Server-Side Scripting

Previous page
Table of content
Next page
 <  Day Day Up  >  

CGI and server modules can be complex; however, adding interactivity to a site does not always have to be difficult. Another form of server-based programming, generically termed server-side scripting , provides much of the sophistication of general CGI with the ease of HTML. The idea of server-side scripts is simple. First, create a page using standard HTML or XHTML. Then, add special new elements or code directives to indicate what to do in particular cases. For example, imagine if you wanted to print out different markup for Netscape users, Microsoft Internet Explorer, and other browser users. You could add some logic to your HTML/XHTML document like this: 

 $if browser = Netscape  <blink>  Hey Netscape User!  </blink>  $else if browser = IE  <marquee>  Hello Microsoft User!  </marquee>  $else  <h1>  Hello User!  </h1>  $endif

To indicate that the file includes a server-side script that needs to be executed before delivery, you would name it with some special extension indicating the type of language (for example, .php, .cfm, .asp). Finally, when the user requests the page, the server will then parse the page and output only the appropriate markup depending on the particular browser being used. This, of course, is a completely fictitious server-side scripting language but it serves to illustrate how all of them fundamentally work. An overview of server-parsed script solutions is shown in Figure 13-4.

click to expand
Figure 13-4: Overview of parsed HTML solutions

Although server-side scripts are very easy for people to deal with, they can put a significant load on the server and might be unnecessarily parsed over and over again. The next few sections describe a few common parsed HTML technologies used on the Web: server-side includes (SSI), PHP, ColdFusion, and Active Server Pages (ASP).

Server-Side Includes (SSI)

Server-side includes (SSI) are the simplest form of parsed HTML. SSIs are short directives you can embed in an HTML document to indicate files to be read and included in the final output. This might be useful if the designer wants to make one file with footer information, such as an address and copyright, and then append it to all pages dynamically. To do this, create a file called footer.html and then include it dynamically using SSI. The contents of footer.html might look something like this: 

  <hr noshade="noshade" />   <div align="center">   <font size="-1">  Copyright 2003, Demo Company Inc.  <br />   </font>   </div>

To include this file in another file, you would need an SSI directive like this: 

  <!--#include file="footer.html" -->

Notice that this is just a special form of an HTML comment with a command #include and a parameter file, which is set to the file you want to include. To indicate to the server that the page contains SSI commands, use the .shtml extension. If the server is properly configured, it should pick up the file and execute it before sending the result. Aside from including external files, SSI also can be used to show the results of programs, including CGI programs. Thus, it can provide a way to query databases and make a page counter, among other things.

While SSI looks appealing, it has two potential problems: security and performance. The security problem results from SSI's capability to easily execute a program on the server. With this feature, security breaches are possible. For example, it might be possible to insert a command to launch a remote session. Even if security isn't a big issue, depending on how SSI and the Web server are configured, the executing command could have a great deal of permissions and be able to remove values. Web administrators are advised to limit use of scripting with SSI.

The other problem with SSI, performance, is typical of any server-parsed scripting solution. Because all SSI files have to be parsed, they can cause a performance hit. If a site has serious performance requirements, SSI-driven pages might be inappropriate. Fortunately, it is possible to limit its uses by having only certain files, for example those ending in .shtml, parsed by the server. When used in a limited fashion, SSI can provide powerful features that are within the technical ability of any HTML writer. However, SSI is limited in what it can do. Page designers might find other server-side scripting solutions, such as PHP, ColdFusion, or ASP, more appropriate.

Tip  

Nearly every Web server should have SSI capability directly, but it is often not enabled by default. For more information on enabling SSI, see your Web server software's documentation.


 <  Day Day Up  >  

Previous page
Table of content
Next page
HTML & XHTML
HTML & XHTML: The Complete Reference (Osborne Complete Reference Series)
ISBN: 007222942X
EAN: 2147483647
Year: 2003
Pages: 252
Authors: Thomas Powell
BUY ON AMAZON
A+ Fast Pass
WebLogic: The Definitive Guide
Network Security Architectures
Postfix: The Definitive Guide
File System Forensic Analysis
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy