Web technology and commerce unit 2

UNIT : II
PREPARED BY ARUN PRATAP SINGH
WEB TECHNOLOGY AND COMMERCE (MCSE 201)

PREPARED BY ARUN PRATAP SINGH 1
1
STATIC AND DYNAMIC WEB PAGES :
STATIC WEB PAGES :-
A static web page (sometimes called a flat page/stationary page) is a web page that is
delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by
a web application.
Consequently a static web page displays the same information for all users, from all contexts,
subject to modern capabilities of a web server to negotiate content-type or language of the
document where such versions are available and the server is configured to do so.
Static web pages are often HTML documents stored as files in the file system and made available
by the web server over HTTP (nevertheless URLs ending with ".html" are not always static).
However, loose interpretations of the term could include web pages stored in adatabase, and
could even include pages formatted using a template and served through an application server,
as long as the page served is unchanging and presented essentially as stored.
Static web pages are suitable for the contents that never or rarely need to be updated. However,
maintaining large numbers of static pages as files can be impractical without automated tools.
Any personalization or interactivity has to run client-side, which is restricting.
Static web page: is delivered to the user exactly as stored.
DYNAMIC WEB PAGES :-
A server-side dynamic web page is a web page whose construction is controlled by anapplication
server processing server-side scripts. In server-side scripting parametersdetermine how the
assembly of every new web page proceeds, including the setting up of more client-side
processing.
A client-side dynamic web page processes the web page using HTML scripting running in the
browser as it loads. JavaScript and other scripting languages determine the way the HTML in the
received page is parsed into the Document Object Model, or DOM, that represents the loaded
UNIT : II

2
web page. The same client-side techniques can then dynamically update or change the DOM in
the same way.
A dynamic web page is then reloaded by the user or by a computer program to change some
variable content. The updating information could come from the server.
Dynamic web page: example of server-side scripting (PHP and MySQL).

3
TIERS :
A "tier" can also be referred to as a "layer". A wedding cake is said to have tiers while a chocolate
cake is said to have layers, but they mean the same thing.
In the software world Tiers/Layers should have some or all of the following characteristics:
 Each tier/layer should be able to be constructed separately, possibly by different teams of
people with different skills.
 Several tiers/layers should be able to be joined together to make a whole "something".
 Each tier/layer should contribute something different to the whole. A chocolate layer cake, for
example, has layers of chocolate and cake.
 There must also be some sort of boundary between one tier and another. You cannot take a
single piece of cake, chop it up into smaller units and call that a layer cake because each unit
is indistinguishable from the other units.
 Each tier/layer should not be able to operate independently without interaction with other
tiers/layers.
 It should be possible to swap one tier/layer with an alternative component which has similar
characteristics so that the whole may continue functioning.
Applications are usually broken into logical chunks called "tiers", where every tier is assigned a
role. Traditional applications consist only of 1 tier, which resides on the client machine, but web
applications lend themselves to an n-tiered approach by nature. Though many variations are
possible, the most common structure is the three-tiered application. In its most common form, the
three tiers are called presentation, application and storage, in this order. A web browser is the
first tier (presentation), an engine using some dynamic Web content technology (such
as ASP, ASP.NET, CGI, ColdFusion, JSP/Java, PHP, Perl, Python, Ruby on Rails or Struts2) is
the middle tier (application logic), and a database is the third tier (storage). The web browser

4
sends requests to the middle tier, which services them by making queries and updates against
the database and generates a user interface.
The 1-Tier Architecture :
Figure 2 is a simple diagram which shows a 1-Tier application where the Presentation logic,
Business logic and Data Access logic are all contained within a single component:
Figure 2 - 1 Tier architecture
Although this diagram apparently makes it easy to identify the different areas of responsibility, in
real life the actual program code may be so inter-mingled, inter-twined and spaghetti-like that it
would be extremely difficult to locate the boundaries between each area of responsibility.
The 2-Tier Architecture
My first exposure to a software architecture which had more than one layer was with a compiled
language where all database access was handled by a completely separate component which
was provided by the vendor, as shown in figure 4:

5
Figure 4 - 2 Tier architecture
This was a deliberate feature of the language as it enabled an application to be readily switched
from one DBMS engine to another simply by loading a different data access component. No other
part of the application was allowed to communicate with the database, so this component could
be switched without affecting any other part of the application. This made it possible to develop
an application using one DBMS, then deploy it with another.
Note that the presentation logic and the business logic are still intermingled.
What is the difference between "N Tier" and "3 Tier"?
There is no difference. Some people refer to the N Tier Architecture where 'N' can be any number.
I personally have found no use for any more than 3 tiers, which is why I always call it the 3 Tier
Architecture. If you try to build an application with more than three layers then be aware that it
may have a serious impact on performance, as discussed in Application Performance and
Antipatterns.
What the 3 Tier Architecture is not -
Some people consider that a web application is automatically 3 Tier as it has 3 separate
components, as shown in figure 1:
Figure 1 - A Web Application

