Schongar P.VBScript unleashed.1997
.pdf<br><b>Please enter the billing address of your credit card, if different from the
shipping address.</b>
<b>(Please enter your name AS IT APPEARs ON YOUR CREDIT CARD)</b>
<b>Name:</b>
<INPUT TYPE="text" NAME="Name" SIZE=40>
|
<b>Address |
(line |
1):</b> |
<INPUT TYPE="text" NAME="Address_(line_1)" SIZE=40> |
|||
|
<b>Address |
(line |
2): |
</b> |
|
<INPUT |
TYPE="text" NAME="Address_(line_2)" SIZE=40> |
<b>City:</b>
<INPUT TYPE="text" NAME="City_or_town" SIZE=40>
<b>State or Province:</b>
<INPUT TYPE="text" NAME="State_or_Province" SIZE=12>
<b>Zip/Postal Code:</b>
<INPUT TYPE="text" NAME="Zip/Postal_Code:" SIZE=10>
<b>Country:</b>
<INPUT TYPE="text" NAME="Country" SIZE=15>
</PRE>
<p>
</menu>
<p>Please indicate the program(s) you wish to order by checking them off:<br>
<p>
<b> <INPUT TYPE="checkbox" NAME="programs_ordered" VALUE="My Software Lite
CD-ROM- $99"><a href="my_soft.html">My Software Lite</a> v.2.0 for Windows CD-ROM -
- $99 <br>
</b>--> For additional licences at the same location or on a network please call,
write or fax our office. <br> |
--><i> My Software Lite </i> |
comes |
|
with a 60-day |
|
|
|
return guarantee. A 10% restocking fee applies <br> |
--> to |
all |
|
returns. |
|
|
|
Shipping & handling charges are not refundable. <br><br>
<b>
<INPUT TYPE="checkbox" NAME="programs_ordered" VALUE="My Software
Pro -
- $149"><a href="my_softpro.html"> My Software Pro </a>
v. 2.0 for Windows -diskettes - - - - - $149</b>
<br> --><i>
My Software Pro </i> comes with a 30-day return guarantee. A 10% restocking fee applies
<br>
--> to all returns. Shipping & handling charges are not refundable.
<br> -->
You can also order a <b> downloadable</b>, truncated version of My Software Pro, called
<br>
--> <i> My Software Pro <b>Personal Edition</b></i> for <b> only $69
(non-refundable) <a href="order.html">
|HERE|</a></b><br><br>
<br><br>
<hr>
<b><i><u>Shipping and Handling Charges:
</u></i></b>
<br><i>My Software Lite</i> and <i>My Software Pro</i> are shipped by <b>Federal
Express courier</b>. Other products "best way".<br><br>
Add <b>$12</b> for delivery of <i>My Software Lite</i> or <i>My Software Pro</i>
within the U.S. or <b>$25</b> to Mexico and Canada, <b>$45 - $75</b> outside N. America,
depending on location, except Demo and where otherwise indicated.
<br><br>
Overseas demo shipment costs $5 (total $10). <br>
<p><hr>How did you come upon our home page, or who referred you here?
Any comments or questions?<br>
<TEXTAREA name="Referred_by" rows=3 cols=60></TEXTAREA>
<p>
<hr>Thank you for your order!
<p><INPUT
TYPE="hidden" NAME="WebFormID" VALUE="2">
<p>Click here to <INPUT TYPE="submit" VALUE="Send Your Order Now">
.................... or <INPUT TYPE="reset" VALUE="Clear"> the form and start over.
</FORM>
<p>
<hr>
Return to <a href="index.html"><img src="central3.gif" alt="RK Software
logo">RK Software Home Page</a>
<hr><FONT SIZE=-2>(C)1996
RK Software.</FONT>
</body>
You are visitor <img src="/cgi-bin/Count.cgi?ft=3&dd=C&frgb=0;0;0| df=rksoft-index.dat"
align=absmiddl> since 1-Dec-1995
</html>
Listing 20.4 shows the results obtained by using a CGI script.
Listing 20.4. Results obtained by using a CGI script.
Subject: Form posted from AIR Mosaic
Content-type: application/x-www-form-urlencoded
Content-length: 567
X-Mailer: AIR Mosaic (16-bit) version 1.00.198.07
WebFormID=2
Referred_by=
programs_ordered=My Software Lite CD-ROM
Country=
Zip/Postal_Code:=
State_or_Province=
City_or_town=
Address_(line_2)=
Address_(line_1)=
Name=
email=
fax=
Telephone=
Ship_To_Country=USA
Ship_To_Zip/Postal_Code=45632
Ship_To_State/Province=FL
Ship_To_City=Bonnesville
Ship_To_Addr_(line_2)=
Ship_To_Addr_(line_1)=456 Whatever Street
Company_Name=XYZ Corporation
Ship_To_Name=XYZ Corporation
Expiration=9/99
Credit_Card_Number=1234567890123456
card_type=VISA
Subject=Software Order
recipient=xyz@rksoftware.com
This result appears much more readable! The CGI script included in Listing 20.4 processes the data received from the Web form and e-mails it to you in a meaningful form. You receive the customer order as simple ASCII text that is easily readable.
CGI scripting performs this kind of task and much more. CGI scripts help connect your Web site to a relational database, which enables visitors and customers to easily browse and search your product catalog. Airlines can set up sites that let their customers inquire about flight schedules and make reservations online. Banks can set up Web sites that enable their customers to check balances and make transfers. Libraries can set up sites that enable readers to search for books and magazines. A CGI program can send data back to the browser, making the communication a two-way traffic.
CGI is not a programming language. It represents a simple communication protocol that establishes the communication layer between the server and the server-side applications. Figure 20.2 shows the architecture of a CGI-based Web application.
Figure 20.2 : Architecture of a CGI application.
A CGI program is nothing but a simple application that accepts input, processes it, and sends the resulting output to its appropriate destination. Therefore, you can use any standard programming or scripting language that supports input/ output processing to write your CGI programs. Potential candidates include C/C++, Visual Basic, Perl, or FORTRAN. If you use C/C++ or Visual Basic, you create a CGI program. A CGI program is an executable, similar to the executables you create for your desktop client/server applications. If you use a scripting language such as Perl or AppleScript, you create a CGI script. You will find it easier to create and maintain a script. Any changes made to a program must undergo the compile, link, and build process before the program can be executed. Whether you choose to create a program or
script depends on the tool you plan to use. The choice of tool depends on your familiarity with the tool and its programming syntax and structure. If you programmed with C/C++ all your life, you may feel better using C/C++ to write your CGI programs. In fact, you may be able to reuse your library of C/C++ routines for some of your CGI programs. On the other hand, if you are an avid Visual Basic developer, you probably want to continue using it to write your CGI programs.
CGI programs reside on the server. They benefit from faster and better processing power of the server. The more powerful the server, the better execution and response time you get from your CGI programs. At the same time, you should pay special attention when writing your CGI program code. The code should be efficient and fast. In the preceding example, if the CGI program takes a long time to convert the order form data into simple ASCII, you would get all your e-mail notifications late. Your ability to process the orders on a timely basis would suffer. The standard programming rules to write clean, modular, and efficient code also apply to CGI programming.
CGI Specification
The CGI specification came from Rob McCool of Netscape Communications. At the moment, the specification is under the supervision of the World Wide Web Consortium (W3C-http://www.w3.org).
The CGI specification enables you to expand the capabilities of your server. It serves as a gateway between the Web server and other server processes including databases.
NOTE
Other server APIs exist in the marketplace in addition to the CGI API.
These include Netscape's NSAPI (Netscape Server Application
Programming Interface) and Microsoft's ISAPI (Internet Server Application
Programming Interface).
The Web server captures the HTML form data into environment variables. A CGI script reads the environment variables, processes the data, and sends the response back to the browser. The form data is received as a set of name-value pairs. These pairs are separated by the & sign. The name and value tags are separated by the = sign. Because each name=value pair is URL encoded, the following conversion must occur:
1.Convert all + characters to spaces.
2.Convert all %xx sequences to the single character whose ASCII value is xx in hexadecimal form.
The form data gets stored in the environment variable QUERY_STRING if the GET method is used in the FORM tag for submission. If the POST method is used in the FORM tag for submission, the form data is not stored in any environment variables. You get it from STDIN. Because the server does not send an EOF at the end of the data, use the environment variable CONTENT_LENGTH to determine the number of bytes to be read. The next section, "CGI Environment Variables," outlines the different variables available for storing and processing data.
A number of scripts exist on the World Wide Web that do the preceding conversion. These scripts come in a number of different languages, including the Bourne Shell, C, Perl, Perl5, TCL, and many more.
You can send different types of data back to the browser including HTML, GIF, and other MIME Content-Types. For example, to send HTML data, use the Content-Type of text/html. To send a GIF image, use the Content-Type of image/gif.
The Win-CGI standard is a CGI standard supported by some Windows-based Web servers.
NOTE
In the Win-CGI standard, the data gets stored in INI files instead of environment variables. The use of INI files is widespread and very common on the Windows platform.
If you write CGI programs (executables, for example), the executables usually appear in the \cgi-bin\ directory on the server and the source code is stored in the \cgi-src\ directory. Security measures must exist to control access to both these directories.
If you write CGI scripts, they usually get stored in the \cgi-bin\ directory. Because the script is its own source, you don't need to store anything in the \cgi-src\ directory. Again, security measures must exist to control access to the \cgi-bin\ directory-especially in this case, because the script is the source code itself.
CGI Environment Variables
The following CGI environment variables are set for all requests:
●GATEWAY_INTERFACE: The revision of the CGI specification to which this server complies.
●SERVER_NAME: The server's host name, DNS alias, or IP address as it appears in self-referencing URLs.
●SERVER_SOFTWARE: The name and version of the information server software answering the request and running the gateway. Format: name/version.
The following environment variables are specific to the request being fulfilled by the gateway program:
●AUTH_TYPE: If the server supports user authentication and the script is protected, this is the protocol-specific authentication method used to validate the user.
●CONTENT_TYPE: For queries which have attached information, such as HTTP POST and PUT, this is the content type of the data.
●CONTENT_LENGTH: The length of the said content as given by the client. In addition to this, the header lines received from the client, if any, are placed into the environment with the prefix HTTP_ followed by the header name. Any - characters in the header name get changed to characters. The server may exclude any headers which it has already processed, such as Authorization, Content-Type, and Content-length. If necessary, the server may choose to exclude any or all of these headers if including them would exceed any system environment limits.
An example of this is the HTTP_ACCEPT variable, which was defined in CGI/1.0. Another example is the header User-agent.
●HTTP_ACCEPT: The MIME types that the client will accept, as given by HTTP headers. Other protocols might need to get this information from elsewhere. Each item in this list should be separated by commas as per the HTTP spec. Format: type/subtype, type/subtype.
●HTTP_USER_AGENT: The browser the client uses to send the request. General format: software/ version library/version.
●PATH_INFO: The extra path information as specified by the client. Scripts can be accessed by their virtual pathname, followed by extra information at the end of this path. The extra information is sent as PATH_INFO. The server should decode this information if it comes from a URL before it is passed to the CGI script.
●PATH_TRANSLATED: The server provides a translated version of PATH_INFO, which takes the path and does any virtual-to-physical mapping to it.
●QUERY_STRING: The information following the ? that referenced this script. The query information should not be decoded in any fashion. This variable should always be set when query information exists, regardless of command-line decoding.
●REMOTE_ADDR: The IP address of the remote host making the request.
●REMOTE_HOST: The host name making the request. If the server does not have this information, it should set REMOTE_ADDR and not set this variable.
●REMOTE_IDENT: If the HTTP server supports RFC 931 identification, this variable is set to the remote user name retrieved from the server. Usage of this variable should be limited to logging only.
●REQUEST_METHOD: The method with which the request was made. For HTTP, the request methods are GET, HEAD, POST, and so on.
●REMOTE_USER: If the server supports user authentication and the script is protected, this is the user name that has been authenticated.
●SCRIPT_NAME: A virtual path to the script being executed; used for self-referencing URLs.
●SERVER_PROTOCOL: The name and revision of the information protocol this request came in with.
●SERVER_PORT: The port number to which the request was sent.
Architecture of a CGI Application
In order to pass data about the information request from the server to the script, the server uses command-line arguments, as well as environment variables. These environment variables get set when the server executes the gateway program.
Figure 20.2 describes the World Wide Web architecture of which CGI is one part. The Web browser is the client and it can interact with other applications such as Microsoft Word, Microsoft Excel, and Microsoft PowerPoint, depending on the nature of the application. The client connects to the Web server via the network. Several applications can reside on the server. The CGI interface acts as the gateway between the Web server and the server-side processes. One of the server-side processes could be a relational database. Although CGI acts as a gateway between any type of Web server and server-side applications, it has been more commonly implemented with the HTTPd server.
The client browser invokes the CGI script and waits until the CGI script completes its process. Thus, the CGI script must execute fast enough to have no perceived delay in the response time.
The drawback of using CGI is that every time a CGI script is invoked, the Web server spawns a new process. This setup becomes a problem when a given Web site gets frequently accessed by several users. It results in the Web server spawning a plethora of processes.
In the previous example, the CGI script processes the form order and notifies the company about receiving a customer order. You can extend the script further to dial into a credit card bureau and check the validity of the credit card number provided by the customer. The script can notify the customer about the acceptance or denial of the order. If the order gets accepted, the customer receives an order reference number. If the order is not accepted, the denial reasons are indicated.
CGI Versus VBScript
Certain tasks exist that could be easily performed on the client side with VBScript, thus avoiding the use of CGI programs. For example, processing mouse clicks and validating user input, come to mind. Consider the example of validating user input on the client side itself before the data goes to the server. Validating user input before it goes to the server represents good programming practice because the server's processing power can be better utilized for other important tasks.
Not everything can be implemented using VBScript. In some cases, you still need to consider CGI as a possible option for your application. For example, if your application needs to communicate with a back-end database, CGI provides one way to implement it, whereas VBScript doesn't work for such tasks. Whether you use VBScript or CGI, or both, depends on the nature of your application, as well as your familiarity with VBScript and CGI.
NOTE
VBScript programming is much simpler than CGI programming. If this represents your first foray into Web programming using CGI, expect a significant learning curve using and experimenting with CGI. On the other hand, VBScript coding is simpler because of the BASIC language syntax it follows.
Examples
This section reviews and analyzes a VBScript example downloaded from the Web site http://www.microsoft.
com/vbscript. Figure 20.3 shows a simple Web page created by the HTML code included in the file msftd.html
on the companion CD-ROM. This HTML displays an order form that enables you to place orders for flowers. You specify the occasion and enter the name and address where the flowers should be sent.
Figure 20.3 : Ordering flowers Web page created using HTML and VBScript.
Look at the code part by part. Listing 20.5 represents all the HTML code used to set up the form. Three radio buttons are displayed so the user can select Birthday (default), Anniversary, or Get well soon. These buttons are displayed using the <Input Type> tag. This part of the code remains the same no matter whether you use CGI or VBScript.
Next, you add the data-entry fields for entering name and address of the destination. The <Input> tag is used to add these fields. Three buttons-Submit, Clear, and Init-are added at the bottom. The Submit button sends the order. The Clear button clears the name and address fields. The Init button initializes the data-entry fields.
If you use CGI scripts to process user input and mouse clicks, you would include reference to those scripts in your HTML code. For example, the Submit button would include a reference to a CGI script residing on the server. This script is invoked when the user clicks the Submit button. The mouse click gets processed on the server and the results are transmitted back to the browser. This process becomes expensive because every such event would be processed on the server. It also increases network traffic and loads the server with trivial tasks that could easily be processed on the client side. Consequently, you have a very inefficient use of the server and its processing power.
Listing 20.5. HTML code for setting up the form for ordering flowers.
<HEAD><TITLE>VBScript sample: Ordering Flowers</TITLE></HEAD>
<BODY>
<TABLE WIDTH="80%">
<TR VALIGN=bottom>
<TD WIDTH="40%"><IMG SRC="/vbscript/us/vbssamp/msftd/
msftd.gif" ALIGN=center></TD>
<TD WIDTH="60%"><FONT SIZE=12><I>Order Flowers
</I></FONT></TD>
</TR>
</TABLE>
<FONT FACE="Times New Roman" SIZE=4>What is the occasion?
</FONT><BR>
<PRE>
<INPUT TYPE=RADIO NAME=OptOccasion CHECKED> Birthday
<INPUT TYPE=RADIO NAME=OptOccasion> Anniversary
<INPUT TYPE=RADIO NAME=OptOccasion> Get well soon
</PRE>
<FONT FACE="Times New Roman" SIZE=4>When and where should the flowers be sent?
</FONT><BR>
<PRE> |
|
Date |
<INPUT NAME=TxtDate SIZE=60> |
Name |
<INPUT NAME=TxtName SIZE=60> |
Address <INPUT NAME=TxtAddress SIZE=60>
City |
<INPUT NAME=TxtCity SIZE=60> |
State |
<INPUT NAME=TxtState SIZE=60> |
Zip code <INPUT NAME=TxtZip SIZE=60>