department of computer science 1 web/database integration with active server pages 17 may 2000 seree...
TRANSCRIPT
Department of Computer Science 1
Web/Database Integration with Active Server Pages
• 17 May 2000• Seree Chinodom• Computer Science Department
Department of Computer Science 2
Aim of Course
• Provide Introduction to Active Server Pages technology.
• Demonstrate how to produce interactive Web Pages.
• Demonstrate how to develop Web-based interfaces to databases.
Department of Computer Science 3
Course Structure
• Slides and example code.• “Hands-on” development of applications using
example databases.
Department of Computer Science 4
ASP can be used to
• Develop interactive Web applications• Process HTML forms• Interface with databases
– Search– Add records– Modify records– Delete records
Department of Computer Science 5
What is an Active Server Page?
• Text file containing– Scripting language and– standard HTML
• Resides on Web server• Processed by Web server when called by
browser.
Department of Computer Science 6
An ASP contains...
• 1. Scripting language code– Default is VBScript– can use Jscript, Perl
• 2. HTML• VBScript contained in <% %>• Browser sees only HTML
– Server side scripting– Browser independent
Department of Computer Science 7
What do we need to run ASP?
• Web server– Microsoft NT running IIS version 3 or later– Windows 95 running PWS– Other platforms?
• ASP is a component of the Web Server• Server configuration
– Directory containing ASPs must have Execute rights.
Department of Computer Science 8
Why use Active Server Pages?
• Easy to develop applications• No extra software required• Powerful and flexible• Browser independent
• Why Not use ASP?– Runs only on Microsoft platforms– Requires programming skills
Department of Computer Science 9
Running an Active Server Page
• Make sure file is in an “executable” directory• Enter URL of ASP in browser e.g.
– http://nt2.ec.man.ac.uk/course/example.asp
• Only difference from static Web pages– Active server page has extension .asp
Department of Computer Science 10
VBScript
• Subset of Visual Basic• Has all the standard constructs
– Decisions, Looping, Arrays,Functions
• Scripting language NOT a programming language– variables need not be declared.
• Online help– Roadmap.– Contains full VBScript reference.
Department of Computer Science 11
Variables
• Assigned in standard wayX=24
• One data type - variant - handles all.• Therefore the following is valid
X=24
x=“Some words”
Department of Computer Science 12
Outputting Variable Values
• <% = variable_name%>
<%
…
veg=“potato”
…
%>
The value of veg is <B><%=veg%><B>
The value of veg is potato
Department of Computer Science 13
Operators
• Arithmetic+ add
- subtract
* multiply
/ divide
^ exponent
• LogicalAND NOT OR
• String ConcatenationMyName = surname & “, ” & forenames
Department of Computer Science 14
Commenting Code
‘ This is a comment
REM so is this
REMEMBER
always comment your code!
Department of Computer Science 15
Decisions• If…Then
<% If X<0 Then
%>
<B>Negative Number</B>
<%
End If
%>
• If..Then…Else• If…Then…ElseIf
Department of Computer Science 16
Do...While Loop
• Allows us to repeat statements
X=10
Do While X > 0
%>
<B><%=X%></B><BR>
<%
X = X - 1
Loop
Department of Computer Science 17
For…Next Loop
<%
FOR I = 1 TO 5
%>
<B><%=I%></B><BR>
<%
NEXT
%>
Department of Computer Science 18
Built-in Functions• Functions take argument(s) and return a
valueMyWord="potato"
X=Len(MyWord)
MyWord is argument Len is function
• Functions for– string manipulation– mathematics – date and time– see Language Reference > Functions
Department of Computer Science 19
User Created Procedures - Sub
• Subs take arguments but do not return values
Sub do_string(MyString)
%>
The original string:<% =MyString %><BR>
The uppercased string:<% =Ucase(MyString)%><BR>
Number of Characters:<% =Len(MyString) %><BR>
<%
End Sub
Call do_string("Now is the winter of our discontent")
do_string "Now is the winter of our discontent”
Department of Computer Science 20
User Created Procedures - Function
• Functions take arguments and can return values.
Function Convert(Faren) Convert = (Faren - 32) * 5 / 9
End Function
• To use it
Temp = Convert(212)
Department of Computer Science 21
Arrays - defining
• So far we have dealt with scalar variables.– a scalar variable stores one piece of data
• An array is a variable which contains one or more pieces of data
• Arrays are made up of elements– each element stores one piece of data
• Must Declare arrays– DIM MyArray(20)– MyArray can have up to 21 elements
Department of Computer Science 22
Arrays - using
• To add elements to an Array
MyArray(0)=3
MyArray(4)=“Hello”
• To reference
<%=MyArray(4)%>
Department of Computer Science 23
Reading and Writing Files
• Can use VBScript to read from and write to text files.
• Note that the Web server use rname will need to have appropriate file system permissions.
Department of Computer Science 24
Including Files
• Can use include files in VBScript– Useful for Footers, Headers, Functions
<!--#INCLUDE FILE="header.inc"-->
• The code in header.inc will be placed in our ASP when executed.
• Need to include the relative path of the include file.
Department of Computer Science 25
HTML Forms
• Needed for user interaction.• Can be static Web page or generated by
Active Server Page.• Latter allows more flexibility.
Department of Computer Science 26
Defining a Form<FORM METHOD=“POST | GET”
ACTION=“path_of_Active_Server_Page”>
Form controls
</FORM>
• Method parameter specifies how the form data is sent to the server. Can use GET or POST.
• Action parameter specifies name and location of the ASP which will process the form data.
Department of Computer Science 27
Form Controls
• Forms are populated with controls– Text boxes, drop-down menus, radio buttons
• Each control will have a name (as specified in the HTML) and a value (entered by the user)
• The name and value of each control is bundled and sent to the server to be processed by the ASP.
• Data is sent in a Query Stringsurname=smith&forenames=David+John&gender=1
• e.g. Form.html
Department of Computer Science 28
Text Box Control
• HTML for a text box:
<INPUT TYPE="TEXT | PASSWORD”
NAME="name_of_control”
[VALUE="default_text"]
[SIZE="width_in_characters"]
MAXLENGTH="width_in_characters"] >
<INPUT TYPE="TEXT" NAME="surname” MAXLENGTH="30">
Department of Computer Science 29
Radio Button
• HTML for a radio button<INPUT TYPE=“RADIO”
NAME=“name_of_control”
VALUE=“value” [CHECKED]>
• Usually grouped<INPUT TYPE="RADIO" NAME="pay_by" VALUE="VISA">
Visa<BR>
<INPUT TYPE="RADIO" NAME="pay_by" VALUE="ACCESS"> Access<BR>
• Query string will bepay_by=VISA or pay_by=ACCESS
Department of Computer Science 30
Hidden Controls
• HTML for a Hidden control
<INPUT TYPE=“HIDDEN” NAME=“name_of_control” VALUE="value">
• Does not appear on form.• Value can’t be changed by user.• Useful for passing values in a chain of ASPs.
Department of Computer Science 31
Sending Form Data
• Submit Button
<INPUT TYPE="SUBMIT"
[NAME="name_of_control"]
[VALUE="button_text"]>
• On clicking the submit button data is sent to server
• Option name parameter allows use of multiple submit buttons.
Department of Computer Science 32
Processing the Form Data
• The VBScript Request Object– allows access to
• Query String data• Server Variables
• Query String DataRequest("control_name")
<% =Request("surname") %>– returns value of the surname control– e.g. Personal.html
Department of Computer Science 33
Server Variables
• Can also be accessed via Request objectRequest.Server_Variable(“variable_name”)
• Can return some useful information– Client IP address– Browser type– e.g. form.html
• See documentation for full list (browser dependent)– Object Reference > Request Object
Department of Computer Science 34
HTML Form Examples
• Processing form data– Example age.html calls age.asp
• Self Calling ASP– newage.asp– useful for validation– compact
Department of Computer Science 35
The Session Object
• Web stateless– one-off transaction– but applications need to keep user-entered data
• Can use Hidden fields or more usefully Session Object
• Session Object - Server stores session variable values.
Department of Computer Science 36
Structured Query Language (SQL)
• Used by ASP to query database• Standard database querying language• Four main SQL commands
– SELECT– INSERT– UPDATE– DELETE
Department of Computer Science 37
SQL - SELECTSELECT surname,email FROM students
• Returns surname and email of all students
SELECT surname FROM students WHERE degree_code=‘6500’
• Returns surname of all students who have a degree code of 6500
SELECT * FROM students WHERE degree_code='6500' OR surname='Faye’
• Returns all details of students who have a degree code of 6500 or surname of Faye.
Department of Computer Science 38
SQL - SELECT 2
SELECT * FROM students WHERE forename LIKE ‘sa*’
• Returns all details of students who have a forename starting sa
• using LIKE ‘*sa*’ would return students having the characters sa anywhere within their forename.
Department of Computer Science 39
SQL - INSERT
• Used to add records to a table
INSERT INTO students (reg_number,surname,forename,degree_code)
VALUES (979924,'Blair','Tony','6500')
• Text data needs to be enclosed in single quotes.
Department of Computer Science 40
SQL - UPDATE
• The UPDATE statement allows us to modify existing records in a table.
UPDATE students SET forename="Peter" WHERE reg_number=981234
• changes the forename of the specified student.
Department of Computer Science 41
SQL - DELETE• Allows us to delete records from a table
DELETE FROM students WHERE degree_code='2550’
• Deletes all students who have a degree code of 2550.
• Generating SQL– SQL can get complex– Use MS-Access Query tool to generate SQL and
paste this into your VBScript.
Department of Computer Science 42
ODBC• Object Database Connectivity• ASP does not talk directly to the database but via
ODBC.• Standard interface between applications and
databases. • ODBC driver required for each database package.• Need to register database within ODBC with a Data
Source Name (DSN)• ASP uses the DSN to reference the database.• Type of database and its location is invisible to ASP.
Department of Computer Science 43
Connecting to a database
• Create ODBC entry for database• In VBScript
– Create instance of database component.– Open a connection to the database.– Create an instance of the Recordset.– Execute the SQL statement and store the result.
• Example– simpledb.asp
Department of Computer Science 44
Accessing a RecordsetDo While Not RSlist.EOF
%>
<%=RSlist("Title")%>, <%=RSlist("Artist")%><BR>
<%
RSlist.Movenext
Loop
%>• The EOF (end of file) property of the recordset is True when the
last record has been passed.• We reference a field in the recordset by
– recordset_name(“field_name”)
• The Movenext method moves the pointer to the next record in the recordset.
• The Recordcount property returns the number of records.
Department of Computer Science 45
Using Forms to Query Databases
• Using a text box with a WHERE clause– artist.html calls artist.asp
• Using Radio buttons with a WHERE clause– format.html calls format.asp
• Populating Controls– subject.asp calls list.asp
• Drill-down– newsubject.asp calls newlist.asp calls
bookdetails.asp
Department of Computer Science 46
Adding Records
• Adding Records– addcds.html calls addcds.asp
• Error Handling– Need to provide helpful error messages– erroradd.html and erroradd.asp
• Validating Data– preventing errors occurring– checkadd.html and checkadd.asp– quote.html and quote.asp
Department of Computer Science 47
Deleting and Updating Records
• Deleting Records– Use SQL DELETE command– deletecd.asp calls deleteme.asp
• Updating Records– Use SQL UPDATE command– listmod.asp calls changeme.asp calls update.asp
Department of Computer Science 48
Summary
• What we’ve covered– Creating and running ASPs– Using HTML forms with ASPs– Interfacing with databases - searching and
modifying
• What we’ve not covered– security– efficiency