> </body></html>
Date.asp
Mark Dixon, SoCCE SOFT 131 Page 9
Form Submission• action attribute
• submit button<html> <head> <title>Login</title> </head> <body> <p>Please login: <form name="frmLogin" action="LoginCheck.asp" method=post> Username:<input name="txtUserName" type="text"><br> Password:<input name="txtPassWord" type="password"><br> <input name="btnLogin" type="submit" value="Login"> </form> </body></html>
Login.htm
Mark Dixon, SoCCE SOFT 131 Page 10
Form Processing
<html> <head> <title>Login</title> </head> <body> <% If Request.Form("txtUserName") = "George" Then Response.Write "Login successful." Else Response.Write "Invalid user name." End If %> </body></html>
LoginCheck.asp
Mark Dixon, SoCCE SOFT 131 Page 11
View Source• Code executed at server
– code is never sent to client
• View, Source – does not show code:
Mark Dixon, SoCCE SOFT 131 Page 12
Code Execution
<html> <head> <title>Login</title> </head> <body> <% If Request.Form("txtUserName") = "George" Then Response.Write "Login successful." Else Response.Write "Invalid user name." End If %> </body></html>
LoginCheck.asp
Server SW(IIS)
<html> <head> <title>Login</title> </head> <body> Invalid user name. </body></html>
Response
Mark Dixon, SoCCE SOFT 131 Page 13
Maintaining State between pages• Problem
– want to protect all pages from unauthorised access
– need to store record of successful login
• Variables– only persist for duration of page
Mark Dixon, SoCCE SOFT 131 Page 14
Maintaining State• Self Posting
• Session object– exists for current session– clears if user closes brower– clears after 20 mins of inactivity
• Cookies– stored on users hard drive– persists between sessions
• Database/file– stored on server– persists between sessions
Mark Dixon, SoCCE SOFT 131 Page 15
Self Posting<http> <head> <title>Multiply</title> <% Dim tmpRes Dim tmpNum1 Dim tmpNum2
If Request.Form("txtNum1") <> "" And Request.Form("txtNum2") <> "" Then tmpNum1 = CDbl(Request.Form("txtNum1")) tmpNum2 = CDbl(Request.Form("txtNum2")) tmpRes = tmpNum1 * tmpNum2 End If %> </head>
<body> <form name="frmDefault" action=Multiply.asp method=post> <p><input name=txtNum1 type=text size=5 maxlength=5 value=<%=tmpNum1%>> <input name=txtNum2 type=text size=5 maxlength=5 value=<%=tmpNum2%>> <p><input name=btnCalc type=submit value=Calc> </form> <p><%=tmpRes%> </body></http>
Multiply.asp
Post to Self
Only do calc if first load
Mark Dixon, SoCCE SOFT 131 Page 16
Session Object<html> <head> <title>Login</title> </head> <body> <% If Request.Form("txtUserName") = "George" Then Session("LoginOK") = "Yes" Response.Redirect "Home.asp" Else Session.Abandon If Request.Form("txtUserName") <> "" Then Response.Write "Invalid user name, please try again." End If End If %> <p>Please login: <form name="frmLogin" action="Login.asp" method=post> Username:<input name="txtUserName" type="text"><br> Password:<input name="txtPassWord" type="password"><br> <input name="btnLogin" type="submit" value="Login"> </form> </body></html>
Login.asp
• Session variable– all strings
• Abandon method– deletes all
session variables
• Redirect method– redirects browser
to specified page
Mark Dixon, SoCCE SOFT 131 Page 17
Session Object
<html> <head> <title></title> <% If Session("LoginOK") <> "Yes" Then Response.Redirect "Login.asp" End If %> </head> <body> <center><b>Home Page</b></center> <p>Welcome to my home page. </body></html>
Home.asp
ASP code tocheck forsuccessful login