login.asp WHERE - Computer Science

Download Report

Transcript login.asp WHERE - Computer Science

1
ASP
Working with Databases
Dr. Awad Khalil
Computer Science Department
AUC
2
Active Server Pages (ASP)
Outline
1.
2.
3.
4.
Introduction
Accessing a Database from an Active Server Page
Server-Side ActiveX Components
Internet and World Wide Web Resources
3
Accessing a Database from an Active
Server Page
•
•
ASP includes the
Microsoft ActiveX Data
Object (ADO) library
which supports database
interaction in ASP with a
variety of programming
tools.
In ASP, the connection
object comes from a class
called
ADODB.Connection,
which is one of the
classes in the ADO
library.
4
ODBC (Open DataBase Connectivity)
• ODBC is a Microsoft standard for database interaction and
connection that is part of the Windows operating system.
• Users can register data sources with ODBC so that
applications can easily access them.
• For a Web application to use an ODBC data source, the
source must be registered on the Web Server computer.
• In order for a JavaScript program to interact with a database,
it must create an ADO Connection object and connect to the
database. The following two lines of JavaScript code can be
added to an ASP script to create a Connection object, store
the object in a variable named conn, and open a connection
to the database named bighitmdb.
Conn = Server.CreateObject(“ADODB.Connection”);
Conn.Open(“bighitmdb”);
5
Accessing a Database from an Active
Server Page
• Web applications
– Communicating with databases
• Use ActiveX Data Objects (ADO)
– Provides uniform way for programs to connect with
databases
– Three-tier distributed applications
• User interface
– Created with XHTML, DHTML or XML
– Contains ActiveX controls, client-side scripts, Java applets
– Communicate directly with business logic
• Business logic
• Database access
• May reside on separate computers
6
Accessing a Database from an Active Server
Page
• Web applications, cont.
– Three-tier distributed applications, cont.
• Web servers build middle tier
– Provide business logic
• Manipulates databases
• Communicates with client Web browsers
– ASP communications with databases
• Use SQL-based queries
• ADO handled specifics
– Through OLE DB
• Databases provide data source for dynamic content
• Allows users who are not familiar with Web languages to create Web
pages
• Restrict access
– Password protection
• Query Access database
7
Executing SQL SEECT Queries with ASP
• To generate this page, the Web application would need to create and
execute two SQL select queries: One fetches the first and last name of
the customer from BigHit’s Customer table. The other fetches the list of
all that customer’s rentals from the Rental, Video, and Movie tables.
8
Outline
// connect to database
conn = Server.CreateObject("ADODB.Connection");
conn.Open("bighitmdb");
// get parameter values
var accountId = Request.QueryString("accountID");
Clock.asp
sends Web server’s date and
time to the client as XHTML
markup
<% %>
scripting delimeter
// construct SQL query to fetch customer name
var customerQuery = "select lastName, firstName from
Customer“ + " where accountId =
"+accountId;
// execute the query
var customer = conn.Execute(customerQuery);
@LANGUAGE processing
directive
// get the first and last names from the query result
var firstName = customer(“firstName”);
var lastName = customer(“lastName”);
Response.write
customer.close();
printHeader("Outstanding Rentals","for customer
"+firstName+” “+lastName);
Option Explicit
FormatDateTime
Now
vbLongDate format
Time
9
Fetching and Displaying Information form more than one table
// get rentals for account and print as table
var rentalQuery = "select v.videoId, title, dateRented, dateDue"
+ " from Rental r, Video v, Movie m "
+ " where v.videoId = r.videoId and v.movieId = m.movieId"
+ " and r.accountId = "+ accountId;
//var rentals = conn.Execute(rentalQuery);
var rentals = executeSQL(rentalQuery); // execute SQL and add to log
%>
<center><table border=2>
<caption>Current Rentals for Account <%= accountId %></caption>
<tr>
<th>Video ID</th><th>Title</th>
<th>Date Rented</th><th>Date Due</th>
</tr>
<% while(!rentals.eof){ %>
<tr>
<th><%=rentals("videoId")%></th>
<td><%=rentals("title")%></td>
<td><%=rentals("dateRented")%></td>
<td><%=rentals("dateDue")%></td>
</tr>
<% rentals.movenext();
}
rentals.close();
rentals = null;
conn.close();%>
</table>
10
Fetching and Displaying Information form more than one table
11
Creating Objects from Queries
•
•
We can organize the processing of query results by writing functions to process queries that will occur in many
Web applications.