6
Although this would appear to satisfy the conditions outlined in What is a "tier"?, I feel that it fails
on one important aspect. Just as a layer cake is made up of several layers of cake - you cannot
combine a single piece of cake, a cake stand and a decoration and call it a "layer cake" - you
require several layers of "cake". In order for your application to be called multi-layered it is the
application on its own - which excludes all external components such as the browser and the
database - which must be broken down into several layers. I am discounting everything outside
of the application itself for the following reasons:
 The web browser can operate independently of the application, therefore it is not part of the
application. Although it is possible for application code to be executed in the client's browser,
such as JavaScript, Flash, or ActiveX controls, their usage is entirely optional and can be
disabled.
 The database server can also operate independently of the application, therefore it is not part
of the application. Although it is possible for application code to be executed in the database,
such as database triggers and stored procedures, their usage is entirely optional and can be
disabled.
What parts of an application can be split into layers?
You cannot just take the source code for an application, chop it into parts and call each part a
layer. You have to identify specific areas of responsibility, then identify the code which performs
within each of those areas. As I said previously, I do not recognise any more than 3 areas, and
those 3 are:
1. Presentation logic - the user interface (UI) which displays data to the user and accepts input
from the user. In a web application this is the part which receives the HTTP request and
returns the HTML response.
2. Business logic - handles data validation, business rules and task-specific behaviour.
3. Data Access logic - communicates with the database by constructing SQL queries and
executing them via the relevant API.
Although it may be possible to take any of the above areas of responsibility and break them down
into even smaller components, such as with objects made from different design patterns, it may
be unwise to treat each of those objects as a separate layer otherwise you may drown yourself in
tiny details and lose sight of the big picture.
The 3-Tier Architecture :
This is where the code for each area of responsibility can be cleanly split away from the others,
as shown in figure 5:
Figure 5 - 3 Tier Architecture

7
Note here that the presentation layer has no direct communication with the data access layer - it
can only talk to the business layer.
The Rules of the 3 Tier Architecture
It is simply not good enough to split the code for an application into 3 parts and call it "3 Tier" if
the code within each tier does not behave in a certain way. There are rules to be followed, but
these rules are pretty straightforward.
 The code for each layer must be contained with separate files which can be maintained
separately.
 Each layer may only contain code which belongs in that layer. Thus business logic can only
reside in the Business layer, presentation logic in the Presentation layer, and data access
logic in the Data Access layer.
 The Presentation layer can only receive requests from, and return responses to, an outside
agent. This is usually a person, but may be another piece of software.
 The Presentation layer can only send requests to, and receive responses from, the Business
layer. It cannot have direct access to either the database or the Data Access layer.
 The Business layer can only receive requests from, and return response to, the Presentation
layer.
 The Business layer can only send requests to, and receive responses from, the Data Access
layer. It cannot access the database directly.
 The Data Access layer can only receive requests from, and return responses to, the Business
layer. It cannot issue requests to anything other than the DBMS which it supports.
 Each layer should be totally unaware of the inner workings of the other layers. The Business
layer, for example, must be database-agnostic and not know or care about the inner workings
of the Data Access object. It must also be presentation-agnostic and not know or care how its
data will be handled. It should not process its data differently based on what the receiving
component will do with that data. The presentation layer may take the data and construct an
HTML document, a PDF document, a CSV file, or process it in some other way, but that should
be totally irrelevant to the Business layer.

8
This cycle of requests and their associated responses can be shown in the form of a simple
diagram, as shown in figure 6:
Figure 6 - Requests and Responses in the 3 Tier Architecture
If you look carefully at those layers you should see that each one requires different sets of skills:
 The Presentation layer requires skills such as HTML, CSS and possibly JavaScript, plus UI
design.
 The Business layer requires skills in a programming language so that business rules can be
processed by a computer.
 The Data Access layer requires SQL skills in the form of Data Definition Language (DDL) and
Data Manipulation Language (DML), plus database design.
Although it is possible for a single person to have all of the above skills, such people are quite
rare. In large organisations with large software applications this splitting of an application into
separate layers makes it possible for each layer to be developed and maintained by different
teams with the relevant specialist skills.
3 Tier Architecture in operation
When an application is developed it is not (or should not be) constructed from a single large
component. There are usually lots of small components (sometimes called 'modules', or 'classes'
in OOP), each performing a particular function, and the application is the sum of those parts. This
allows new functionality to be added without necessarily having any effect on any existing
components. The advantage of a layered approach is that a component in a lower layer may be
shared by multiple components in a higher layer, as shown in the figure 7:

9
Figure 7 - 3 Tier Architecture in operation
Here you see that a component in the Presentation layer can communicate with one or more
components in the Business layer. A component in the Business layer communicates with the
component in the Data Access layer, but may also communicate with other Business layer
components. There is usually only one component in the Data Access layer as the application
database(s) are usually handled by a single DBMS engine. It is possible to switch to a different
DBMS engine simply by changing this single component. It is also technically possible for different
parts of the application to deal with different DBMS engines at the same time, as shown in figure
9.
In my largest application I have 2,000 components (user transactions) in the presentation layer,
250 in the business layer, and 1 in the data access layer. I have heard of some implementations
which have a separate Data Access Object (DAO) for each individual table in the database, but
more experienced developers can achieve the same functionality with just one. In my own
implementation, for example, a single DAO can deal with every table in the database. However,
I have a separate class file for each of the major DBMS engines - MySQL, PostgreSQL, Oracle
and SQL Server - so I can easily switch from one to another by changing a single entry in my
config file.
Note also that the connection to the database is not opened by any component within the
Presentation layer. This should only be done within the Data Access layer when instructed to do
so by the Business layer, and only the moment before an operation on the database is actually
required. This is called the "Just In Time" (JIT) method as against the "Just In Case" (JIC) method.
When the Business layer decides that it needs to talk to the database it follows these steps:

10
 Identify which DBMS is relevant for the database table.
 Instantiate an object from the relevant class file, which is usually a shared singleton.
 Pass a collection of variables to the DBMS object which will be used to construct the relevant
query. This allows the query to be constructed according to the needs of that particular DBMS
engine. The Oracle database, for example, does not use OFFSET and LIMIT for pagination.
 Execute the query and wait for the response.
 Deal with the response before returning it as an array. Different DBMS engines, for example,
have different methods of dealing with auto-increment columns or sequences, so the code to
deal with these differences is contained within the DBMS object and totally invisible to the
calling object.
This approach allows an instance of my application to access database tables on more than one
server, and even more than one DBMS engine.
Aren't the MVC and 3-Tier architectures the same thing?
There are some programmers who, upon hearing that an application has been split into 3 areas
of responsibility, automatically assume that they have the same responsibilities as the Model-
View-Controller (MVC) Design Pattern. This is not the case. While there are similarities there are
also some important differences:
 The View and Controller both fit into the Presentation layer.
 Although the Model and Business layers seem to be identical the MVC pattern does not have
a separate component which is dedicated to data access.
The overlaps and differences are shown in Figure 8 and Figure 8a:
Figure 8 - The MVC and 3-Tier architectures combined
Here is an alternative diagram which shows the same information in a different way:

11
Figure 8a - MVC plus 3 Tier Architecture
What are the benefits of the 3-tier architecture?
The main advantages of the 3 Tier Architecture are often quoted as:
 Flexibility - By separating the business logic of an application from its presentation logic, a
3-Tier architecture makes the application much more flexible to changes.
 Maintainability - Changes to the components in one layer should have no effect on any others
layers. Also, if different layers require different skills (such as HTML/CSS is the presentation
layer, PHP/Java in the business layer, SQL in the data access layer) then these can be
managed by independent teams with skills in those specific areas.
 Reusability - Separating the application into multiple layers makes it easier to implement re-
usable components. A single component in the business layer, for example, may be accessed
by multiple components in the presentation layer, or even by several different presentation
layers (such as desktop and the web) at the same time.
 Scalability - A 3-Tier architecture allows distribution of application components across
multiple servers thus making the system much more scalable.
 Reliability - A 3-Tier architecture, if deployed on multiple servers, makes it easier to increase
reliability of a system by implementing multiple levels of redundancy.
Three-Tier Architecture:-
• Client (tier 1) : primarily responsible for presentation of data to the user
• Application Server (tier 2) : primarily responsible for supplying data processing and
business logic
• Database Server (tier 3) : responsible for data validation and database access

12
N-Tier Architecture:-
• Done by extending 3-tier’s middle tier into any # of tiers
• Is more modular, therefore changes can be more independent
• Load balancing is better because of distribution of work
PLUG-INS :
In computing, a plug-in (or plugin, extension, or add-on / addon) is a software component that
adds a specific feature to an existing software application. When an application supports plug-
ins, it enables customization. The common examples are the plug-ins used in web browsers to
add new features such as search-engines, virus scanners, or the ability to utilize a new file
type such as a new video format. Well-known browser plug-ins include the Adobe Flash Player,
the QuickTime Player, and the Java plug-in, which can launch a user-activated Java applet on a
web page to its execution a local Java virtual machine.
Add-on (or addon) is the general term for what enhances an application. It comprises snap-
in, plug-in, theme and skin. An extension add-on tailors the core features of an application by
adding an optional module, whereas a plug-in add-on would tailor the outer layers of an
application to personalize functionality.
A theme or skin add-on is a preset package containing additional or changed graphical
appearance details, achieved by the use of a graphical user interface (GUI) that can be applied
to specific software and websites to suit the purpose, topic, or tastes of different users to

13
customize the look and feel of a piece of computer software or an operating system front-end GUI
(and window managers).
Purpose and examples –
Applications support plug-ins for many reasons. Some of the main reasons include:
 to enable third-party developers to create abilities which extend an application
 to support easily adding new features
 to reduce the size of an application
 to separate source code from an application because of incompatible software licenses.
Specific examples of applications and why they use plug-ins:
 Audio editors use plug-ins to generate, process and/or analyse sound (Ardour, Audacity)
 Email clients use plug-ins to decrypt and encrypt email (Pretty Good Privacy)
 Graphics software use plug-ins to support file formats and process images (Adobe
Photoshop, GIMP)
 Media players use plug-ins to support file formats and apply filters
(foobar2000, GStreamer, Quintessential, VST, Winamp, XMMS)
 Microsoft Office uses plug-ins (better known as add-ins) to extend the abilities of its
application by adding custom commands and specialized features
 Packet sniffers use plug-ins to decode packet formats (OmniPeek)
 Remote sensing applications use plug-ins to process data from different sensor types
(Opticks)

14
 Smaart, an audio spectrum analysis application which accepts plug-ins for third-party digital
signal processors
 Software development environments use plug-ins to support programming
languages (Eclipse, jEdit, MonoDevelop)
 Web browsers use plug-ins (often implementing the NPAPI specification) to play video and
presentation formats (Flash, QuickTime, Microsoft Silverlight, 3DMLW)
FORMS :
EXAMPLE :

15
HTML forms are used to pass data to a server.
An HTML form can contain input elements like text fields, checkboxes, radio-buttons, submit
buttons and more. A form can also contain select lists, textarea, fieldset, legend, and label
elements.
The <form> tag is used to create an HTML form:
<form>
.
input elements
.
</form>
HTML Forms - The Input Element
The most important form element is the <input> element.
The <input> element is used to select user information.
An <input> element can vary in many ways, depending on the type attribute. An <input>
element can be of type text field, checkbox, password, radio button, submit button, and more.
The most common input types are described below.
Text Fields
<input type="text"> defines a one-line input field that a user can enter text into:
<form>
First name: <input type="text" name="firstname"><br>
Last name: <input type="text" name="lastname">
</form>
How the HTML code above looks in a browser:
First name:
Last name:
Note: The form itself is not visible. Also note that the default width of a text field is 20
characters.
Password Field
<input type="password"> defines a password field:

16
<form>
Password: <input type="password" name="pwd">
</form>
Password:
Note: The characters in a password field are masked (shown as asterisks or circles).
Radio Buttons
<input type="radio"> defines a radio button. Radio buttons let a user select ONLY ONE of a
limited number of choices:
<form>
<input type="radio" name="sex" value="male">Male<br>
<input type="radio" name="sex" value="female">Female
</form>
Male
Female
Checkboxes
<input type="checkbox"> defines a checkbox. Checkboxes let a user select ZERO or MORE
options of a limited number of choices.
<form>
<input type="checkbox" name="vehicle" value="Bike">I have a bike<br>
<input type="checkbox" name="vehicle" value="Car">I have a car
</form>
I have a bike
I have a car
Submit Button
<input type="submit"> defines a submit button.

17
A submit button is used to send form data to a server. The data is sent to the page specified in
the form's action attribute. The file defined in the action attribute usually does something with
the received input:
<form name="input" action="demo_form_action.asp" method="get">
Username: <input type="text" name="user">
<input type="submit" value="Submit">
</form>
FRAMES :
In the context of a web browser, a frame is a part of a web page or browser window which displays
content independent of its container, with the ability to load content independently. The HTML or
media elements that go in a frame may or may not come from the same web site as the other
elements of content on display.
In HTML, a frameset is a group of named frames to which web pages and media can be directed;
an iframe provides for a frame to be placed inside the body of a document.
Since the early 2000s, the use of framesets has increasingly been considered obsolete due to
usability and accessibility concerns, and the feature has been removed from the HTML5 standard.

