Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions."— Presentation transcript:

1 1 Copyright © 2002 Pearson Education, Inc.

2 2 Chapter 8 Managing End-User Sessions

3 3 Copyright © 2002 Pearson Education, Inc. Objectives l Discover how to use hidden fields to build multiple-screen end-user sessions l Understand the complexities involved in creating Web applications with multiple-screen sessions l Recognize the advantages and limitations of browser cookies l Learn how to use browser cookies to track data about the end user

4 4 Copyright © 2002 Pearson Education, Inc. What is a Multi-form Web Session l Lead the end-user through a series of HTML forms which work together. l For example, consider an application with: »Order Information – Get part number and quantity »Customer Information – Get customer name »Billing Information – Get method of payment

5 5 Copyright © 2002 Pearson Education, Inc. A Multi-form Application

6 6 Copyright © 2002 Pearson Education, Inc. Can use HTML Form Hidden Fields l These fields are not displayed on the screen but are available to the receiving CGI/Perl Program l They are hidden but not invisible and still can be seen if end-user “views source”.

7 7 Copyright © 2002 Pearson Education, Inc. Setting a hidden field l The following provides an initial form for a series of forms that gather product order information. » It looks like any other form to the end-user but sets a hidden field for variable state. »Receiving program can access normal way: $state=param(‘STATE’);

8 8 Copyright © 2002 Pearson Education, Inc. Here is the output:

9 9 Copyright © 2002 Pearson Education, Inc. Script that Sets Hidden Field 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. print header, start_html('Order Product'); 4. print ' '; 5. @Products=('Hammers', 'Hand Saws', 'Wrenches'); 6. print 'We have the following following products available: '; 7. print "@Products"; 8. 9. print br, 'Please select a product '; 10. print ' '; 11. print ' Please enter quantity '; 12. print ' '; 13. 14. print br, ' '; 15. print br, ' '; 16. print ' '; print ‘ ’, end_html;

10 10 Copyright © 2002 Pearson Education, Inc. Now lets receive the data l Suppose you wanted to receive the data l Suppose you want this 2 nd CGI/Perl program to generate a form to ask for additional information like customer name and a customer billing code. »If the end-user makes a mistake on one of these fields, you don’t want to send them back to re- enter data on the first form. »Instead you want to show an error message and re-display the 2 nd form.

11 11 Copyright © 2002 Pearson Education, Inc. Sample Screen Flow

12 12 Copyright © 2002 Pearson Education, Inc. Application Output

13 13 Copyright © 2002 Pearson Education, Inc. The Details of orderproduct2.cgi Will examine the programming code for orderproduct2.cgi in three pieces: »The main portion of the program decides which subroutine to call based CGI variable STATE’s value. »The askname() subroutine generates a form that asks for a name and billing code. »The checkname() subroutine generates a form to verify the customer name and customer billing code.

14 14 Copyright © 2002 Pearson Education, Inc. Main Program Body 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. print header, start_html('GetName'); 4. print ' '; 5. @Products=('Hammers', 'Hand Saws', 'Wrenches'); 6. $prod=param('product'); 7. $number=param('quantity'); 8. $state=param('STATE'); 9. if ( $state eq 'GET_INPUT' ) { 10. &askname(); 11. } elsif ( $state eq 'VERIFY_INPUT' ) { 12. &checkname(); 13. } else { print "ooops Get help! state=$state"; } Call itself again Get STATE and other CGI vrbles

15 15 Copyright © 2002 Pearson Education, Inc. The askname Subroutine Called when STATE == GET_INPUT. It creates a form that gathers customer name and code. l This subroutine performs two major tasks:  Saving state: Sets hidden fields to save for the product, quantity, and STATE. This enables access to these values the next time it is called.  Generating the visible form fields.Generate the “visible” form fields that ask the end user for a name and billing code.

