Web programming II

Introduction to Server Side Programming

Overview
Internet and Web
Client/Server Programming on the Web
Server-side programming and Applications
Server-Side includes.
3
Origins of Internet
US Department of Defense (DoD) wanted a new large-scale
computer network in 1960s.

Purpose : Communications, file sharing, email and remote
computer access for researchers working on defense related
contracts. Network should be robust.

ARPAnet not available for educational institutions.

BITNET and CSNET developed for email facilities. NSFnet was
created in 1986 connected five supercomputer centres at five
universities. Available to all academicians & institutions.

4
Internet
Huge collection of DIVERSE DEVICES connected in a
communications network.

Single low-level protocol TCP/IP. It allows all devices
connected to the Internet to appear exactly the same.

Instead of connected every device to Internet, create a
local network in the organization and connect one of
the nodes to Internet. Thus Internet is network of
networks rather than a network of computers.

5
Internet Protocol Addresses
Internet nodes
for People identified by names and
for Computers identified by numeric
addresses.

IP addresses(32-bits) are four 8-bit digits
separated by dot operator.

IPv6 expanded to 128 bits.
6
Domain Names
Difficult for people to remember numbers of
machines on the Internet so textual names used
instead.

Begins with host machine followed by
progressively larger enclosing collection of
machines called domains. Called as
.

: collection of machines on the
Internet for converting fully qualified domain name
to an IP address.
7
Domain Name Service (DNS)
8
Protocols that run on top of TCP/IP
To support a variety of Internet uses.
: to allow a user on one computer to
log on to and use another computer.
: to
transfer files among computers on the
Internet.
: to serve as an electronic bulletin
board.
: to allow users on other computers
on the Internet.
9
Restricted the growth of Internet as :
Each had their own user interface
Useful for only the intended purpose it was
designed.
Users were required to learn all different
interfaces to gain entire advantage of the
Internet.

10
WWW or Web
New protocol for the Internet and also a system of document
access.

Designed to allow a user anywhere on the Internet to search
for and retrieve documents from databases on any number of
different document-serving computers.

: links for nonsequential browsing.

: nontextual information.

Vast document access through Web Browsers provided by
Web Servers.
11

: collection of computers and
other devices connected by equipment that
allows to communicate with each other.

: collection of software and protocols
that has been installed on most, if not all, of
the computers on the Internet.
Overview
Internet and Web
Client /Server Programming on Web
Server side programming and Applications
Server-side Includes
13
Web Browsers
Web and many other systems operate in client/server
configuration.

Programs running on client machine (Browsers) where
documents provided by servers on the web are requested.

Web supports a variety of protocols, the most common is
Hyper Text Transfer Protocol (HTTP).

Examples : Microsoft Internet Explorer, Firefox, Netscape
Navigator, Apples Safari, Opera.
14
Web Servers
They act by providing documents to browsers only if request made by browsers running on other
computers on the Internet.

Apache, Internet Information Server (IIS).

Web browsers initiate network communications with servers by sending them URLs.

Primary Task : to monitor a communications port on its host machine, accept HTTP commands
through the port, and perform the operations specified by the commands.

File structure : document root and server root.

Virtual Hosts : Support more than one site on a computer.

Proxy Servers : serve documents that are in the document root of other machines on the Web.

All Web Servers interact with database systems through Common Gateway Interface (CGI)
programs and server-side scripts.
15
Client/Server Architecture
Numerous applications run in a client/server environment, this means
that client computers (computers forming part of the network) contact
a server, generally a very powerful computer in terms of input/output,
which provides services to the client computers. These services are
programmes which provide data such as the time, files, a connection,
etc.

The services are used by programs client programs which run on
client computers. Designed to run on a client computer, capable of
processing data received from a server (in the case of the FTP client
we are dealing with files whereas for the email client we deal with
email).
16
Client/Server system operation
The client sends a request to the
server using its IP address and
the port, which is reserved for a
particular service running on the
server.

The server receives the request
and responds using the client IP
address and port.
17
Advantages of Client/Server Model
Centralised resources: given that the server is the centre of the network, it can
manage resources that are common to all users, for example: a central
database would be used to avoid problems caused by redundant and
inconsistent data.

Improved security: as the number of entry points giving access to data is not
so important.

Server level administration: as clients do not play a major role in this model,
they require less administration.

Scalable network: thanks to this architecture it is possible to remove or add
clients without affecting the operation of the network and without the need for
major modification.
18
Disadvantages of Client/Server
Model
Increased cost: due to the technical complexity of the server.

A weak link: the server is the only weak link in the client/server
network, given that the entire network is built around it!
Fortunately, the server is highly fault tolerant (primarily thanks to
the RAID system).
19
Anatomy of a Web Application
20
Web Server handling request for Web content
Each time you enter a Web address into your browsers address field and press Enter, the web
browser sends an HTTP request for a file over the Internet to the Web server.
After it receives the HTTP request for a file, the web server retrieves the requested file and sends
the Web page to the Web browser.
The Web browser analyses the Web page file to determine if there are any inserted files (such
graphics, animations, sounds, and so on) that the browser needs from the Web server.
The Web browser sends multiple HTTP requests (one for each file the browser needs) to the Web
server.
As the Web server receives the HTTP requests for files, the server finds each file and sends the
files (one file per HTTP request) to the Web browser.
The Web browser takes the original Web page files, follows the instructions given by the HTML
tags in the file to combine the Web page and the inserted file contents into a Web document the
browser displays onscreen.
21
2 Tier Architecture
2-tier architecture is used to
describe client/server systems
where the client requests
resources and the server
responds directly to the
request, using its own
resources.