The following function (custlookupform) allows creating a customer object from information stored in the
database:
function lookupCustomer(conn, id) {
customer = new Object();
customerSQL="select * from Customer where accountId="+id;
custSet = conn.Execute(customerSQL);
// check to see if any row was returned
if (custSet.eof) { // no customer with this accountId
return customer // return empty object
}
customer.accountId = custSet("accountId");
customer.firstName = custSet("firstName");
customer.lastName = custSet("lastName");
customer.street = custSet("street");
customer.city = custSet("city");
customer.state = custSet("state");
customer.zipcode = custSet("zipcode");
return customer;
}
12
A General Purpose Query Execution Script
•
•
Suppose that we create an HTML form that allows users to type an SQL select
statement and submit a request for it to be executed.
When the user clicks the submit button, he will expect the result to be a Web
page that displays the results of executing the select statement as an HTML
table.
13
Sqlform.asp
<%@LANGUAGE="JScript"%>
<!-- sqlform.asp -->
<html>
<!-- #include file="bighittools.js" -->
<%
startApplication("sqlform.asp");
printHeader("Query Execution","Please enter an SQL select statement"); %>
<center>
<form method="GET" action="sqlexec.asp">
<table>
<tr><th>Enter Select Statement</th>
<td><textarea cols="40" rows="6" name="sqlQuery"></textarea></td></tr>
</table><br>
<input type="submit"> <input type="reset">
</form>
</center>
<%
printFooter("sqlform.asp");
endApplication("sqlform.asp");
%>
</html>
14
Sqlexec.asp
<%@LANGUAGE="JScript"%>
<!-- sqlexec.asp -->
<html>
<!-- #include file="bighittools.js" -->
<%
startApplication("sqlexec.asp");
// get parameter values
var conn, sqlQuery, results;
sqlQuery = Request("sqlQuery");
printHeader("Execution of Query",sqlQuery);
// connect to database
conn = Server.CreateObject("ADODB.Connection");
conn.Open("bighitmdb");
// execute query
try {// we may get an error in executing the query
var numRowsAffected;
//results = conn.Execute(sqlQuery);
results = executeSQL(sqlQuery);
printTable(results,Response);
} catch (exception) {
Response.write("<table><center>\n");
Response.write("<caption>Unable to process query</caption>\n");
Response.write("<tr><th>Error returned from database</th><td>");
Response.write(exception.description+"<br>\n");
Response.write("</tr></table></center>\n");
//throw exception;
}
printFooter("sqlexec.asp");
endApplication("sqlexec.asp");
%>
</html>
15
Results of Executing Sqlexec.asp
The Recordset Object – Positioned on the first row
16
The Recordset Object
• The oval in the upper left represents the variable results whose
value is the Recordset object.
• The Recordset object has a collection called fields that contains
one field for each column.
• Each field object contains the name, type, and value of a
single attribute.
• Object fields has a property called count with value 8 – the
number of fields in the row.
• Each field has two properties, a name and a value.
• The information needed to generate the Web page can be
obtained as follows:
– The number of columns in the result is the value of
fields.count
– The name of the first column is fields(0).name, and the
value of the first column is fields(0).value.
– … etc.
17
The Function printTable
function printTable(results) {
// print the rows of the table as an HTML table
// results must be an ADO RecordSet object
var numCols = results.fields.count;
Response.write("<center><table cellpadding=3><tr>\n");
// write names of columns
for (col=0; col<numCols; col++) {
Response.write("<th>"+results.fields(col).name+"</td>\n");
}
Response.write("</tr>\n");
// write rows of data
while (!results.eof) {
Response.write("<tr>");
for (col=0; col<numCols; col++) {
Response.write("<td>"+results(col).value+"</td>\n");
}
results.movenext();
Response.write("</tr>");
}
Response.write("</table></center><br>\n");
}
18
Inserting Data to a Database - newcustmerform.asp
<%@LANGUAGE="JScript"%>
<html>
<!-- #include file="bighittools.js" -->
<%
startApplication("newcustomerform.asp");
printHeader("Please Enter Your Information","New customer information");
%>
<form method="GET" action="newcustomer.asp"><center>
<table>
<tr><th>First Name: </th><td><input type="text" name="firstName" size = "25">
</td></tr>
<tr><th>Last Name: </th><td> <input type="text" name="lastName" size =
"25"></td></tr>
<tr><th>street: </th><td><input type="text" name="street" size = "25" ></td></tr>
<tr><th>City: </th><td><input type="text" name="city" size = "25"></td></tr >
<tr><th>Country: </th><td><input type="text" name="state" size = "25"></td ></tr>
<tr><th>Zipcode: </th><td><input type="text" name="zipcode" size = "25" ></td></tr>
</table><br>
<input type="submit" value="Submit"> <input type="reset">
</center></form>
<%
printFooter("newcustomerform.asp");
endApplication("newcustomerform.asp");
%>
</html>
19
Inserting Data to a Database
20
Confirm Entered Data to a Database – newcustomer.asp
<%@LANGUAGE="JScript"%>
<html>
<!-- #include file="bighittools.js" -->
<%
startApplication("newcustomer.asp");
printHeader("Please Confirm","New customer information");
firstName = Request("firstName");
lastName = Request("lastName");
street = Request("street");
city = Request("city");
state = Request("state");
zipcode = Request("zipcode"); %>
<form method="GET" action="addcustomer.asp"><center>
<table>
<tr><th>First Name: </th><td><%=firstName %> </td></tr>
<tr><th>Last Name: </th><td><%=lastName %></td></tr>
<tr><th>street: </th><td><%=street %></td></tr>
<tr><th>City: </th><td><%=city %></td></tr>
<tr><th>Country: </th><td><%=state %></td></tr>
<tr><th>Zipcode: </th><td><%=zipcode %></td></tr>
</table><br>
<input type="submit" value="Confirm"> <input type="reset">
<!-- hidden fields to hold customer info-->
<input type="hidden" name="firstName" value="<%=firstName%>">
<input type="hidden" name="lastName" value="<%=lastName%>">
<input type="hidden" name="street" value="<%=street%>">
<input type="hidden" name="city" value="<%=city%>">
<input type="hidden" name="state" value="<%=state%>">
<input type="hidden" name="zipcode" value="<%=zipcode%>">
</center></form>
<%
printFooter("newcustomer.asp");
endApplication("newcustomer.asp"); %>
</html>
21
Confirm Entered Data to a Database – newcustomer.asp
22
Inserting the Data – addcustomer.asp
<%@LANGUAGE="JScript"%>
<!-- makecustomer.asp -->
<html>
<!-- #include file="bighittools.js" -->
<%
startApplication("makecustomer.asp");
// get parameter values
var customer, newId;
customer = makeCustomer(Request);
with (customer) {
printHeader("New Customer Receipt","Welcome "+firstName+"
"+lastName);
// connect to database
conn = Server.CreateObject("ADODB.Connection");
conn.Open("bighitmdb");
// get new account ID as maximum current account ID plus 1
//maxId = conn.Execute("select max(accountId) from Customer");
maxId = executeSQL("select max(accountId) from Customer");
newId = maxId(0) + 1;
23
Inserting the Data – addcustomer.asp
// insert customer
newCustSQL = "insert into Customer "
+"(accountId, firstName, lastName, street, city, state, zipcode)"
+" values("
+newId+", '"
+sqlString(firstName)+"','"
+(lastName)+"', '"
+sqlString(street)+"', '"
+sqlString(city)+"', '"
+sqlString(state)+"', '"
+sqlString(zipcode)+"')";
//Response.write("<br>SQL: "+newCustSQL+"<br>");
//conn.Execute(newCustSQL); // replaced with function call
executeSQL(newCustSQL);
} // end with customer
// fetch customer information from the database
customer = lookupCustomer(conn,newId);
if (customer.accountId!=newId) {// no new customer
Response.Write("<br>No new customer with account ID: "+newId+"<p>\n");
customer = makeCustomer(Request);
}
printCustomerTable(customer);
printFooter("addcustomer.asp");
endApplication("makecustomer.asp");
%>
</html>
24
Inserting Data to the Database – newcustomer.asp
25
Displaying Inserted Data
26
Displaying Inserted Data
27
28
Server-Side ActiveX Components
Using Cookies - Login in Application
– This application controls user’s access to the content builder
application through authenticating the user by username and
password information which are stored in the database
login.mdb. The application is made of three scripts:
• login.asp: providing the user interface, displaying the form,
and error messages in case of access failure.