16 16 Copyright © 2002 Pearson Education, Inc. The askname Subroutine 15. sub askname { 16. 17. print "You selected product=$prod and quantity=$number"; 18. print br, " "; 19. print " "; 20. print ' '; 21. 22. print 'Please enter your name'; 23. print '<INPUT TEXT TYPE="text" SIZE="15" MAXLENGTH="20" NAME="name">'; 24. 25. print ' and Billing Code: (5 digits)'; 26. print ' '; 27. 28. print br, ' '; 29. print ' '; 30. 31. print end_form, end_html; 32. }

17 17 Copyright © 2002 Pearson Education, Inc. The checkname Subroutine Verifies the name and code fields. It assumes it has already been run and made name and code available to it. l It takes two different actions: »Invalid input: After getting name and code, uses a regular expression to tell if 5 digits entered. If not, output error message and called askname(). »Valid input: If valid input, then output a message indicating valid input and exit.

18 18 Copyright © 2002 Pearson Education, Inc. checkname() program Code 33. sub checkname { 34. 35. $code=param('code'); 36. $name=param('name'); 37. if ( $code !~ /^\d\d\d\d\d$/ ) { 38. print ' Sorry billing number must be all digits ', br; 39. &askname(); 40. } 41. else { 42. print ' Thanks for ordering ', br; 43. print "Got Product =$prod Number= $number"; 44. print " Also, got name=$name, code=$code"; 45. } 46. }

19 19 Copyright © 2002 Pearson Education, Inc. Building More Sophisticated Apps l Consider an application with four forms that gathers survey information. l Each form displays its initial fields and then calls itself to verify its own fields. l Each form could use a different CGI/Perl program that uses a hidden variable to set a “state.”

20 20 Copyright © 2002 Pearson Education, Inc. Beyond Hidden Fields l Will describe 3 additional techniques: »Using files for storing state information. Can be used with hidden fields to store and retain session data. »Using files and databases for storing initial data and form results. Could include initial input to applications and stored survey results or product orders. »Sending e-mail from forms. Can cause e-mail to be sent to a transaction-handling e-mail account or back to the customer to confirm the order.

21 21 Copyright © 2002 Pearson Education, Inc. Using Files for Saving State l Using files to store session states increases session complexity. E.g, need to generate session IDs and keep them secure. l Some advantages of for session management: »Revisiting states. Can provide a consistent way to o “remember” session data, even when two screens do not normally call each other. »Remembering data between sessions. Can remember end user data even after the end user leaves your site. E.g., on-line shopping cart.

22 22 Copyright © 2002 Pearson Education, Inc. Sample Screen Flow

23 23 Copyright © 2002 Pearson Education, Inc. Storing Orders in Files Use a field delimiter such as a comma, tab, or vertical bar (“ | ”), to ensure that the fields can be identified and retrieved easily. (E.g, split) l Files work well when traffic is moderate in volume and the amount of data to be saved is relatively small. »They are simple to use, can be edited with text editors (to add fields or records or fix a damaged line), and can be implemented quickly.

24 24 Copyright © 2002 Pearson Education, Inc. Using Databases l Databases can provide faster access, higher security, and greater data integrity than do files. »Perl supports a special DBI module for working with a variety of databases, including most major databases (such as Oracle, Informix, and Access) and some free ones (Mysql).

25 25 Copyright © 2002 Pearson Education, Inc. Sending email l Sometimes useful to send e-mail providing survey results or confirming order information. The sendmail program is a popular way to send email from a UNIX Web server. (Available on UNIX systems since the 1980s) »It comes as a preinstalled utility on most UNIX servers. You can use it to send e-mail via programs or interactively when logged into the Web server.

26 26 Copyright © 2002 Pearson Education, Inc. Where is sendmail? l Need to know the directory path to the file where this program is stored. » On a UNIX system, it is usually stored in /usr/lib/sendmail. –Either ask your ISP or check out this location for yourself. –If you can Telnet to your Web server, on many UNIX systems you can execute the whereis command to identify the location of sendmail. For example, l whereis sendmail

27 27 Copyright © 2002 Pearson Education, Inc. Using sendmail Need to connect to sendmail using open(). » MAIL - connection name for sendmail. » sendmail path - the full directory path. The vertical bar (“ | ”) is used when establishing an open connection to an external program. -t instructs sendmail to get the destination e-mail address and subject lines from the “To:” and “Subject:” data that we will send to it.

28 28 Copyright © 2002 Pearson Education, Inc. Basic Code For Using sendmail(). open ( MAIL, "|/usr/lib/sendmail -t" ) || die "Cannot start sendmail: $!";. $email='myhandle@myhandle.com';. print MAIL "To: $email \n";. print MAIL "Subject: New Order\n";. print MAIL "Product =$prod Number= $number\n"; close (MAIL);

29 29 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

30 30 Copyright © 2002 Pearson Education, Inc. Email Received...

31 31 Copyright © 2002 Pearson Education, Inc. Modification to checkname() 1. sub checkname { 2. 3. $code=param('code'); 4. $name=param('name'); 5. if ( $code !~ /^\d\d\d\d\d/ ) { 6. print ' Sorry billing number must be all digits '; 7. &askname(); 8. } 9. else { 10. print ' Thanks for ordering ', "$name", br; 11. open ( MAIL, "|/usr/lib/sendmail -t" ) || die "Cannot start sendmail: $!"; 12. 13. $email='perlpgm@host33.hostingcheck.com'; 14. print MAIL "To: $email \n"; 15. print MAIL "Subject: New Order\n"; 16. print MAIL "Got Product =$prod Number= $number\n"; 17. print MAIL " Also, got name=$name, email=$email, code=$code \n"; 18. close (MAIL); 19. print ' Just sent email to ', "$email"; 20. 21. } 22. }

32 32 Copyright © 2002 Pearson Education, Inc. Using Cookies to Save Information l Browser cookies a method for Web sites to “remember” visitor information. »They are small pieces of data that can be saved by a Web site application when an end user visits the Web site. » They are stored on the visitor’s hard drive in a special “cookie” file. » When the visitor returns, program reads browser cookie data (it previously stored) and use it to “remember” something about the visitor. –E.g., book site remember you prefer mysteries

33 33 Copyright © 2002 Pearson Education, Inc. Cookie Limitations l Cookies can be easily disabled. Both IE and Netscape enable users to disable cookies and refuse to allow sites to set them. (In Netscape click Edit, Preferences, Advanced.)

34 34 Copyright © 2002 Pearson Education, Inc. Cookie Limitations l People move around. Make less sense on computers with multiple users (such as a library or computer lab). l Not all browsers support cookies. Not all browsers support cookies. Your site might exclude people with older browsers or people who disable cookies. l Cookies can be easily deleted. Cookie data can be accidentally or intentionally deleted.

35 35 Copyright © 2002 Pearson Education, Inc. Why Some People Don’t Like Cookies l Anonymity. Some prefer to browse anonymously without allowing Web sites to track their preferences and movements at any given site. –For example, might set a cookie with a unique ID on it, then on a server record when that ID logs in, which pages it visits, and even which page that ID was viewing just before coming to the site. l Potential use in market research. Some marketing research companies use cookie data to develop profiles of Web usage patterns. (Then sell the data).

36 36 Copyright © 2002 Pearson Education, Inc. Setting a Cookie l Can request that a browser cookie be saved in memory (deleted when user exits browser)or onto disk (retained until an expiration date). l Syntax of an in memory cookie: l Must output before the MIME Content-type line.

37 37 Copyright © 2002 Pearson Education, Inc. Setting Cookie Expiration Date l When need to retain a cookie between browser sessions, need to set expiration date l Again this line must be output before the MIME Content-type line

38 38 Copyright © 2002 Pearson Education, Inc. A Sample Program That Sets A Cookie 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. $name=param('name'); 4. $prefers=param('prefers'); 5. print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT\n"; 6. print "Set-Cookie: cust_prefer=$prefers; expires=04-Jul-2003 00:00:0 GMT\n"; 7. 8. print header, start_html('set cookie'); 9. print br, "Thanks $name Lets now look at $prefers... "; 10. 11. print end_html;

39 39 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

40 40 Copyright © 2002 Pearson Education, Inc. Its Worth Noting... 1. Unless the end user explicitly sets browser settings to be notified when a site sets a cookie, the end user probably won’t realize that a cookie was set. 2. If the end user disables cookies, the program will not know it. It is possible for CGI/Perl applications to detect whether cookies are enabled, but they must set a cookie and then try to read that cookie again to make this determination. 3. While you are testing the use of cookies, it is helpful to set your browser setting to “Warn me before accepting a cookie.”

