Monday, 14 March 2011

Programming - Variables

In all programming languages there is some way to create a variable. All a variable is, is a memory location with a label like “name”. Therefore we can store a name like “Tom” in memory for use later. Later on, we could ever change this variable “name”, from “Tom” to “Sam” if we needed to by using this variable.
In PHP to create a variable you simply place a ‘$’ symbol before the variable name. Therefore to create a variable called “name” we would write:

<?php
   $name = "Tom";
?>

Variable name can not have space, but has to be a continues string of character using ‘a’-‘z’, ‘A’-‘Z’, ‘0’-‘9’ or the ‘-‘ character.

Examples:
Value variable names
Name, address, numberOfPages, size_of_page, Line1, Line_2, Line_99, the_6th_line

Invalided variable names
Number of pages, line#1, CostIn£

In the example above we create a variable called “name” and the set is to the value “Tom”. This is done using the special symbol ‘=’. This symbol is called the assignment operator, and we will use this operator a lot.

Finally, at the end of the line there is another special character, this is a semicolon ‘;’. The semicolon is used to tell the computer that this is the end of this command. The server then interprets and runs this command.

We can now create a variable for a name and send it to the client.

<?php
   $name = "Tom";

   echo "My name is $name";
?>

Variable in PHP cannot just hold strings of characters, but integers, doubles and Boolean values, e.g.

<?php
   $name = "Tom";
   $age = 21;
   $height = 1.65;
   $single = true;

   echo "My name is $name";
   echo "I am $age year old";
   echo "and $height m tall";
   echo "if you asked me if I was single I would say $single";
  
?>

When you run this script you will see that name, age and height are echoed as you might expect, but a Boolean value is either a ‘0’ or ‘1’.

Also note we did not have to tell the script what type each variable is. The act of assigning it value will determine what type it is.

This means that if you change is value type then the variable type will change also, e.g.

<?php
   $name = "Tom";
   echo "My name is $name";
   Sname = 21;
   echo "I am $name year old";
?>

In this example the variable “name” was initially a string holding the value “Tom”, but then in line 4 the variable “name” has become an integer. This was due to assigning the value 21 to the variable.

Programming - Introduction

In this blog we will be looking at how to create a server side script. As discussed earlier, there are a number of scripting languages available to us. Due to its simplicity and popularity within the industry we will be using PHP.

To create a PHP script you only need a text editor and an FTP client to copy your script up to your web server. This is where the script will run, and produce the output sent to the client machine.

Any editor will do, it is common on a windows system to use notepad, but I would recommend that you down load and use the editor “notepad-plus-plus” as this has some enhanced feature that will make writing scripts easier. If you are going to use notepad++ please remember to set the language to PHP.

In PHP the script code can be written within the HTML, but the page has to have the extension “.PHP” so that the server knows to process it before sending it to the client.

Therefore all PHP will be within the tag <?php ...?>

e.g.

<?php
     echo "Hello World";
?>

You can build HTML structures within you PHP. These structures can be dependent on external data, from databases, file, or ERP systems.

<?php
     echo "<table width='200' border='1'>";
     ...
     echo "</table>";
?>

As shown above scripts use inbult functions to tailer the outputed HTML for the client.

The purpose and uses of scripting

To understand the purpose of server side scripting, we are first going to clarify client side so the relationship and purpose is clear for both. As in any website there is a place for client side and server side scripting.

Client side
Client side scripting is used for two aspects of a webpage:

Enhancing interactivity: Creating a pop-up window to display information in a separate window from the Web page that triggered it. This is useful if the user requires to perform a simple calculation or consult a calendar for inputting dates.

This is achieved by embedding ActiveX controls or Java applets into the script.

Validating the content of fields: When filling in forms, each field, especially required fields denoted by an asterisk, are validated for correct input If the field is left blank or incorrect information entered then a user message will be generated and you may not continue.

Server side
Server side scripting involved the page being processed before it is sent to the client. Therefore this ability to change the page before sending it, give the server side scripting several functional possibility over client side scripting.

Access Control
This is the ability for the script to validate any page prior to sending to the client machine. It is possibility to tailor the client output so that, depending on the users role they would see a different web page.

So a sales assistant would see a different page to that of there supervisor. The login script would direct the sales assistant to one page and the supervisor to another.

Dynamic Content
This is the ability for the script to build the requested page from information stored and update elsewhere, typically a database.

This could be a list of arrival/departure times for today's aeroplanes at the local airport, or the current marks for a student.

All of these are the script reading a database and building the page from this information. As the database is updated so is the webpage.

E-commerce
With the ability of forms through HTML and dynamic content then we can purchase items.

Users can logon and create a list of item they would like to purchase, then with the use of secure HTTP, they can enter their payment details and purchase there desired items.

Web server scripting disadvantages

Running scripts on a server machins has disadvantages as well. Here are a few to consider.

1. Reduced performance
If code was compiled and deployed onto the server, then the application would be in the native code of that platform. This would enhance the performance of the required task. Which means a lower powered server is required or more clients could be services by the same hardware.

Hence scripts require a more powerful server and/or more servers. making it more expensive.

2. Complex debugging
Since scripts use simple API’s and normally a simple edits, then debugging can be difficult. With these simple development system the only way to test a script is on the server, which means that when things go wrong they go wrong on the server and there is normally very little feedback to the developer of what went wrong.

