APPLETS, CGI SCRIPTS

<< CLIENT AND SERVER SIDE PROCESSING OF DATA

MAINTAINING STATE IN A STATELESS SYSTEM >>

E-COMMERCE IT430

Lesson 18

APPLETS, CGI SCRIPTS

You know that Web Server is a computer that delivers (serves up) web pages. Any computer can be turned

into a Web server by installing server software and connecting the machine to the internet. A relational

database or simply database is a collection of information stored in tables. A database contains one or more

tables. Each table has a name and consists of columns and rows. Each column has a name. Most e-

commerce sites consist of a front end and a back end. Front end consists of that information which is

visible to the user and he can interact with the same through some interface. The back end comprises that

information which resides on the server side and is used to create certain dynamic results for the user. It

would include different programs or scripts that may be developed in different languages/tools. For an

effective e-commerce site there must be a real integration or compatibility between the front end and the

back end. We develop our back end mainly for two purposes for querying with the databases (where we

have developed databases) and for the maintenance of state. We can use different tools (ASP, JSP etc.) for

that purpose depending upon their respective advantages/disadvantages. Server side processing can be

mainly categorized into four headings -CGI Scripts, Servlets, Server Side Scripts and JDBC/ODBC drivers.

CGI scripts

Term Common Gateway Interface (CGI) is defined as a standard method/protocol that allows data from

forms to be used by programs on the server. Script is a program running on the server. CGI scripts include

programs written in C, C++ or perl. Following Figure 1 shows a simple CGI setup. Suppose a client makes

an http request by clicking a hyperlink. This request is directed to a CGI script on the server side whose

reference would be given in the <A> tag. The server would communicate with the CGI script on it with the

help of CGI protocol. The script would be executed. We would do its coding such that it generates a query

to the database to retrieve specific information. This information would then be supplied by the server to

the client side as an HTML document. You can also consider an example. Assume there are two links on a

web page (Fig. 2). When the user clicks on the hyperlink pertaining to IT Books, an http request goes to the

server at the address, which is shown as value of the href attribute of the anchor tag. This address is that of

a CGI script `hello2.cgi', which is coded in such a way that it would generate a select query in SQL and from

the table IT books would retrieve all the information as a result for the user. The Perl code of hello2.cgi is

shown for a reference below.

Fig. 1

E-COMMERCE IT430

Fig. 2

Code for Fig. 2

<HTML>

<BODY>

Click here to view the record of your previous transactions </A>

<p>

List of IT Books for sale

</A>

</BODY>

</HTML>

Perl example hello2.cgi (Not for exam)

print "<head>\n";

print "</head>\n";

print <body>\n";

print "<h1>IT Books</h1>\n";

print "<b>Description of available books</b><br>";

&SetOracle;

&RunSQL("Select * from ITBOOKS");

&StopOracle; print "</body></html>\n";

Structured Query Language (SQL)

SQL stands for Structured Query Language. It is used to make queries from databases. Its syntax may vary

slightly from tool to tool. However, its general syntax is that we use select statement to retrieve data from

databases. We use "*" after the word select then write the words "from tablename" in order to pick the

entire information from a table. We can write the select statement specifically in case some specific

information is desired to be retrieved as shown below:

Select author,publisher from ITBOOKS where coursename=`e-commerce'

We can use insert statement of SQL in order to insert certain data in a database. For example in Fig. 3

below, you can see a web form with text boxes. When a user clicks at the Register! button (in fact a submit

button), information provided by the user in the form would be shipped to the URL specified as value of

the action attribute in the form tag. Here, that URL is that of an ASP file running on the server side. On

clicking the Register!/submit button this file would be executed. We would code it such that it gives rise to

an insert query. In other words, data provided in the form is picked up by the ASP file and subsequently

inserted or recorded in a table in the databases. The format of Insert query used in ASP is shown for a

reference below. We may also use delete and update statements in SQL for deleting and updating data in the

tables.

E-COMMERCE IT430

Fig. 3

Code for Fig. 3

<HTML>

<BODY>

<H3>To Register Please Enter The Following Information:</H3>

Name: <INPUT TYPE="TEXT" NAME="Name" maxlength="25">

<P>

Address: <INPUT TYPE="TEXT" NAME="userAdd" maxlength="50">

<P>

Password: <INPUT TYPE="Password" NAME="userPassword" maxlength="15">

<P>

Email: <INPUT TYPE="TEXT" NAME="email" maxlength="15">

<P>

</FORM>

</BODY>

</HTML>

Insert Statement in ASP (not for exam)

INSERT INTO Register(Name,Address,Password,Email)

VALUES(Request.form("Name"), Request.form("Address"), Request.form("Password"),

Request.form("Email"))

Servlets

Servlets are very fast Java applications on the server side which are available in an active form in the

memory of the server. They use JDBC to connect to the databases.

Server Side Scripts

They basically include ASP, JSP or PHP. Active Server Pages (ASP) is the product of Microsoft, Java Server

Pages (JSP) is the product of Sun Microsystems and Hypertext Preprocessor (PHP) is the product of

Apache Software Foundation. Their code can be embedded within the HTML document and they use

extensions (.asp), (.jsp) or (.php), as the case may be. The servers sees the extension of the file and processes

E-COMMERCE IT430

the relevant ASP, JSP or PHP code embedded within the HTML code and provides the result of such code

to the client side.

ODBC/JDBC

ODBC (Open database connectivity) and JDBC (Java based database connectivity) drivers are also present

on the server side. Scripts or programs use these to establish connection with databases for querying.

Basic difference between CGI scripts, ASPs, Servlets etc.

Here, you can note some basic difference between CGI scripts, servlets, ASP, JSP etc. We know that the

code we write is translated into an executable form. There are two ways to do this translation. One is that

we compile the code or convert it into machine language using a software called compiler, as we use in case

of C or C++. The other way is that we interpret the code (line by line) at the run time using a program

called interpreter. Browser is an interpreter. Compiled code is usually faster than the interpreted one as

regards execution. Technologies like ASP, PHP and Coldfusion interpret their code except the new version

of ASP (ASP.net) where the code is compiled. In case of JSP a program called JSP engine compiles the

code. This compilation takes place only once, and then the JSP page is converted into a Servlet. The

property of a servlet is that it is always in an active form which means that it remains in the server memory.

Therefore, any subsequent calls to the page have faster response time. This probably is the only main

difference between a JSP and a Servlet. Another difference between ASP and JSP is that ASP mostly uses

VBScript and JSP uses Java programming language for coding. Note that among the CGI scripts, Perl

scripts are interpreted and C++ scripts are compiled. However, CGI scripts are generally believed to be

relatively slow, since each CGI request generates a new process which is heavy for the system. Therefore,

CGI scripts are no longer a very popular option.

ASP

We can discuss ASP a little more in detail. It runs best on IIS (Internet Information Server) which is freely

available with Windows NT and Windows 2000. ASP engine is a piece of software that is a part of IIS and

interprets/translates an ASP code. There are mainly seven predefined objects in ASP called intrinsic objects.

To have some idea of the ASP objects, we can have a look at the two important ones, that is, request and

response objects. Response

object is used to send information to the client and Request object is used by the server to

retrieve information from the client.

ASP examples (not for exam)

Following is the example of Response object. We use its "write" function to write some

information on our web page. ASP normally uses VBScript as the scripting language. In

ASP, a variable is generally defined using Dim statement as shown in the code below.

ASP statements are contained within <% and %> which are called delimiters. VBScript by

default assumes that any symbol that is not a keyword is a variable. This might cause serious

problems when you are writing an ASP application. What if you mistype a variable name and

it will be considered by the server as a new variable. To avoid this you must write Option

Explicit at top of your each ASP file.

<%@ language=VBScript %>

<%option explicit%>

<%Dim lastname

Dim firstname

Dim myage

lastname="Ali"

firstname="Imran"

myage=30

E-COMMERCE IT430

<html>

<body>

My name is <%=firstname%> <%=lastname%> and my age is <%Response.Write

myage%>

</body>

</html>

Suppose that we want to collect data from a form (Fig. 4) using ASP and then resend a page

to the client having that information written on it. For that one can develop the following

ASP code. Note the use of "Request.form" for collecting data form the form.

<%@Language="VBSCRIPT"%>

<%option explicit%>

<%Dim loginname

Dim name

loginname=Request.Form("userlogin")

name=Request.Form("username")

<html>

<body>

My name is <%Response.Write name%> and I am going to use

<%Response.Write loginname%> as my login

</body>

</html>

Fig. 4

When a user clicks at Register! the information filled by him in the above two boxes would

be delivered to the ASP file whose code you have seen above. This would happen because

we keep the name or URL of the above ASP file as value of the action attribute in the form

tag.

VBScript offers a lot of flexibility for programming. We can use functions, If statements,

For loops etc. Consider the following example where a For loop has been used:

<%@Language="VBSCRIPT"%>

<%option explicit%>

<HTML>

<Body>

Test1

Dim myString="ecommerce"

E-COMMERCE IT430

<%If Time>=#12:00 AM# and Time<=#12:00 PM# then%>

<h3>Good Morning Pakistan</h3>

<%else%>

<h3>Hello Everyone <p>

Dim j

For j=1 to 3

Response.write mystring

response.write "<p>" Next %></h3> <% end if %> </Body> </HTML> Result of the above code

would be similar to the one shown in Fig. 5 below. Note that the words ecommerce are printed thrice due

to for loop written in a specified format in VBScript.

Fig. 5

Table of Contents: