Transcript Making your Web site more dynamic

Making your Web site more
dynamic
Andy Powell
UKOLN, University of Bath
[email protected]
www.ukoln.ac.uk
UKOLN is funded by Resource: The Council for Museums, Archives and Libraries, the Joint
Information Systems Committee (JISC) of the Higher and Further Education Funding Councils,
as well as by project funding from the JISC and the European Union. UKOLN also receives
support from the University of Bath where it is based.
Overview
• ‘dynamic’ means ‘interactive’!
• handling Web forms
• server-side programming
• CGI scripts - Perl, PHP, ASP
• client-side programming
• Javascript, Java
•
•
•
•
2
database connectivity
security
personalisation - authentication, cookies
taster session only… no details, but some
pointers to further information.
Aims
• by the end of the session you should
know what
• CGI,
• Perl, PHP, ASP,
• JavaScript, Java,
• ODBC and cookies
are… but you won’t necessarily know
how to use them!
3
Why interact?
• registration and requests for information
• allow people to register for meetings,
ask to be added to mailing lists, ...
• feedback and user-surveys
• allow people to comment on your
library service
• dynamic information
• allow people to ask questions like...
– when are my books due back?
– how much is my overdue book going to
cost?!
4
Why interact? (2)
• within particular services might want to
solicit contributions from people, e.g.
• children’s site… allow kids to submit poems
or stories
• local history site… allow people to contribute
personal recollections of a region or period
• business/community site… allow people to
supply details of local services
• library site… allow people to recommend
books or CDs, share reading lists, etc.
5
Simple Web form
<html>
<head><title>simple form</title></head>
<body>
<form name="simpleForm" method="put"
action="simpleHandler.cgi">
Your email address:
<input type="text" name="email">
<input type="submit" value="Submit">
</form>
</body>
</html>
6
Interacting with Web Forms
• typically need to generate the form (which
may be a normal static Web page), then
• validate user input
• process user input
• generate a response
dynamically.
• these three steps may be done within the
Web browser (client-side) or within the
Web server (server-side) or some
combination of both.
7
CGI
• Common Gateway Interface
• mechanism for a Web browser to send
data to a Web server
• allow browser to submit data to a
program running on the server
• program is often called a ‘CGI script’
• typically written in Perl, PHP or ASP
• can also be a ‘real’ program (e.g.
written in C)
8
CGI (2)
• used primarily for form submission
• can also be used to upload local files
• ‘CGI’ URLs often contain ‘?’ and ‘&’
characters - but don’t have to!
• output from CGI usually dynamic and
therefore not cached
9
CGI (3)
Web
form
Email
Web
browser
Data sent
using
CGI
Web
server
File
Results
Database
10
CGI programming - Perl
• Perl - Practical Extraction and Report
Language
• developed initially as general purpose
(UNIX) utility
• freely available on all platforms (though
most often used under UNIX)
• very good at manipulating textual data
• developed at roughly same time as the
Web
• de facto CGI script language?
• interpreted - so fast development cycle
11
Perl (2)
• typically, a new Perl process is started for
each new CGI script, so can be
heavy(ish) on resources
• many modules are freely available to
base work on, e.g. CGI, LWP (general
Web library), HTML, XML, database
connectivity, etc. See CPAN
<www.cpan.org>
• many existing CGI Perl scripts to
crib/steal from
12
What do I need to do?
• install Perl (if you have a UNIX box,
chances are that it is already installed!)
• install at least the CGI.pm Perl module
from CPAN
• configure your Web server to recognise
files ending in ‘.pl’ (and ‘.cgi’) as Perl
programs
• buy one of the O’Reilly Perl books
• visit <www.perl.org> and <www.perl.com>
for tutorials, tips and example code
13
CGI programming - PHP
• PHP - originally stood for Personal Home
Pages (I think!), now not expanded
• HTML embedded scripting language
• PHP commands are embedded into
the HTML page
• hidden inside HTML comments
• freely available - <www.php.net>
• very easy to learn
• lots of code available
14
PHP (2)
• tight integration with databases particularly with MySQL (a free relational
database)
• quick development time for database
driven applications
• available under UNIX and Windows
platforms
15
What do I need to do?
• install PHP, current version is PHP 4.0.1
• configure Web server to recognise files
ending in ‘.php’, ‘.php3’ and ‘.php4’ as
PHP-enabled pages
• buy the O’Reilly PHP book!
• visit <uk.php.net> and
<www.phpwizard.net> for tutorials and
sample code
16
CGI programming - ASP
•
•
•
•
ASP - Active Server Pages
developed by Microsoft
HTML embedded scripting language
primarily based on VBScript,. Though can
use JavaScript as well
• bundled in with MS Web server products,
e.g. IIS
• free and commercial UNIX version
available (though not sure about
compatibility)
• GUI development tools available
17
What do I need to do?
