(for the full article, send me an email)
AUST-CS
Nohad Gh. Sleiman
26/01/2003
WHY ASP?
Server-side programming used to be pretty difficult. Making something work via CGI required some knowledge of arcane programming languages like Perl or C, it was inefficient. Each time someone hit a CGI script, a new process was created on the server; if your script was written in an interpreted language like Perl, the server had to start up another Perl interpreter, taking up processing time and memory. The situation got even difficult when it lived on a site that was getting a few thousand hits a day.
Also, you couldn’t program in any of the nifty development interfaces, like Visual Basic or Visual C++ or Visual Anything. You were limited to watching it crash and burn, then checking out the server logs. This experience was good practice for catching stupid syntax errors.
Microsoft attempted to change all this when they introduced Active Server Pages. ASPs are server-generated pages which can call other programs to do things like accessing database, serve different pages to different browsers – basically, anything we used to do with CGI. ASP is almost as efficient as writing code directly to the server’s application program interface, and it’s a lot more efficient than CGI because it runs as a service and can take advantage of multithreaded architectures.
ASP evolved into an “open technology framework,” meaning you didn’t have to use Microsoft products to create code in it, though that’s still the best way to go, honestly. Nowadays, you can create ASP pages using whatever language you want, but VBScript is still the most common choice. It seems likely that more people will choose to use ASP because all of those MS developer tools are actually pretty good and written to save you time. ASPs can also take advantage of COM and DCOM (Component Object Model and Distributed Component Object Model) objects with minimum effort.
Essentially, ASP is a server-side scripting technology. This means it allows for both HTML and a scripting language to be interspersed in a Web page. The scripting language might access the file system or registry or a database, and will generate HTML code ‘on the fly’ to make Web sites dynamic and user-specific.
HTML While you can create a form with HTML, you cannot process it using just HTML.
JAVASCRIPT JavaScript processes the form within the browser itself. It cannot do any interaction with non-browser objects, such as writing the data to a file.
CGI CGI opens a connection with another program on the Web server. The form data can be manipulated in any way that you can write a program to handle. But the server has to maintain both the connection and run the program itself.
ASP ASP allows the server to do the work of processing the form. The ASP directives are included in the .asp file itself.
WHY VBScript?
Firstly, ASP is a scripting technology. This means you have the power of a programming language to make your sites as dynamic and featured as you wish. Note that ASP is actually language-independent. Two of the most common scripting languages are supported right out of the box – namely VBScript and Jscript (related to but not the same as JavaScript). Support for other scripting languages, such as Perl, is also available.
Whatever scripting language you use, you can simply enclose script statements in special delimiters for ASP. VBScript, however, is the more common language, partly because it has a simpler syntax to learn, but also because VB is just so ubiquitous in the Microsoft world. Using VBScript on the server in an ASP page really isn’t very different from using VB in applications, or VBA in Microsoft Office, or VBScript on ordinary Web pages as a client-side technology.
Nearly all VBScript commands are available for use with ASP except for those that interact with the user. Imagine the dilemma caused by a VBScript command to display a message box on the server. This would require someone to notice and dismiss it on the server before the system could proceed. Instead, the scripting language must interact with the user through HTML and the http protocol.
Scripting languages are great for creating applications quickly. Server-side and client-side scripting can be combined to quickly make a dynamic application with the user interface (client-side) and business logic (server-side) partitioned.
Built-In and Installable Objects
Most of the functionality you can build into an ASP page comes from objects on the server. IIS 4.0 comes with six important built-in objects, as well as a number of installable objects. You can create your own objects by building new server-side ActiveX components.
The six built-in objects enable your pages to communicate effectively with the server, the application, the current session, and the user:
• Request object – gets information from the user. You can get FORM data, read cookies, and so forth.
• Response object – sends information to the user. You can send text to the page, redirect to another URL, and set cookies.
• Server object – interacts with the server. You can create objects, access a database, read files, and find out about the capabilities of the browser.
• Session object – enables you to manage information about the current session.
• Application object – will store information for all sessions.
• ObjectContext object – used for committing and aborting transactions (new in IIS 4.0)
The built-in objects are used just like any other object in a script; by accessing properties, methods, and events. For example, the general format for using the Request object looks like this:
Request[.Collection](variable)
Here is the Request object in action, being used to write a form field’s value on a Web page:
The value of ’strFirstName’ is
This code requires that we first had a HTML form with an input field called strFirstName.
