COMP3121 E-Commerce Technologies Richard Henson University of Worcester October 2010

Week 4 –Server-Side Scripting and online Shopping Systems n Objectives:  Explain how software tools can assist with integration of the four basic components of a client-server dynamic web pages application  Identify available server-scripting & database connectivity systems  Create and use read-write database-linked server-scripts with Visual Studio

Early online shopping example : n Came out of the early “wow, Java” revolution in web development n Whole system (30kb) written in Java Script, runs on the client machine (!)  stores & presents product data  shows all the components and functionality expected of a shopping cart system  interfaces with merchant systems that can be used to handle online payment n TAKE A LOOK!!!  downloadable from RH’s website…

Critical Look at Client-end “apps” n Absolutely fantastic! n Even better on a mobile… BUT usually for entertainment only… BUT usually for entertainment only…  only small data sources, or infrequently changed data sources are used  usually “single user”

Whatever happened to “client only” web shopping? n In an ideal (Internet) world everything would be able to run via the browser on the client machine. Result:  faster  all data local  more controlled n The “Java+client-end HTML” model is fine…  until you need to store and change data!!

Applications requiring multi-client use & shared data n Specific requirement:  Large, regularly updated centralised data store that needs to be accessed by a number of clients  Requirements for client-end solution ? »database updated centrally »database downloaded every time the application is to be used!  Feasibility of client-end solution? »not powerful enough? »client not enough storage capacity? »not sufficient bandwidth? »downloading databases can compromise security

Demands of Applications based on centralised data storage! n Typically… the database is :  secure  readily accessible from all clients  queriable remotely  alterable only by specific persons n Only achievable through a client-server model

How Server Scripts can Interact with Databases n n Contain embedded SQL code that can extract data from or send data to a database

How Server Scripts can Interact with Databases   Whenever a database is updated… » »updated data picked up by server-script when it runs » »updated data displayed on client

How Server Scripts can Interact with Databases   Whenever a browser form captures data… » »data transferred directly to relevant server » »then stored in specified database field(s)

How Server Scripts Interact with Databases n n Whenever database information needs to be presented:   database fields and records taken into server memory   data sent to local machine to be displayed within a HTML format

When NOT to use web tools during web development… n n Database Design phase!!!   Recommended that this part is done using the RDBMS itself   Ideally, developers should use CASE tools, or at least entity-relationship modelling…   Implementation of database should follow logical database design   Development of SQL queries and server scripts should FOLLOW database implementation

Mechanism for variable passing between Dynamic Web Pages n n HTML “GET” function:   parameter/s tagged on to the URL e.g. » »Get /thetest.jsp?firstname=richard&password=holidays&la stname=henson&action=transferbankfunds   Can result in v. long URLs…

Variable Passing between Dynamic Web Pages n n Alternative: “POST”   designed to be used within HTML forms… n n Example of syntax, added to HTML coding within …   post /thetest.jsp firstname=richard&password=holiday s&lastname=henson&action=transfer bankfunds

How do Server Scripts work with HTML forms? n Browser:  allows HTML code to make a request to run a particular script on a server (specified location)  on positive server response, passes appropriately formatted captured HTML forms data to that server process n Server running the script:  uses data from browser as input to its process »saves results somewhere (on a database?) »optionally sends HTML info back to the browser to format and display results of processing as it wishes »optionally passes results back to the browser, usually to appear in a HTML table

Features of Embedded Server Scripts n n Must be of an appropriate type for the web server that is to execute the code   first line of file: declaration of language used e.g..net C# n n Take advantage of web server’s built-in connectivity technologies e.g. MDAC:   allows access to large databases held on remote web servers anywhere on the world wide web, security restrictions permitting   allowing script processes to perform many queries per second on such databases

“off the shelf” server-side code n n Packages like Visual Studio & Dreamweaver have a library of existing server-scripts ready for use   the term “server scripts” becomes “server behaviours” n n Menu driven   "Live Objects" menu option enabling quick creation of: n n Master-Detail Pages n n Insert Pages n n Update pages

Creating new Server Scripts n n Dreamweaver % Visual Studio include a script builder wizards   provide basic source code which can be modified for specific purposes   very popular with experienced developers   significantly improves the ability for end users and third parties to create scripts to meet specified requirements

Interacting with the Database n n Many existing databases pre-date the www   MOST are relational n n When planning a new web-based system, it may be that the a suitable existing database already exists n n The choices are:   EITHER to convert/port data into a new DBMS   OR, assuming that existing database is relational, make use of the existing DBMS data as it stands

Choice of DBMS – entry level n n Access or MySQL - small databases   both use SQL queries n n Both have their limitations:   Access can’t support more than 10 concurrent users/queries   MySQL falls short of full SQL capability in other ways: » » b_vs_MySQL.pdfhttp:// b_vs_MySQL.pdf

Beware Earlier versions of Access! n n Even pre-2000 Access versions…   may integrate well with server-side scripting BUT… » »use a slightly different SQL syntax » »not automatically transferable to enterprise databases if an organisation subsequently needs to move up to a more powerful system n n Enterprise databases like SQL Server and Oracle provide full-blown programming and business logic within the database…

Choice of DBMS - Larger Systems n n SQL Server or Oracle?   both standard SQL   both interface well with asp.net, php, etc.   no realistic alternatives n n However, it is possible (as a stopgap?) to create an Access Project file that can use the more powerful SQL Server database engine (i.e. recent versions using.accdb format)

Developing the Database n n The programming of links to fields, etc. should reside within the database itself   rather than on a specific Web page n n Consequently, when something needs to be changed in the database:   just need to change the “Stored Procedure” or “View”…   and pages will update automatically   if SQL consistently used, previous investment in programming will still remain even if the developer changes platform/scripting language…

Linking the Database with the Web Server n n Using IIS:   Microsoft Data Access Components (MDAC – originally VB source code) » »freely available on the web » »enables any database system to link to IIS using ODBC or OLE DB n n Using Apache:   UNIX: no MDAC “vulnerabilities” (historically,.COM objects contained VB source code)   if on Windows platform, still allows use of ODBC components so flexible…

Which to Use? n n All have their adherents   all can easily go pear shaped… n n Most reliable:   all Microsoft?   no Microsoft! (but not for the faint-hearted)   Some Microsoft: » »Apache/php on Windows

“Mixed” Environments n n e.g. Apache/php on Windows   very popular “compromise” option for non-Unix developers   Apache web server runs on Windows » »possible to run Access with ODBC drivers » »if on the same platform as IIS… n n each needs a separate TCP port (both go for 80)   Popularised in XAMPP » »free to download » »Command-line interface » »contains an implementation of php scripting language » »and an implementation of MySQL… » »doesn’t have Access-type database design components

Unix Scripting & Execution Environments n n For those who like a challenge…   Unix/Linux, Apache & PHP » »all open source software » »can therefore save a lot of money   but more difficult to get support on “open” products…

More about SQL n n Developed by IBM in 1974 as Structured Query Language   took a lot of the tedium out of database programming   based on a small number of commands   one line of SQL could replace 100 lines of COBOL! n n Popularised by:   ORACLE on mid-range systems   DB2 on IBM mainframes n n Now the industry standard for databases…

Benefits of knowing SQL when creating server-scripts… n n As you’ll see in today’s practical, when developing server-scripts:   generating the right programming code is important » »e.g. input/output knowledge of syntax of that language   but the embedded SQL database queries also have to be right... n n It figures that:   the more a developer is competent with SQL syntax…   the more elaborate the interaction they will be able to achieve with database data

Basics of SQL n SELECT… statement  allows field/s to be specified n FROM  Allows table/s to be specified n WHERE  conditionals based on particular field values n ORDER BY  allows results to be ordered by field/s

Associated SQL Constructs (INSERT) n INSERT INTO… statement  table (field1, field2, etc.) n VALUES  (correspond to fields) n Alternately, a SELECT statement referring to appropriate fields can replace “VALUES”

Associated SQL Constructs (UPDATE) n UPDATE… statement  refers to table n SET  refers to new value(s) for field(s) in that table n WHERE  refers to fieldname in record(s) to be overwritten

Associated SQL Constructs (DELETE) n DELETE… statement  again allows fields n FROM  again allows tables n WHERE  refers to records/fields to be deleted

Datasets – Improving Download Time n asp.net controls encourage the creation of intermediate data subsets on the local machine  known as “datasets”  saves on amount of data downloaded »e.g. fields can all be held in a single table »faster processing and display  remote database access becomes a much more dynamic experience for the client/user n VERY important during on-line shopping

Creating ASP.net Datasets using SQL n These four basic SQL commands can provide a wide range of interaction with relational databases n An SQL “VIEW” can also be created to provide a single dataset from a series of linked tables n Syntax (e.g.):  CREATE VIEW view_name AS SELECT columns FROM table WHERE “predicates”;

Learning SQL with Visual Studio? n The more you know the better it is… n The Object Data Source Wizard in Visual Studio…  allows practice in creating/modifying SQL queries with a querybuilder tool  provides experience of server scripting, database-script interaction, and SQL queries all at the same time  will also come in handy in designing a database to underpin that shopping cart system…