• if you are using Microsoft Web server...
nothing! It should all be ready to go.
• If you are using a UNIX-based server, use
Perl or PHP!
• check your Microsoft documentation
• visit <www.learnasp.com>
18
JavaScript
• primarily a browser programming
language (note: can also be used serverside)
• simple language - not Java
• object-oriented approach
• code typically embedded into HTML Web
page between <script> and </script> tags
• can also <link> to external JavaScript file
• developed originally by Netscape
• a.k.a ECMAScript (JavaScript as
standardised by ECMA)
19
JavaScript and forms
• JavaScript typically used in combination
with forms to validate input
• simple ‘event’ model, e.g.
• use ‘onChange’ or ‘onClick’ methods to
validate input before sending data to
server-side CGI script
• check that email addresses have ‘@’ in
them
• check that numbers contain only digits
• check that mandatory fields are filled in
20
What do I need to do?
• nothing to install! JavaScript is supported
by the major graphical browsers (at
least!)
• buy the O’Reilly JavaScript book!
• visit <www.javascript.com>
• try it!
• warning - if you enhance your Web forms
using JavaScript make sure that they still
work if JavaScript is disabled in the
browser!
21
Java
• high level language - simple, supposedly
write-once/run anywhere, supposedly
secure.
• developed by Sun - not standardised
• applications - stand-alone
• applets - embedded into browser
• Java compiled into intermediate language
which is then interpreted by the Java
Virtual Machine (JVM - machine specific)
22
Java (2)
• applets have not taken off widely
• inconsistencies between JVM
implementations
• resource requirements
• can be embedded into server-side
applications - Java Server Pages
• ‘Java Beans’ provides access to
distributed objects
• good support for database connectivity
• good GUI development environments
available
23
What do I need to do?
• buy one of the O’Reilly Java books!!
• visit <java.sun.com/docs/books/tutorial/>
for introduction to Java
• install Java 2 SDK (Software Developers
Kit)
• try it by hand-coding using text editor
initially
• consider buying GUI development tool if
required later
24
Database connectivity
• typically, data from a Web form is:
• processed directly and used as basis
for response to the user
• e-mailed to someone for further
processing
• saved to a file (for further processing!)
• processed/stored in a database
25
ODBC
•
•
•
•
ODBC - Open Database Connectivity
developed by Microsoft - database API
generic interface to databases
a CGI script developed using ODBC and
SQL should work against any SQL
database that offers an ODBC driver
• Oracle, MS-Access, MySQL
• Perl, PHP and ASP all offer access to
databases via ODBC
26
Security
• a word of warning...
• Web sites that offer interaction thru CGI
scripts are inherently a little more
insecure than sites that don’t
• watch out that:
• critical files can’t be downloaded or
overwritten
• other programs can’t be uploaded or
started unintentionally
27
Personalisation - why?
• give your users a personalised view of
your Web site - a ‘MyLibrary’ service
• remember personal preferences across
sessions
• I’m interested in poetry
• I want the low-graphics view of the
Web site
• don’t ask for someone’s email address
this session if you asked them for it last
time
28
Simple approach
• rather than tailoring for individuals,
provide views based on different usergroups
• develop 3 views of your Web site
• business community
• kids
• general
• offer a pull down menu on the home page
offering the 3 choices
• use JavaScript to switch between the 3
views
29
Using cookies
• remember preferences using cookies
• ‘cookies’ are small chunks of information
that are stored in the browser but shared
with the server
• developed by Netscape but widely
adopted
• typically, cookies are only shared with the
server that set them
• support for cookies in Perl, PHP and ASP
• see books/tutorials for details
30
Cookie example
• use Web form to ask for email address
• store email address in cookie and send to
Web browser
• next time the browser visits your site, the
cookie with the email address in it will be
passed to you
• note - the cookie containing the email
address will not be passed to any other
server
31
Database approach
• use Web form to ask for more detailed
information
• store it in a database
• ask for a username and password to allow
updates
• store username/password in database as well
• email address often used as preferred username
(easy to remember)
• Tip 1 - Send details to email address and wait for
confirmation before adding to the database - ensures that
email address is correct!
• Tip 2 - use cookie to store username or username and
password to save user typing them every visit
32
Do I have to know all this?
• well… not necessarily!
• useful to know the basics
• don’t need to develop CGI scripts yourself
• products like Microsoft Frontpage come with
bundled suites of CGI utilities - form
submission, etc. No development required!
• use externally hosted services (later talk)
• build on what’s already out there chances are that someone has already
developed the CGI script you need
33
And finally...
• recommendations for small scale
developments
• if you are in a Microsoft environment, use
• IIS as server
• ASP for scripting
• MS-Access on NT server as database
• if you are in a UNIX environment, use
• Apache as server
• PHP for scripting
• MySQL as database
34