• database.asp: connecting to the database, executing the query
to get users’ access information, communicating with login.asp
through session tracking.
• submitlogin.asp: check user login information, create a cookie
to store loginID information, and communicating with
login.asp through session tracking.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<% @LANGUAGE = VBScript %>
29
Outline
<%
' Fig. 22 : database.asp
Ignores errors until
' ASP document for interacting with the database
Server
method
Option Explicit
end of script
CreateObject creates
ADODB.Connection
' provide error handling code
Method
opens
DeclaresOpen
session
On Error Resume Next
When
Open
finishes
variable
database
specified
byis set
loginData
reference
Session( "errorString" ) = ""
errorHandlerLog
executing,
to
first
errorString
Open
method
is points
passed
string
ODBC
System
DSN
to an
ADODB.recordset
Set connection = Server.CreateObject( "ADODB.Connection"
)
record
or EOF
no
processes
errors
(login)
containing
SQL
queryif and
object
Call connection.Open( "login" )
errorHandlerLog
records were foundobject
Call errorHandlerLog()
ADODB.Connection
called again
' create the record set
Err object
Set loginData = Server.CreateObject( "ADODB.Recordset"
) Number
Call loginData.Open( Session( "query" ), connection
) contains VBScript
property
Set Session( "loginData" ) = loginData
Linesnumber.
25-36 define
error
Tests if error
If
true,
errorSrting
Call errorHandlerLog()
errorHandlerLog
has
occurred.
Error
number
and message
variable
is assigned
Sub errorHandlerLog()
concatenated
variable
XHTML text to
containing
If Err.Number <> 0 Then
errorString
Dim errorString
error number and message
Dim connection, loginData
errorString = Session( "errorString" )
Sets
session
loginData to
errorString = errorString & "<p
class
= " variable
& _
Chr( 34 ) & "error" & Chr (variable
34 ) & loginData
">Error (" _ which references
& Err.Number & ") in " & Err.Source & "<br />" & _
Err.Description & "</p><br the
/>"ADODB.Recordset containing
Session( "errorString" ) = errorString
all records matching SQL query
End If
End Sub
%>
Database.asp
connects to, and queries an
Access database
CreateObject
ADODB.Connection
contains functionality
necessary to connect to
database
errorHandlerLog
30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<% @LANGUAGE = VBScript %>
Outline
<%
' Fig. 23 : login.asp
' ASP document to login to instantpage.asp
Option Explicit
' create the SQL query
Session( "query" ) = "SELECT loginID FROM Users"
Call Server.Execute( "database.asp" )
Login.asp
Identifies users by
prompting them for login
name and password.
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
Assigns SQL query
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns =
to session variable
submitlogin.asp
Executes database.asp
to
"http://www.w3.org/1999/xhtml">
query
retrieve login
IDs from the databasevalidates the user’s login
<head>
<title>Login Page</title>
<style type = "text/css">
table { text-align: center;
font-size: 12pt;
color: blue;
font-size: 12pt;
font-family: arial, sans-serif }
.error { color: red }
</style>
</head>
<body>
<!-- #include virtual="/includes/header.shtml" -->
<%
Data is stored in Access
database login.mdb
31
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
If Session( "errorString" ) = "" Then
' if this is a return after a failed attempt,
' print an error
If Session( "loginFailure" ) = True Then %>
<p class = "error">Login attempt failed,
please try again</p>
Tests if session
<%
End If
' begin the form %>
<p>Please select your name and enter
your password to login:</p><br />
variable
errorString value is
empty string
Outline
Login.asp
Prompts user for login
name and password.
Information is stored in
If false, line 89 prints
Access database opened in
error
message to user
database.asp
<form action = "submitlogin.asp" method
= "post">
Lines 39-41 test is session variable
<!-- format the form using
a table --> is True
loginFailure
<table border = "0">
If
true, login
failure
select
structure
builds
<tr>
message prints
to loginIDs
user and
drop-down
list of
<td>Name:</td>
prompts new login
<td>
<select name = "loginID">
Requests
<option value = "noSelection">
Select your name</option>
<%
loginID cookie
Selects the returning user’s
If Request.Cookies( "loginID" ) <> "" Then
login ID option
Call BuildReturning()
Else
Build loginID options
Call BuildNewUser()
End If
%>
</select>
</td>
</tr>
32
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<tr>
<td>Password:</td>
<td><input type = "password"
name = "password" /></td>
</tr>
<tr>
<td></td>
<td align = "left">
<input type = "submit" value = "Log Me In" />
</td>
</tr>
</table>
</form>
<!-- #include virtual="/includes/footer.shtml" -->
<%
Else
Call Response.Write( Session( "errorString" ) )
End If
%>
</body>
</html>
<%
' builds the option items for loginIDs and writes
' selected for the loginID of the returning user
Sub BuildReturning()
Dim found, loginData
Set loginData = Session( "loginData" )
' pull user names from the record set to populate the
' dropdown list
Outline
Login.asp
Prompts user for login
name and password.
Information is stored in
Access database opened in
database.asp
33
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
Outline
found = False
%>
<%
Tests for EOF
While Not loginData.EOF
' create this record's dropdown entry
<option
set to false
' if we did not write selected for found
any option
' before
before If
loopstatement writes
If ( Not found ) Then
selected for an
if the current record's loginID is equal
optionto
the loginID cookie, then it is the loginID of
If statement tests whether
the returning user, and thus we need to write
option
to be
selected for this option; in this
case needs
we also
need to signal that we have written
selected
selected
Login.asp
Prompts user for login
name and password.
'
Information is stored in
'
Access database opened in
'
database.asp
'
'
' for an option by setting found to True.
If Request.Cookies( "loginID" ) _
= loginData( "loginID" ) Then
Increments the record set pointer
Call Response.Write( "selected = " & _
to next record
Chr( 34 ) & "selected" & Chr( 34 ) )
found = True
End If
End If
If true, lines
writeis
Once122-124
selected
%>
value = "<% =loginData( "loginID" )selected
%>">
andfor
setan
found
written
option,
<% =loginData( "loginID" ) %></option>
to true
<%
Call loginData.MoveNext()
found set whether
to truecurrent
Determines
Wend
record’s loginID field is
End Sub
' builds the option items for loginIDs
' selected for any loginID
Sub BuildNewUser()
Dim loginData
whileequal
loop (lines
107-130)
iterates
to loginID
cookie
through
loginData’s
without
Writes writing
option
display records
as
current loginID
Sets option value
to current loginID
Set loginData = Session( "loginData" )
34
140
141
142
143
144
145
146
147
148
149
' pull user names from the record set to populate the
' dropdown list
While Not loginData.EOF
' create this record's dropdown entry
%>
<option value = "<% =loginData( "loginID" ) %>">
<% =loginData( "loginID" ) %></option>
<%
Call loginData.MoveNext()
Wend
End Sub
%>
Outline
Login.asp
Program Output
35
Outline
Program Output
36
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<% @LANGUAGE = VBScript %>
<% ' Fig. 25.24 : submitlogin.asp
' ASP document to check user's username
Option Explicit
Lines 9-13 check whether
password field is empty
or password
id loginID field
and
contains default value
' test if a user name and a password were
' entered. If not, transfer back to the login page.
If so, variable
If Request( "password" ) = "" Or _
set to
Request( "loginID" ) = "noSelection"loginFailure
Then
Session( "loginFailure" ) = True
true, client redirected
Call Server.Transfer( "login.asp" )
back to login.asp
End If
Outline
Submitlogin.asp
Takes values passed by
login.asp and checks
values against Users
table in database
If match is found, user is
WHERE specifies a
redirected to
Dim connection, loginData
condition
on which
against
the records instantpage.asp. If
Sets session variable Checks password
not, user is redirected to
selected
password inare
recordset
Sets
reference
loginData
to
' create the loginFailure
SQL query
Executes database.asp login.asp.
Session( "query"
_
session
value)to=False
to queryvariable
databaseloginData
"SELECT * FROM Users WHERE loginID = '" & _
(contains records matching
Request( "loginID" ) & "'"
query.)
Call Server.Execute( "database.asp" )
Set loginData = Session( "loginData" )
Sets cookie’s expiration date to
If Request(
) =
current
date plus"password"
3 days
If true, line
writes form’s
loginData(
"password"
) Then
loginID value as cookie named
' password is OK, adjust loginFailure
loginID
Session( "loginFailure" ) = False
' write a cookie to recognize them the next time they
' go to login.asp
Response.Cookies( "loginID" ) = Request( "loginID" )
' give it three days to expire
Response.Cookies( "loginID" ).Expires = Date() + 3
37
36
37
38
39
40
41
42
43
Otherwise loginFailure set to
True
Calls
Server method Transfer to
' send them to instantpage.asp
and client
is redirected to login.asp
redirect client to instantpage.asp
Call Server.Transfer( "instantpage.asp"
)
Else
Session( "loginFailure" ) = True
Call Server.Transfer( "login.asp" )
End If
Outline
Submitlogin.asp
%>
Program Output
38
Outline
Program Output
39
Accessing a Database from an Active Server
Page
Fig. 25.25 Cookies folder before and after cookie creation.
40
Accessing a Database from an Active Server
Page
Fig. 26
Error messages sent to login.asp by database.asp.
41
Server-Side ActiveX Components
• ActiveX controls on the server with no GUI
– Make features available in ASP
– AdRotator ActiveX component
•
•
•
•
Rotates advertisements on a Web page
Randomly displays one of several advertisements
Minimizes space on a Web page committed to advertisements
Client does not have to support ActiveX technologies (on the
server)
– PageCounter ActiveX component
• Page “hit” counter
42
Server-Side ActiveX Components
Component Name
Description
MSWC.BrowserType
ActiveX component for gathering information about the client’s
browser (e.g., type, version, etc.).
MSWC.AdRotator
ActiveX component for rotating advertisements on a
Web page.
MSWC.NextLink
MSWC.ContentRotator
ActiveX component for linking Web pages together.
MSWC.PageCounter
ActiveX component for storing the number of times a Web page
has been requested.
MSWC.Counters
ActiveX component that provide general-purpose
persistent counters.
MSWC.MyInfo
ActiveX component that provides information about a Web site
(e.g., owner name, owner address, etc.).
Scripting.FileSystemObject
ActiveX component that provides an object library for accessing
files on the server or on the server’s network.
ActiveX Data Objects (ADO) Data Access
Components
ActiveX components that provide an object library
for accessing databases.
Fig. 27
ActiveX component for rotating HTM L content on a
Web page.
Some serv er-side ActiveX components.
43
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Outline
<% @LANGUAGE = VBScript %>
<%
' Fig. 28 : component.asp
' Demonstrating Server-side ActiveX Components
Option Explicit
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns = "http://www.w3.org/1999/xhtml">
<head>
<title>ActiveX Component Example</title>
</head>
<body>
Creates AdRotator component instance,
<strong style = "font-family: arial, sans-serif">
assigns
it reference rotator
Sends advertisement
as HTML
to client.
