E-commerce – IT430 VU

Lecture No. 18
APPLETS, CGI SCRIPTS

You know that Web Server is a computer that delivers (serves up) web pages. Any computer
can be turned into a Web server by installing server software and connecting the machine to
the internet. A relational database or simply database is a collection of information stored in
tables. A database contains one or more tables. Each table has a name and consists of
columns and rows. Each column has a name.
Most e-commerce sites consist of a front end and a back end. Front end consists of that
information which is visible to the user and he can interact with the same through some
interface. The back end comprises that information which resides on the server side and is
used to create certain dynamic results for the user. It would include different programs or
scripts that may be developed in different languages/tools. For an effective e-commerce site
there must be a real integration or compatibility between the front end and the back end.
We develop our back end mainly for two purposes – for querying with the databases (where
we have developed databases) and for the maintenance of state. We can use different tools
(ASP, JSP etc.) for that purpose depending upon their respective advantages/disadvantages.
Server side processing can be mainly categorized into four headings - CGI Scripts, Servlets,
Server Side Scripts and JDBC/ODBC drivers.

CGI scripts

Term Common Gateway Interface (CGI) is defined as a standard method/protocol that

allows data from forms to be used by programs on the server. Script is a program running
on the server. CGI scripts include programs written in C, C++ or perl. Following Figure 1
shows a simple CGI setup. Suppose a client makes an http request by clicking a hyperlink.
This request is directed to a CGI script on the server side whose reference would be given in
the <A> tag. The server would communicate with the CGI script on it with the help of CGI
protocol. The script would be executed. We would do its coding such that it generates a
query to the database to retrieve specific information. This information would then be
supplied by the server to the client side as an HTML document.
You can also consider an example. Assume there are two links on a web page (Fig. 2). When
the user clicks on the hyperlink pertaining to IT Books, an http request goes to the server at
the address, which is shown as value of the href attribute of the anchor tag. This address is
that of a CGI script ‘hello2.cgi’, which is coded in such a way that it would generate a select
query in SQL and from the table IT books would retrieve all the information as a result for
the user. The Perl code of hello2.cgi is shown for a reference below.

© Copyright Virtual University of Pakistan 113

E-commerce – IT430 VU

CGI Setup

Request CGI Scripts/

Program
Browser
Http reply
Server

Database

Fig. 1

Fig. 2
Code for Fig. 2
<HTML>
<BODY>
<A href=http://www.onlineshop.com/cgi-bin/hello1.cgi>

© Copyright Virtual University of Pakistan 114

E-commerce – IT430 VU

Click here to view the record of your previous transactions

</A>
<p>
<A href=http://www.onlineshop.com/cgi-bin/hello2.cgi>
List of IT Books for sale
</A>
</BODY>
</HTML>

Perl example – hello2.cgi (Not for exam)

print “<head>\n”;
print “</head>\n”;
print <body>\n”;
print “<h1>IT Books</h1>\n”;
print “<b>Description of available books</b><br>”;

&SetOracle;
&RunSQL(“Select * from ITBOOKS”);
&StopOracle;

print “</body></html>\n”;

SQL

SQL stands for Structured Query Language. It is used to make queries from databases. Its
syntax may vary slightly from tool to tool. However, its general syntax is that we use select
statement to retrieve data from databases. We use “*” after the word select then write the
words “from tablename” in order to pick the entire information from a table. We can write
the select statement specifically in case some specific information is desired to be retrieved as
shown below:

Select author,publisher from ITBOOKS where coursename=‘e-commerce’

We can use insert statement of SQL in order to insert certain data in a database. For example
in Fig. 3 below, you can see a web form with text boxes. When a user clicks at the Register!
button (in fact a submit button), information provided by the user in the form would be
shipped to the URL specified as value of the action attribute in the form tag. Here, that URL
is that of an ASP file running on the server side. On clicking the Register!/submit button
this file would be executed. We would code it such that it gives rise to an insert query. In
other words, data provided in the form is picked up by the ASP file and subsequently
inserted or recorded in a table in the databases. The format of Insert query used in ASP is
shown for a reference below. We may also use delete and update statements in SQL for
deleting and updating data in the tables.

© Copyright Virtual University of Pakistan 115

E-commerce – IT430 VU

Fig. 3
Code for Fig. 3
<HTML>
<BODY>
<H3>To Register Please Enter The Following Information:</H3>
<FORM NAME="regForm" ACTION="http://www.onlineshop.com/hello.asp"
METHOD="POST">
Name: <INPUT TYPE="TEXT" NAME="Name" maxlength="25">
<P>
Address: <INPUT TYPE="TEXT" NAME="userAdd" maxlength="50">
<P>
Password: <INPUT TYPE="Password" NAME="userPassword" maxlength="15">
<P>
Email: <INPUT TYPE="TEXT" NAME="email" maxlength="15">
<P>
<INPUT TYPE="submit" NAME="Go" VALUE="Register!">
<INPUT TYPE="RESET" VALUE="Reset!">
</FORM>
</BODY>
</HTML>

Insert Statement in ASP (not for exam)

INSERT INTO Register(Name,Address,Password,Email)
VALUES(Request.form(“Name”), Request.form(“Address”), Request.form(“Password”),
Request.form(“Email”))

Register is the table where information received through the form is to be inserted.

© Copyright Virtual University of Pakistan 116

E-commerce – IT430 VU

Servlets

Servlets are very fast Java applications on the server side which are available in an active
form in the memory of the server. They use JDBC to connect to the databases.

Server Side Scripts

They basically include ASP, JSP or PHP. Active Server Pages (ASP) is the product of
Microsoft, Java Server Pages (JSP) is the product of Sun Microsystems and Hypertext
Preprocessor (PHP) is the product of Apache Software Foundation. Their code can be
embedded within the HTML document and they use extensions (.asp), (.jsp) or (.php), as the
case may be. The servers sees the extension of the file and processes the relevant ASP, JSP
or PHP code embedded within the HTML code and provides the result of such code to the
client side.

ODBC/JDBC
ODBC (Open database connectivity) and JDBC (Java based database connectivity) drivers
are also present on the server side. Scripts or programs use these to establish connection
with databases for querying.

Basic difference between CGI scripts, ASPs, Servlets etc.

Here, you can note some basic difference between CGI scripts, servlets, ASP, JSP etc.
We know that the code we write is translated into an executable form. There are two ways to
do this translation. One is that we compile the code or convert it into machine language
using a software called compiler, as we use in case of C or C++. The other way is that we
interpret the code (line by line) at the run time using a program called interpreter. Browser is
an interpreter. Compiled code is usually faster than the interpreted one as regards execution.
Technologies like ASP, PHP and Coldfusion interpret their code except the new version of
ASP (ASP.net) where the code is compiled. In case of JSP a program called JSP engine
compiles the code. This compilation takes place only once, and then the JSP page is
converted into a Servlet. The property of a servlet is that it is always in an active form which
means that it remains in the server memory. Therefore, any subsequent calls to the page
have faster response time. This probably is the only main difference between a JSP and a
Servlet.
Another difference between ASP and JSP is that ASP mostly uses VBScript and JSP uses
Java programming language for coding. Note that among the CGI scripts, Perl scripts are
interpreted and C++ scripts are compiled. However, CGI scripts are generally believed to be
relatively slow, since each CGI request generates a new process which is heavy for the
system. Therefore, CGI scripts are no longer a very popular option.

ASP

We can discuss ASP a little more in detail. It runs best on IIS (Internet Information Server)
which is freely available with Windows NT and Windows 2000. ASP engine is a piece of
software that is a part of IIS and interprets/translates an ASP code. There are mainly seven
predefined objects in ASP called intrinsic objects. To have some idea of the ASP objects, we
can have a look at the two important ones, that is, request and response objects. Response
© Copyright Virtual University of Pakistan 117
E-commerce – IT430 VU

object is used to send information to the client and Request object is used by the server to
retrieve information from the client.

ASP examples (not for exam)

Following is the example of Response object. We use its “write” function to write some
information on our web page. ASP normally uses VBScript as the scripting language. In
ASP, a variable is generally defined using Dim statement as shown in the code below.
ASP statements are contained within <% and %> which are called delimiters. VBScript by
default assumes that any symbol that is not a keyword is a variable. This might cause serious
problems when you are writing an ASP application. What if you mistype a variable name and
it will be considered by the server as a new variable. To avoid this you must write Option
Explicit at top of your each ASP file.

<%@ language=VBScript %>

<%option explicit%>
<%Dim lastname
Dim firstname
Dim myage
lastname=“Ali”
firstname=“Imran”
myage=30
%>
<html>
<head><title>It is easy</title></head>
<body>
My name is <%=firstname%> <%=lastname%> and my age is <%Response.Write
myage%>
</body>
</html>

Suppose that we want to collect data from a form (Fig. 4) using ASP and then resend a page
to the client having that information written on it. For that one can develop the following
ASP code. Note the use of “Request.form” for collecting data form the form.

<%@Language="VBSCRIPT"%>
<%option explicit%>
<%Dim loginname
Dim name
loginname=Request.Form("userlogin")
name=Request.Form("username")
%>
<html>
<head><title>It is easy</title></head>
<body>
My name is <%Response.Write name%> and I am going to use
<%Response.Write loginname%> as my login
</body>
© Copyright Virtual University of Pakistan 118
E-commerce – IT430 VU

</html>

22

Fig. 4

When a user clicks at Register! the information filled by him in the above two boxes would
be delivered to the ASP file whose code you have seen above. This would happen because
we keep the name or URL of the above ASP file as value of the action attribute in the form
tag.

VBScript offers a lot of flexibility for programming. We can use functions, If statements,
For loops etc. Consider the following example where a For loop has been used:

<%@Language=“VBSCRIPT”%>
<%option explicit%>
<HTML>
<Body>
Test1
<%
Dim myString=“ecommerce”
%>
<%If Time>=#12:00 AM# and Time<=#12:00 PM# then%>
<h3>Good Morning Pakistan</h3>
<%else%>
<h3>Hello Everyone <p>
<%
Dim j
For j=1 to 3

© Copyright Virtual University of Pakistan 119

E-commerce – IT430 VU

response.write myString
response.write “<p>”
Next
%></h3>
<% end if %>
</Body>
</HTML>
Result of the above code would be similar to the one shown in Fig. 5 below. Note that the
words ecommerce are printed thrice due to for loop written in a specified format in
VBScript.

25

Fig. 5

© Copyright Virtual University of Pakistan 120