As web development becomes more complex development frameworks, with integrated debugging systems and embedded slim down servers will improve web development.

3. Exploited by Hackers
Scripts can be used by hackers to gain access to the server. Because the scripts respond to URL input, changing the URL and its data packets, to something that exploits a security hole can give the user, access to the server, sometimes even as the root account. To combat such attacks, the system administrators should keep the server OS and scripting API’s up to date and also use an application firewall.

Friday, 11 March 2011

Web server scripting advantages

Web server scripting advantage
Server side scripting using simple interpreted scripts have several advantages over compiled high level languages.

These include:
1. Easy for users
Because the processing of the page is done on the server side, the client is not required to support client side scripting, hence plugins like java and flash may not be required. Hence a wider audience can be reached

2. Easy for client machines
Due to replacing client side scripting with server side scripting the file size may be smaller and hence the load time maybe quicker, this depends on the processing time at the server end. So generally if the server is faster then there is a less load on the client computer and hence older client machine will function better and a greater audience will be reached.

3. More secure
By pre-processing the web page the client only sees the output, the HTML. All processing scripts are hidden from the client.

4. Simple for programmers
Scripts give a simple interface for programmers to use and the complicated API pluming is hidden in the scripting functions. Thus making these scripts:
easy to learn and use
minimum programming knowledge or experience required
allow complex tasks to be performed in relatively few steps

5. Ease of Development
  Due to development is simpler, generally only an editor and an FTP application creation is quick and easy, normally ant editor will do. If an error occurs just edit the file, upload and the job is complete, therefore:
editing and deploying code is fast.
allow simple creation and editing in a variety of text editors

Wednesday, 9 March 2011

Web server scripting languages

Perl
Perl was developed by Larry Wall in 1987. Perl is a general purpose scripting language that was found to be very useful for web page scripting. Perl was developed for Unix, but is now available on most platforms. File written in Perl have either a ‘.pl’ or a ‘.cgi’ extension.

Perl is based on a number of other programming languages notable c, and shell scripts, these show it roots in Unix.
PHP
PHP Hypertest Processpe (PHP), formally known as Personal Home Page (PHP) was developed by Rasmus Lerdorf in 1995 and was based on Perl scripting . PHP is now developed by the PHP Group. PHP is a application that interpreters a web file before being sent to the client. Is application is available for most server platforms and has become a recognised standard in web page production. These files have the extension PHP.

ASP
Active Server Pages (ASP) was developed by Microsoft as there preferred scripting language for their Window NT server and Internet Information Service (IIS) application in 1998.

With the development of the .NET framework, ASP.NET was introduced resolving some of the reliability and speed issues with ASP.

These scripts have the extension of .asp or .aspx for ASP.NET scripts.
ASP is based on Microsoft’s VB script, but in ASP.net you can develop in C# or VB and have option to develop in two models Web Forms or  MVC .

JSP
Java Server Pages (JSP) was developed by Sun Microsystems in 1999 as a alternative to Asp and PHP.

Based on the java language JSP uses specialised java classes, called servlets to interface with the server. Which is ran using the java runtime. This enables any server platform to run JSP assuming the runtime is installed.

Cold Fusion
Cold fusion is a development environment for web page production and has its associated cold fusion mark-up language (CFML). CFML was developed by Adobe in 1995. CFML is similar in function to the previous scripting language, but it is based on tag like XML and HTML. CFML file have the extension ‘.cfm’.

Tuesday, 8 March 2011

Server side v client side (continued)

Client side scripting
At present there are a number of client side technologies, such as JavaScript, CSS, flash movies, Java applets, and others that improve the interactivity of the webpage for the client. These technologies primarily improve the three area of presentation, navigation, and validation. All of these technologies send additional informal with the webpage, which is processed by the client computer, and does not rely on the server. 

In other words, without these technologies every interaction with the user would need to be sent to the server. The server would need to determine the response and that response would then have to be sent to the client. This is a long and timely process. Users would get frustrated with and the server is doing a lot of work. A more powerful server means a more expensive server. Therefore it is better for the client and server that these tasks are done at the client side.

Client side technologies enable the web designer to add interactivity to there web page, but what happens when the page needs totally different data, i.e. the products have changed, or a different type of user (Manager not a shopper). In both of these case the web developer would not would to sent the same static web page, but link it to a database or dynamically chose a second version of that page. This can only be done by server scripts.

Server side Scripting
Is the ability of the server to process the requested page before it is sent to the client. This means that the sever can decide when parts of the webpage are sent. It can retrieve data from a database and build this into the webpage. It can detect which browser is being used by the client and customise its webpage appropriately. All these thing and more can be done using a variety of programming languages/scripts.

Common Gateway Interface
With the demand for WebPages to be connected to databases, files and directories, there was a lot of development in the area. What resulted was a standard how a web server could request these activity from a script/language. Thus the common gateway interface (CGI) was born. CGI is a set of standards that defines how a web server can interface with an application program. This interface allows data to be transferred between both parties.

Application Program
This is a program sitting on a server that has been written to do a specific job, like check login credentials (username & password). This checking could be hard codes, held in a file, or read from a database. It dose not matter.
These programs can be written in a number of languages C/C++, Java or scripts such as ASP, Perl, PHP, and Clod Fusion Markup Language.
We will consider some of the script languages in further posts.