ZeePedia

APPLETS, CGI SCRIPTS

<< CLIENT AND SERVER SIDE PROCESSING OF DATA
MAINTAINING STATE IN A STATELESS SYSTEM >>
img
E-COMMERCE ­ IT430
VU
Lesson 18
APPLETS, CGI SCRIPTS
You know that Web Server is a computer that delivers (serves up) web pages. Any computer can be turned
into a Web server by installing server software and connecting the machine to the internet. A relational
database or simply database is a collection of information stored in tables. A database contains one or more
tables. Each table has a name and consists of columns and rows. Each column has a name. Most e-
commerce sites consist of a front end and a back end. Front end consists of that information which is
visible to the user and he can interact with the same through some interface. The back end comprises that
information which resides on the server side and is used to create certain dynamic results for the user. It
would include different programs or scripts that may be developed in different languages/tools. For an
effective e-commerce site there must be a real integration or compatibility between the front end and the
back end. We develop our back end mainly for two purposes ­ for querying with the databases (where we
have developed databases) and for the maintenance of state. We can use different tools (ASP, JSP etc.) for
that purpose depending upon their respective advantages/disadvantages. Server side processing can be
mainly categorized into four headings -CGI Scripts, Servlets, Server Side Scripts and JDBC/ODBC drivers.
CGI scripts
Term Common Gateway Interface (CGI) is defined as a standard method/protocol that allows data from
forms to be used by programs on the server. Script is a program running on the server. CGI scripts include
programs written in C, C++ or perl. Following Figure 1 shows a simple CGI setup. Suppose a client makes
an http request by clicking a hyperlink. This request is directed to a CGI script on the server side whose
reference would be given in the <A> tag. The server would communicate with the CGI script on it with the
help of CGI protocol. The script would be executed. We would do its coding such that it generates a query
to the database to retrieve specific information. This information would then be supplied by the server to
the client side as an HTML document. You can also consider an example. Assume there are two links on a
web page (Fig. 2). When the user clicks on the hyperlink pertaining to IT Books, an http request goes to the
server at the address, which is shown as value of the href attribute of the anchor tag. This address is that of
a CGI script `hello2.cgi', which is coded in such a way that it would generate a select query in SQL and from
the table IT books would retrieve all the information as a result for the user. The Perl code of hello2.cgi is
shown for a reference below.
Fig. 1
82
img
E-COMMERCE ­ IT430
VU
Fig. 2
Code for Fig. 2
<HTML>
<BODY>
<A href=http://www.onlineshop.com/cgi-bin/hello1.cgi>
Click here to view the record of your previous transactions </A>
<p>
<A href=http://www.onlineshop.com/cgi-bin/hello2.cgi>
List of IT Books for sale
</A>
</BODY>
</HTML>
Perl example ­ hello2.cgi (Not for exam)
print "<head>\n";
print "</head>\n";
print <body>\n";
print "<h1>IT Books</h1>\n";
print "<b>Description of available books</b><br>";
&SetOracle;
&RunSQL("Select * from ITBOOKS");
&StopOracle; print "</body></html>\n";
Structured Query Language (SQL)
SQL stands for Structured Query Language. It is used to make queries from databases. Its syntax may vary
slightly from tool to tool. However, its general syntax is that we use select statement to retrieve data from
databases. We use "*" after the word select then write the words "from tablename" in order to pick the
entire information from a table. We can write the select statement specifically in case some specific
information is desired to be retrieved as shown below:
Select author,publisher from ITBOOKS where coursename=`e-commerce'
We can use insert statement of SQL in order to insert certain data in a database. For example in Fig. 3
below, you can see a web form with text boxes. When a user clicks at the Register! button (in fact a submit
button), information provided by the user in the form would be shipped to the URL specified as value of
the action attribute in the form tag. Here, that URL is that of an ASP file running on the server side. On
clicking the Register!/submit button this file would be executed. We would code it such that it gives rise to
an insert query. In other words, data provided in the form is picked up by the ASP file and subsequently
inserted or recorded in a table in the databases. The format of Insert query used in ASP is shown for a
reference below. We may also use delete and update statements in SQL for deleting and updating data in the
tables.
83
img
E-COMMERCE ­ IT430
VU
Fig. 3
Code for Fig. 3
<HTML>
<BODY>
<H3>To Register Please Enter The Following Information:</H3>
<FORM NAME="regForm" ACTION="http://www.onlineshop.com/hello.asp" METHOD="POST">
Name: <INPUT TYPE="TEXT" NAME="Name" maxlength="25">
<P>
Address: <INPUT TYPE="TEXT" NAME="userAdd" maxlength="50">
<P>
Password: <INPUT TYPE="Password" NAME="userPassword" maxlength="15">
<P>
Email: <INPUT TYPE="TEXT" NAME="email" maxlength="15">
<P>
<INPUT TYPE="submit" NAME="Go" VALUE="Register!">
<INPUT TYPE="RESET" VALUE="Reset!">
</FORM>
</BODY>
</HTML>
Insert Statement in ASP (not for exam)
INSERT INTO Register(Name,Address,Password,Email)
VALUES(Request.form("Name"), Request.form("Address"), Request.form("Password"),
Request.form("Email"))
Register is the table where information received through the form is to be inserted.
Servlets
Servlets are very fast Java applications on the server side which are available in an active form in the
memory of the server. They use JDBC to connect to the databases.
Server Side Scripts
They basically include ASP, JSP or PHP. Active Server Pages (ASP) is the product of Microsoft, Java Server
Pages (JSP) is the product of Sun Microsystems and Hypertext Preprocessor (PHP) is the product of
Apache Software Foundation. Their code can be embedded within the HTML document and they use
extensions (.asp), (.jsp) or (.php), as the case may be. The servers sees the extension of the file and processes
84
img
E-COMMERCE ­ IT430
VU
the relevant ASP, JSP or PHP code embedded within the HTML code and provides the result of such code
to the client side.
ODBC/JDBC
ODBC (Open database connectivity) and JDBC (Java based database connectivity) drivers are also present
on the server side. Scripts or programs use these to establish connection with databases for querying.
Basic difference between CGI scripts, ASPs, Servlets etc.
Here, you can note some basic difference between CGI scripts, servlets, ASP, JSP etc. We know that the
code we write is translated into an executable form. There are two ways to do this translation. One is that
we compile the code or convert it into machine language using a software called compiler, as we use in case
of C or C++. The other way is that we interpret the code (line by line) at the run time using a program
called interpreter. Browser is an interpreter. Compiled code is usually faster than the interpreted one as
regards execution. Technologies like ASP, PHP and Coldfusion interpret their code except the new version
of ASP (ASP.net) where the code is compiled. In case of JSP a program called JSP engine compiles the
code. This compilation takes place only once, and then the JSP page is converted into a Servlet. The
property of a servlet is that it is always in an active form which means that it remains in the server memory.
Therefore, any subsequent calls to the page have faster response time. This probably is the only main
difference between a JSP and a Servlet. Another difference between ASP and JSP is that ASP mostly uses
VBScript and JSP uses Java programming language for coding. Note that among the CGI scripts, Perl
scripts are interpreted and C++ scripts are compiled. However, CGI scripts are generally believed to be
relatively slow, since each CGI request generates a new process which is heavy for the system. Therefore,
CGI scripts are no longer a very popular option.
ASP
We can discuss ASP a little more in detail. It runs best on IIS (Internet Information Server) which is freely
available with Windows NT and Windows 2000. ASP engine is a piece of software that is a part of IIS and
interprets/translates an ASP code. There are mainly seven predefined objects in ASP called intrinsic objects.
To have some idea of the ASP objects, we can have a look at the two important ones, that is, request and
response objects. Response
object is used to send information to the client and Request object is used by the server to
retrieve information from the client.
ASP examples (not for exam)
Following is the example of Response object. We use its "write" function to write some
information on our web page. ASP normally uses VBScript as the scripting language. In
ASP, a variable is generally defined using Dim statement as shown in the code below.
ASP statements are contained within <% and %> which are called delimiters. VBScript by
default assumes that any symbol that is not a keyword is a variable. This might cause serious
problems when you are writing an ASP application. What if you mistype a variable name and
it will be considered by the server as a new variable. To avoid this you must write Option
Explicit at top of your each ASP file.
<%@ language=VBScript %>
<%option explicit%>
<%Dim lastname
Dim firstname
Dim myage
lastname="Ali"
firstname="Imran"
myage=30
%>
85
img
E-COMMERCE ­ IT430
VU
<html>
<head><title>It is easy</title></head>
<body>
My name is <%=firstname%> <%=lastname%> and my age is <%Response.Write
myage%>
</body>
</html>
Suppose that we want to collect data from a form (Fig. 4) using ASP and then resend a page
to the client having that information written on it. For that one can develop the following
ASP code. Note the use of "Request.form" for collecting data form the form.
<%@Language="VBSCRIPT"%>
<%option explicit%>
<%Dim loginname
Dim name
loginname=Request.Form("userlogin")
name=Request.Form("username")
%>
<html>
<head><title>It is easy</title></head>
<body>
My name is <%Response.Write name%> and I am going to use
<%Response.Write loginname%> as my login
</body>
</html>
Fig. 4
When a user clicks at Register! the information filled by him in the above two boxes would
be delivered to the ASP file whose code you have seen above. This would happen because
we keep the name or URL of the above ASP file as value of the action attribute in the form
tag.
VBScript offers a lot of flexibility for programming. We can use functions, If statements,
For loops etc. Consider the following example where a For loop has been used:
<%@Language="VBSCRIPT"%>
<%option explicit%>
<HTML>
<Body>
Test1
<%
Dim myString="ecommerce"
%>
86
img
E-COMMERCE ­ IT430
VU
<%If Time>=#12:00 AM# and Time<=#12:00 PM# then%>
<h3>Good Morning Pakistan</h3>
<%else%>
<h3>Hello Everyone <p>
<%
Dim j
For j=1 to 3
Response.write mystring
response.write "<p>" Next %></h3> <% end if %> </Body> </HTML> Result of the above code
would be similar to the one shown in Fig. 5 below. Note that the words ecommerce are printed thrice due
to for loop written in a specified format in VBScript.
Fig. 5
87