The collections that are available for the Request object are:
• ClientCertificate – the values of fields stored in the client certificate that is sent in the HTTP request
• Cookies – the values of cookies sent in the HTTP request
• Form – the values of form elements in the HTTP request body
• QueryString – the values of variables in the HTTP query string
• ServerVariables – the values of predetermined environment variables
IIS 4.0 comes with a variety of installable objects, and you can also use your own custom objects on the server side. The installable objects include:
• Ad Rotator – rotates advertisements displayed on a page using a schedule
• Database Access – provides access to databases using ADO (Active Data Objects)
• File Access – provides access to the file system
Collaboration Data Objects – provides the ability to send and receive messages from your Web page
ASP SYNTAX :
An Active Server Page is an HTML file with some additional code in it, separated from the HTML markup by a different delimiter:
Here’s an example page:
If you save this file as .asp and put it on an ASP-ready server, you’ll see the “Hello, world!” in the page above. If you don’t, you shouldn’t see anything.
The important thing to note is that the server will assume that anything between the delimiters is code and will then try to execute it. Don’t put HTML there, or else it’ll break. Also, the first line, is optional. If you leave it out, the server will assume you’re using VBScript.
VBScript is an odd little language. Although it supports various scalar values (integers, floating-point numbers, strings, etc.), VBScript has only one primary data type: the Variant, a peculiar data type that magically transforms itself to fit within the context in which it is currently being used. Of course, VBScript has all the requisite programming-language operators, conditional statements, and control structures.
DATABASE PROGRAMMING IN ASP:
One of the most important features about ASP is that it allows you to easily access data and put it on a Web page. You can simply display data from an ODBC-compliant database, or you can use ASP to make decisions about what to display on a Web page. You can then format the results in any way that you please.
Using Active Data Objects (ADO), you can easily make a connection object that connects to a database. RecordSet objects may be created to open tables and give interactive access to data, or to execute queries using standard SQL syntax.
This allows you to make a Web-based interface to your database. Using Web forms, your users can perform queries, change data, and add records and the like.
You can use the database for so many useful tasks, such as to store information about your users, or to build an online catalogue for a shop-front.
With asp, you can perform the following action:
1-Modifying Records
2-Adding New Records
3-Deleting Records
4-Submitting Scripts to Themselves
5-Paging Through Recordsets
Cookies:
Another important ASP feature is the ability to use cookies to store and retrieve information. The Request object has a Cookie collection, and you can use this in your processing.
Note that cookies are actually stored on the user’s computer, and not the server. This often gives cookies a bit of a bad name. Most Web browsers give a user the option of disabling cookies, so these can’t always be relied upon.
Where cookies can be most useful is when they work in conjunction with a database. For example, you might make a site where you require people to register. You would store all the user’s details in a database on your server. To make logging in easier every time the user visits, you might store a cookie on their computer containing just their username and password. If the cookie is accepted, you can read it each time the user goes to your site, and log them in automatically – getting all the rest of their details from your database. If the cookie is not accepted, then the user will need to log in manually each time they revisit your site.
Here’s an example of how we might check a cookie’s value:
If the cookie does not exist, then the value returned will be an empty string, like so:
Sessions:
Normally, Web page operations are single operations. You request a page, and a server delivers it. Whether you get your next page from that same server, or from another server, the next request you make through your Web browser will usually be a whole new operation, unrelated to the previous one.
ASP allows us to maintain the notion of ’state’ whereby we can track user interactions across Web pages in our site. Using the Session object will do this. It has syntax very similar to that of cookies, but the data is stored on the server, and not the client machine. Also, the data expires once the user leaves the Web site and the session is abandoned (or, if the session times out due to inactivity).
So, the Session object lets us temporarily store information during the lifetime of a user’s interaction with our site.
A good example of the Session object is to protect pages in a secure site – you want to force the user to log in, regardless of what URL they try to open in your site.
When they log in, you might set a session variable to represent this, like so:
In all your other pages, you would test if this variable has been set. If not, redirect the user to your login page. This way, your pages cannot be accessed if the user has not successfully logged on.
————————————————————————-
*** Summary ***
ASP Active Server Pages
Asp.dll scripting engine on server
delimiters
FSO file system object