Method
Server-side
ActiveX
Components
GetAdvertisement
called using reference rotator.
</strong>
Retrieves advertisements from config.txt
<p>
<%
Dim rotator, browser, information, counter
' create an AdRotator object
Set rotator = Server.CreateObject( "MSWC.AdRotator" )
' use config.txt to send an advertisement to the client
Call Response.Write( _
rotator.GetAdvertisement( "config.txt" ) )
Component.asp
Uses AdRotator ActiveX
component to rotate one of
five flag images. When
user clicks flag image,
country’s corresponding
CIA Fact Book Web page
displays.
44
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
' create a BrowserType object
Set browser = Server.CreateObject( "MSWC.BrowserType" )
If browser.VBScript = True Then
%>
Component.asp
information about user’s browser
<script language Obtains
= "VBScript">
Call Msgbox( "Client browser supports VBScript!" )
</script>
<%
End If
Check property VBScript value
If true, lines 48-50 written to client
If browser.JavaScript = True Then
%>
<script language = "JavaScript">Passes server variable key
alert( "Client browser supports
JavaScript!" ); to
HTTP_USER_AGENT
</script>
ServerVariables, obtains
<%BrowserType object’s Browser
End If
Version
and MinorVer properties
string containing user information
can
obtain similar client information
' get client's browser information
information = "<p>Your browser information is:<br />" & _
Lines
46-52 test JavaScript
Request.ServerVariables(
"HTTP_USER_AGENT"
) & _
"<br />Browser: " & browser.Browser
& " Version: " & _
property
browser.Version & " Minor version: " & _
browser.MinorVer & "<br />Cookies are "
If browser.Cookies Then
information = information & "enabled</p><br />"
Else
information = information & "disabled</p><br />"
Tests Cookies property to determine
End If
if browser supports cookies
Call Response.Write( information )
Outline
45
69
70
71
72
73
74
75
76
77
78
79
' create Page Counter Object
Set counter = Server.CreateObject( "MSWC.PageCounter" )
Call counter.PageHit()
' page has been "hit"
%>
</p>
Returns number of “hits”
<p style = "color: blue; font-size: 12pt">
Increments
number of “hits” by
This page has been visited
<% =counter.Hits()
%> one
times!</p>
</body>
</html>
Outline
Component.asp
46
Outline
Program Output
47
Outline
Program Output
48
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
23
24
25
26
27
28
29
30
31
32
REDIRECT redirect.asp
Header contains
width 54
Image URL,
URL,
REDIRECT
file destination
URL
height 36
Advertisement
dimensions
alt value, image display ratio
border 1
Asterisk
separates header
*
from advertisements
/images/su-flag.gif
http://www.odci.gov/cia/publications/factbook/geos/su.html
Sudan Information
20
/images/eg-flag.gif
http://www.odci.gov/cia/publications/factbook/geos/eg.html
Egypt Information
20
/images/us.gif
http://www.odci.gov/cia/publications/factbook/geos/us.html
United States Information
20
/images/france.gif
http://www.odci.gov/cia/publications/factbook/geos/fr.html
France Information
20
/images/germany.gif
http://www.odci.gov/cia/publications/factbook/geos/gm.html
Germany Information
20
/images/italy.gif
http://www.odci.gov/cia/publications/factbook/geos/it.html
Italy Information
20
/images/spain.gif
http://www.odci.gov/cia/publications/factbook/geos/sp.html
Spain Information
20
Outline
Config.txt
Describes the
advertisements
49
1
2
3
4
5
6
7
8
9
<% @LANGUAGE = VBScript %>
Outline
<%
' Fig. 30 : redirect.asp
' Redirection Page for AdRotator Component
Option Explicit
Call Response.Redirect( Request( "url" ) )
%>
Redirect.asp
Redirects user to country’s
CIA page when ad is
clicked
50
51
52
53
54
55
56
57
58
59
60
61
62