41 41 Copyright © 2002 Pearson Education, Inc. Example Cookie Warning Pop-up

42 42 Copyright © 2002 Pearson Education, Inc. Reading Cookies Use the CGI.pm function called cookie() to read cookie data. Can also use %ENV hash variable called HTTP_COOKIE. (Returns a list of semicolon- separated name/value pairs of cookies. » For example, $cookies=$ENV(‘HTTP_COOKIE’);

43 43 Copyright © 2002 Pearson Education, Inc. Example Cookie Reading Program 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. print header, start_html("Welcome "); 4. $cust_name=cookie( 'cust_name'); 5. $prefers=cookie('cust_prefer'); 6. print ' '; 7. if ($cust_name) { 8. print "Welcome back $cust_name to our humble hardware site."; 9. } else { 10. print ' '; 11. print 'Welcome to our humble hardware site. '; 12. } 13. if ( $prefers eq "hand tools" ) { 14. print br,'We have hammers on sale for 5 dollars!'; 15. } elsif ( $prefers eq "power tools" ){ 16. print br, 'We have power drills on sale for 25 dollars!'; 17. } else { 18. print br, ' '; 19. print ' We have drills and hammers on special today! '; 20. } 21. print " ", end_html;

44 44 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

45 45 Copyright © 2002 Pearson Education, Inc. Some Advanced Cookie Options l Sometimes may want to read the cookie from a different file system directory than where it was set. »You must specify the path option. »For example, you might set the cookie in http://perl- pgm.com/cgi-bin/C7 and then read it from a program in http://perl-pgm.com/cgi-bin/C8. »print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT; path=/\n”;

46 46 Copyright © 2002 Pearson Education, Inc. Some More Advanced Options l May want to enable any server within your domain to be able to read the cookie. »Perhaps one server sets the cookie while taking the order and another server reads it while processing the order. » You use the domain option of the Set-Cookie »print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT; domain=.mysite.com\n”;

47 47 Copyright © 2002 Pearson Education, Inc. Summary l Hidden fields are HTML form fields that you can use to set name/value CGI variables without displaying them on a form. l Hidden fields provide a method to manage user sessions by maintaining the state of each session. »Hidden fields are not a secure method to keep data. l You can create sophisticated multiple-screen applications, such as shopping carts and surveys, by using hidden fields.

48 48 Copyright © 2002 Pearson Education, Inc. Summary l Cookies provide a way for Web server applications to store small pieces of data on the end user’s machine. l Cookies can be easily refused by the end user and therefore cannot be relied upon to always be available to the CGI/Perl program. l Data set by cookies can be available for long periods of time, even when the end user leaves the site and comes back months later.

Download ppt "1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions."

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Copyright © 2003 Pearson Education, Inc. Slide 7-1 The Web Wizards Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 7-1 The Web Wizards Guide to PHP by David Lash.
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.
1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions.

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.

Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
DT228/3 Web Development multi page applications/ sharing data.

DT228/3 Web Development multi page applications/ sharing data.
Introduction to PERL Part 4 (1) Working with Files (2)CGI Security.

Introduction to PERL Part 4 (1) Working with Files (2)CGI Security.
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.

XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.
Agenda What is Computer Programming? The Programming Process

Agenda What is Computer Programming? The Programming Process
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.
This presentation will guide you though the initial stages of installation, through to producing your first report Click your mouse to advance the presentation.

This presentation will guide you though the initial stages of installation, through to producing your first report Click your mouse to advance the presentation.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.

CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.

Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.
XP New Perspectives on Browser and E-mail Basics Tutorial 1 1 Browser and E-mail Basics Tutorial 1.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.

Similar presentations

Ads by Google