The server does not call on
another application in order to
provide part of the service.
21
22
3 Tier Architecture
In 3-tier architecture, there is an
intermediary level, meaning the
architecture is generally split up
between:
A client, i.e. the computer, which
requests the resources, equipped
with a user interface (usually a
web browser) for presentation
purposes
The application server (also called
middleware), whose task it is to
provide the requested resources,
but by calling on another server
The data server, which provides
the application server with the
data it requires

22
23
Comparing 2 & 3 Tier
Architectures
2-tier architecture is a client-server architecture where the server
is versatile, i.e. it is capable of directly responding to all of the
client's resource requests.

In 3-tier architecture however, the server-level applications are
remote from one another, i.e. each server is specialized with a
certain task (for example: web server/database server).
3-tier architecture provides:
A greater degree of flexibility
Increased security, as security can be defined for each service, and at each
level
Increased performance, as tasks are shared between servers
23
24
Multi Tier Architecture
In 3-tier architecture, each server
(tier 2 and 3) performs a
specialized task (a service).

A server can therefore use
services from other servers in
order to provide its own service.

As a result, 3-tier architecture is
potentially an n-tiered architecture
24
Client-side programming
Overview
Internet and Web
Client/Server Programming on web
Server-side programming and Applications
Server Side Includes
Server-side programming
May be useful to send data back to
server, and run a program there.
Program might store user details in
database or file, or do some
calculation and return result to user.
A number of technologies available:
Servlets, JSP, CGI, ASP, PHP.
Server-side Programming
Server side programming
Short history
CGI separate programs launched by web server
They produce an HTML document as output
They receive arguments as input
Strong isolation, bad performance
Programs embedded inside web page (php, ASP, JSP)
Program executed inside web server process
Separate code-behind file for the code (ASP.NET)
What are dynamic pages used for?
Personalizing based on user identity
Interacting with databases (e.g. on-line banking)
Web applications (e.g. web based email)
Separate database keeps persistent data
Server-side Vs Client-side
Common server side application
32
The Evolution to the Object Web
On the Client
JavaScript, ActiveX Controls, Java Applets
On the Server
Perl, C, Unix Shell, Java Servlets, Active Server Pages
(ASP), Coldfusion, Hypertext Preprocessor (PHP), Java
Server Pages (JSP), XML Server Pages (XSP), and other
proprietary languages (e.g., Lotus Dominos scripting
language).
Client-Side versus Server-Side Programming:
33
The Evolution to the Object Web
Static Web Pages =
HTML

Web Pages with CGI scripts =
HTML + Programming Language X (e.g., Perl or C)

Dynamic HTML =
XML + CSS + Programming Language X (e.g., JavaScript) + DOM

Database-Driven Web Pages =
HTML + Programming Language X + ODBC/JDBC

Web Services =
Java-Based Initiatives: XML + SOAP + WSDL + UDDI + Java + J2EE
Microsofts .Net = XML + SOAP + WSDL + UDDI + C# + .NET
Overview
Internet and Web
Client/Server Programming on Web
Server-side programming and Applications
Server Side Includes
Server Side Includes (SSI)
SSI (Server Side Includes) are directives that
are placed in HTML pages, and evaluated on
the server while the pages are being served.
They let you add dynamically generated
content to an existing HTML page, without
having to serve the entire page via a CGI
program, or other dynamic technology.

Server Side Includes (SSI)
The decision of when to use SSI, and when to
have your page entirely generated by some
program, is usually a matter of how much of
the page is static, and how much needs to be
recalculated every time the page is served.
SSI is a great way to add small pieces of
information, such as the current time. But if a
majority of your page is being generated at
the time that it is served, you need to look for
some other solution.

37
Server-Side Includes (SSI)
Configuring server to permit SSI
To permit SSI on your server, you must have mod_include installed and enabled.
Additionally, you must have the following directive either in your httpd.conf file, or in a
.htaccess file:
Options +Includes
This tells server that you want to permit files to be parsed for SSI directives. Note that
most configurations contain multiple Options directives that can override each other.
You will probably need to apply the Options to the specific directory where you want
SSI enabled in order to assure that it gets evaluated last.
Not just any file is parsed for SSI directives. You have to tell server which files should
be parsed. There are two ways to do this. You can tell server to parse any file with a
particular file extension, such as .shtml, with the following directives:
AddType text/html .shtml
AddHandler server-parsed .shtml


38
Server-Side Includes (SSI)
Syntax of SSI Commands
The document is parsed as an HTML document, with special commands embedded as
SGML comments. A command has the syntax:
<!--#element attribute=value attribute=value ... -->
It is formatted like an HTML comment, so if you don't have SSI correctly enabled, the
browser will ignore it, but it will still be visible in the HTML source.
If you have SSI correctly configured, the directive will be replaced with its results.
The value will often be enclosed in double quotes; many commands only allow a single
attribute-value pair. Note that the comment terminator (-->) should be preceded by
whitespace to ensure that it isn't considered part of an SSI token. Note that the leading
<!--# is one token and may not contain any whitespaces.
The element can be one of a number of things, and we'll talk some more about most of
these in the next installment of this series. For now, here are some examples of what
you can do with SSI


39
Server-Side Includes (SSI)
Parsed HTML.

Short directives embedded in an HTML document to indicate files to be read and
included in the final output.

To indicate to the server that the page contains SSI commands, use the .shtml
extension.

Eg : If a copyright message has to be attached to all web pages dynamically, then
create a file called footer.html and then include it dynamically in all the other web pages
by adding HTML comment with a command include in all the web pages.
<!--#include file=footer.html ->

Disadvantages : Security (it might be possible to insert a command to launch a remote
session) and Performance (All SSI files have to be parsed, they can cause a
performance hit).
40
Questions?