18
Advantages :
By allowing content to be loaded and navigated independently, frames offered several advantages
over the plain HTML in use when they were first developed:
 Simplifying maintenance of content shared across all or most pages, such as navigation
data.[8]
If an item needs to be added to a sidebar navigation menu, the web page author needs
to change only one web page file, whereas each individual page on a traditional non-frameset
website would have to be edited if the sidebar menu appeared on all of them.
 Reducing the amount of band-width needed by not re-downloading parts of the page which
hadn't changed.
 Allowing several pieces of information to be viewed side by side, with the ability for each section
to be scrolled independently. This might include the side-by-side comparison of two pictures or
videos, or two different ways to understand something, such as an independently scrolling page
of text next to video, images, animation, 3D rotating objects, etc.
 Allowing footnotes or digressions to appear in a dedicated section of the page when linked to, so
that the reader does not lose their place in the main text.
EXPOSURE TO MARKUP LANGUAGES :
Markup languages are designed for the processing, definition and presentation of text. The
language specifies code for formatting, both the layout and style, within a text file. The code used
to specify the formatting are called tags. HTML is a an example of a widely known and used
markup language.
HTML, DHTML, VRML, SGML, XML are markup languages.

19
HTML :
HTML is a language for describing web pages.
 HTML stands for Hyper Text Markup Language
 HTML is a markup language
 A markup language is a set of markup tags
 The tags describe document content
 HTML documents contain HTML tags and plain text
 HTML documents are also called web pages
EXAMPLE-
<!DOCTYPE html>
<html>
<body>
<h1>My First Heading</h1>
<p>My first paragraph.</p>
</body>
</html>
Example Explained
 The DOCTYPE declaration defines the document type
 The text between <html> and </html> describes the web page
 The text between <body> and </body> is the visible page content
 The text between <h1> and </h1> is displayed as a heading
 The text between <p> and </p> is displayed as a paragraph
HTML markup tags are usually called HTML tags
 HTML tags are keywords (tag names) surrounded by angle brackets like <html>
 HTML tags normally come in pairs like <b> and </b>
 The first tag in a pair is the start tag, the second tag is the end tag
 The end tag is written like the start tag, with a forward slash before the tag name
 Start and end tags are also called opening tags and closing tags
<tagname>content</tagname>
HTML Elements
"HTML tags" and "HTML elements" are often used to describe the same thing.
But strictly speaking, an HTML element is everything between the start tag and the end tag,
including the tags:

20
HTML Element:
<p>This is a paragraph.</p>
DHTML :
DHTML is NOT a Language
DHTML stands for Dynamic HTML.
DHTML is NOT a language or a web standard.
To most people DHTML means the combination of HTML, JavaScript, DOM and CSS.
According to the World Wide Web Consortium (W3C):
"Dynamic HTML is a term used by some vendors to describe the combination of HTML, style
sheets and scripts that allows documents to be animated."
Dynamic HTML, or DHTML, is an umbrella term for a collection of technologies used together to
create interactive and animated web sites[1]
by using a combination of a static markup
language (such as HTML), a client-side scripting language (such as JavaScript), a presentation
definition language (such as CSS), and the Document Object Model.[2]
DHTML allows scripting languages to change variables in a web page's definition language, which
in turn affects the look and function of otherwise "static" HTML page content, after the page has
been fully loaded and during the viewing process. Thus the dynamic characteristic of DHTML is
the way it functions while a page is viewed, not in its ability to generate a unique page with each
page load.
By contrast, a dynamic web page is a broader concept, covering any web page generated
differently for each user, load occurrence, or specific variable values. This includes pages created
by client-side scripting, and ones created by server-side scripting (such
as PHP, Perl, JSP orASP.NET) where the web server generates content before sending it to the
client.
DHTML is differentiated from Ajax by the fact that a DHTML page is still request/reload-based.
With DHTML, there may not be any interaction between the client and server after the page is
loaded; all processing happens in JavaScript on the client side. By contrast, an Ajax page uses
features of DHTML to initiate a request (or 'subrequest') to the server to perform actions such as
loading more content.
DHTML Example –

21
<html>
<body>
<h1 onclick="this.innerHTML='Ooops!'">Click on this text</h1>
</body>
</html>
VRML :
Pronounced ver-mal, and short for Virtual Reality Modeling Language, VRML is a specification
for displaying 3-dimensional objects on the World Wide Web. You can think of it as the 3-D
equivalent of HTML. Files written in VRML have a.wrl extension (short for world). To view these
files, you need a VRML browser or a VRML plug-in to a Web browser.
VRML produces a hyperspace (or a world), a 3-dimensional space that appears on your display
screen. And you can figuratively move within this space. That is, as you press keys to turn left,
right, up or down, or go forwards or backwards, the images on your screen will change to give the
impression that you are moving through a real space.
VRML (Virtual Reality Modeling Language, pronounced vermal or by its initials, originally—
before 1995—known as the Virtual Reality Markup Language) is a standard file format for
representing 3-dimensional (3D) interactive vector graphics, designed particularly with the World
Wide Web in mind. It has been superseded by X3D.
VRML is a text file format where, e.g., vertices and edges for a 3D polygon can be specified along
with the surface color, UV mapped textures, shininess, transparency, and so on.[2]
URLs can be
associated with graphical components so that a web browser might fetch a webpage or a new
VRML file from the Internet when the user clicks on the specific graphical
component. Animations, sounds, lighting, and other aspects of the virtual world can interact with
the user or may be triggered by external events such as timers. A special Script Node allows the
addition of program code (e.g., written in Java or ECMA Script) to a VRML file.
VRML files are commonly called "worlds" and have the *.wrl extension (for example island.wrl).
VRML files are in plain text and generally compresses well using gzip which is useful for
transferring over the internet more quickly (some gzip compressed files use the *.wrz extension).
Many 3D modeling programs can save objects and scenes in VRML format.
The term VRML was coined by Dave Raggett in a paper called “Extending WWW to support
Platform Independent Virtual Reality” submitted to the First World Wide Web Conference in 1994,
and first discussed at the WWW94 VRML BOF established by Tim Berners-Lee, where Mark
Pesce presented the Labyrinth demo he developed with Tony Parisi and Peter Kennard. In
October 1995, at Internet World, Template Graphics Software (TGS) demonstrated a 3D/VRML
plug-in for the beta release of Netscape 2.0 by Netscape Communications.

22
SGML :
Short for Standard Generalized Markup Language, a system for organizing and tagging elements
of a document. SGML was developed and standardized by the International Organization for
Standards (ISO) in 1986. SGML itself does not specify any particular formatting; rather, it specifies
the rules for tagging elements. These tags can then be interpreted to format elements in different
ways.
SGML is used widely to manage large documents that are subject to frequent revisions and need
to be printed in different formats. Because it is a large and complex system, it is not yet widely
used on personal computers. However, the growth of Internet, and especially the World Wide
Web, is creating renewed interest in SGML because the World Wide Web uses HTML, which is
one way of defining and interpreting tags according to SGML rules.
The Standard Generalized Markup Language (SGML; ISO 8879:1986) is for defining
generalized markup languages for documents. ISO 8879 Annex A.1 defines generalized markup:
Generalized markup is based on two novel postulates:
 Markup should be declarative: it should describe a document's structure and other attributes,
rather than specify the processing to be performed on it. Declarative markup is less likely to
conflict with unforeseen future processing needs and techniques.
 Markup should be rigorous so that the techniques available for processing rigorously-defined
objects like programs anddatabases can be used for processing documents as well.
HTML was theoretically an example of an SGML-based language until HTML 5, which admits that
browsers can't parse it as SGML (for compatibility reasons) and codifies exactly what they must
do instead.
DocBook SGML and LinuxDoc are better examples, as they were used almost exclusively with
actual SGML tools.
Document validity –
SGML (ENR+WWW) defines two kinds of validity. According to the revised Terms and Definitions
of ISO 8879 (from the public draft):
A conforming SGML document must be either a type-valid SGML document, a tag-valid SGML
document, or both. Note: A user may wish to enforce additional constraints on a document, such
as whether a document instance is integrally-stored or free of entity references.
A type-valid SGML document is defined by the standard as
An SGML document in which, for each document instance, there is an associated document type
declaration (DTD) to whose DTD that instance conforms.

23
A tag-valid SGML document is defined by the standard as
An SGML document, all of whose document instances are fully tagged. There need not be
a document type declaration associated with any of the instances. Note: If there is a document
type declaration, the instance can be parsed with or without reference to it.
The usual (default) SGML concrete syntax resembles this example, which is the
default HTML concrete syntax:
<QUOTE TYPE="example">
typically something like <ITALICS>this</ITALICS>
</QUOTE>
SGML provides an abstract syntax that can be implemented in many different types of concrete
syntax. Although the markup norm is using angle brackets as start- and end- tagdelimiters in an
SGML document (per the standard-defined reference concrete syntax), it is possible to use other
characters—provided a suitable concrete syntax is defined in the document's SGML
declaration.[7]
For example, an SGML interpreter might be programmed to parse GML, wherein
the tags are delimited with a left colon and a right full stop, thus, an :e prefix denotes an end
tag: :xmp.Hello, world:exmp.. According to the reference syntax, letter-case (upper- or
lower-) is not distinguished in tag names, thus the three tags: (i) <quote>, (ii) <QUOTE>, and
(iii) <quOtE> are equivalent. (NOTE: A concrete syntax might change this rule via the
NAMECASE NAMING declarations).
XML :
Short for Extensible Markup Language, a specification developed by the W3C. XML is a pared-
down version of SGML, designed especially for Web documents. It allows designers to create
their own customized tags, enabling the definition, transmission, validation, and interpretation of
data between applications and between organizations.
Extensible Markup Language (XML) is a markup language that defines a set of rules for
encoding documents in a format that is both human-readable and machine-readable. It is defined
in the XML 1.0 Specification produced by the W3C, and several other related specifications, all
free open standards.
The design goals of XML emphasize simplicity, generality, and usability over the Internet. It is a
textual data format with strong support via Unicode for different human languages. Although the
design of XML focuses on documents, it is widely used for the representation of arbitrary data
structures, for example in web services.

24
Many application programming interfaces (APIs) have been developed to aid software developers
with processing XML data, and several schema systems exist to aid in the definition of XML-
based languages.
XML is designed to transport and store data.
Example :
<?xml version="1.0" encoding="UTF-8"?>
<note>
<to> Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>
Key terminology –
The material in this section is based on the XML Specification. This is not an exhaustive list of all
the constructs that appear in XML; it provides an introduction to the key constructs most often
encountered in day-to-day use.
(Unicode) character
By definition, an XML document is a string of characters. Almost every legal Unicode character
may appear in an XML document.
Processor and application
The processor analyzes the markup and passes structured information to an application. The
specification places requirements on what an XML processor must do and not do, but the
application is outside its scope. The processor (as the specification calls it) is often referred to
colloquially as an XML parser.
Markup and content
The characters making up an XML document are divided into markup and content, which may be
distinguished by the application of simple syntactic rules. Generally, strings that constitute markup
either begin with the character < and end with a >, or they begin with the character & and end
with a ;. Strings of characters that are not markup are content. However, in a CDATA section,
the delimiters <![CDATA[ and ]]> are classified as markup, while the text between them is
classified as content. In addition, whitespace before and after the outermost element is classified
as markup.
Tag
A markup construct that begins with < and ends with >. Tags come in three flavors:
 start-tags; for example: <section>
 end-tags; for example: </section>
 empty-element tags; for example: <line-break />

25
Element
A logical document component which either begins with a start-tag and ends with a matching end-
tag or consists only of an empty-element tag. The characters between the start- and end-tags, if
any, are the element's content, and may contain markup, including other elements, which are
called child elements. An example of an element
is<Greeting>Hello, world.</Greeting> (see hello world). Another is <line-break />.
Attribute
A markup construct consisting of a name/value pair that exists within a start-tag or empty-element
tag. In the example (below) the element img has two attributes, src and alt:
<img src="madonna.jpg" alt='Foligno Madonna, by Raphael' />
Another example would be
<step number="3">Connect A to B.</step>
where the name of the attribute is "number" and the value is "3".
An XML attribute can only have a single value and each attribute can appear at most once on
each element. In the common situation where a list of multiple values is desired, this must be
done by encoding the list into a well-formed XML attribute[note 1]
with some format beyond what
XML defines itself. Usually this is either a comma or semi-colon delimited list or, if the individual
values are known not to contain spaces, a space-delimited list can be used.
<div class="inner greeting-box" >Hello!</div>
where the attribute "class" has both the value "inner greeting-box" and also indicates the
two CSS class names "inner" and "greeting-box".
XML declaration
XML documents may begin by declaring some information about themselves, as in the following
example:
<?xml version="1.0" encoding="UTF-8"?>
CGI :
Common Gateway Interface is a specification for transferring information between a World Wide
Web server and a CGI program. A CGI program is any program designed to accept and return
data that conforms to the CGI specification. The program could be written in any programming
language, including C, Perl, Java, or Visual Basic.
Common Gateway Interface (CGI) is a standard method used to generate dynamic content on
web pages and web applications. CGI, when implemented on a web server, provides an interface
between the web server and programs that generate the web content. These programs are known
as CGI scripts or simply CGIs; they are usually written in ascripting language, but can be written
in any programming language.

26
CGI Programs
CGI programs are the most common way for Web servers to interact dynamically with users.
Many HTML pages that contain forms, for example, use a CGI program to process the form's data
once it's submitted. Another increasingly common way to providedynamic feedback for Web users
is to include scripts or programs that run on the user's machine rather than the Web server. These
programs can be Java applets, Java scripts, or ActiveX controls. These technologies are known
collectively asclient-side solutions, while the use of CGI is a server-side solution because the
processing occurs on the Web server.
One problem with CGI is that each time a CGI script is executed, a new process is started. For
busy Web sites, this can slow down the server noticeably. A more efficient solution, but one that
it is also more difficult to implement, is to use the server's API, such as ISAPI or NSAPI. Another
increasingly popular solution is to use Java servlets.
Syntax :
The following CGI program shows all the environment variables passed by the web server:
#!/usr/bin/perl
=head1 DESCRIPTION
printenv — a CGI program that just prints its environment
=cut
print "Content-type: text/plainrnrn";
for my $var ( sort keys %ENV ) {
printf "%s = "%s"rn", $var, $ENV{$var};
}
The following are environment variables passed to CGI programs:
 Server specific variables:
 SERVER_SOFTWARE: name/version of HTTP server.
 SERVER_NAME: host name of the server, may be dot-decimal IP address.
 GATEWAY_INTERFACE: CGI/version.
 Request specific variables:
 SERVER_PROTOCOL: HTTP/version.
 SERVER_PORT: TCP port (decimal).
 REQUEST_METHOD: name of HTTP method (see above).
 PATH_INFO: path suffix, if appended to URL after program name and a slash.

27
 PATH_TRANSLATED: corresponding full path as supposed by server, if PATH_INFO is
present.
 SCRIPT_NAME: relative path to the program, like /cgi-bin/script.cgi.
 QUERY_STRING: the part of URL after ? character. The query string may be composed
of *name=value pairs separated with ampersands (such as var1=val1&var2=val2...) when
used to submit form data transferred via GET method as defined by HTML application/x-
www-form-urlencoded.
 REMOTE_HOST: host name of the client, unset if server did not perform such lookup.
 REMOTE_ADDR: IP address of the client (dot-decimal).
 AUTH_TYPE: identification type, if applicable.
 REMOTE_USER used for certain AUTH_TYPEs.
 REMOTE_IDENT: see ident, only if server performed such lookup.
 CONTENT_TYPE: Internet media type of input data if PUT or POST method are used, as
provided via HTTP header.
 CONTENT_LENGTH: similarly, size of input data (decimal, in octets) if provided via HTTP
header.
 Variables passed by user agent
(HTTP_ACCEPT, HTTP_ACCEPT_LANGUAGE, HTTP_USER_AGENT, HTTP_COOKI
E and possibly others) contain values of corresponding HTTP headers and therefore have
the same sense.
The program returns the result to the web server in the form of standard output, beginning with a
header and a blank line.
The header is encoded in the same way as an HTTP header and must include the MIME type of
the document returned. The headers, supplemented by the web server, are generally forwarded
with the response back to the user.
APPLETS AND SERVE-LETS :
APPLETS :
 Applets are applications designed to be transmitted over the network and executed by
Java compatible web browsers.
 An Applet is a client side java program that runs within a Web browser on the client
machine.
 An applet can use the user interface classes like AWT or Swing.
 Applet Life Cycle Methods: init(), stop(), paint(), start(), destroy()
In computing, an applet is any small application that performs one specific task that runs within
the scope of a dedicated widget engine or a larger program, often as a plug-in.[1][2]
The term is
frequently used to refer to a Java applet, a program written in the Java programming language
that is designed to be placed on a web page. Applets are typical examples of transient and
auxiliary applications that don't monopolize the user's attention. Applets are not full-featured
application programs, and are intended to be easily accessible.

28
In some cases, an applet does not run independently. These applets must run either in a container
provided by a host program, through a plugin, or a variety of other applications including mobile
devices that support the applet programming model.
Web-based Applets
Applets are used to provide interactive features to web applications that cannot be provided
by HTML alone. They can capture mouse input and also have controls like buttons orcheck boxes.
In response to the user action an applet can change the provided graphic content. This makes
applets well suitable for demonstration, visualization, and teaching. There are online applet
collections for studying various subjects, from physics to heart physiology. Applets are also used
to create online game collections that allow players to compete against live opponents in real-
time.
An applet can also be a text area only, providing, for instance, a cross platform command-line
interface to some remote system. If needed, an applet can leave the dedicated area and run as
a separate window. However, applets have very little control over web page content outside the
applet dedicated area, so they are less useful for improving the site appearance in general (while
applets like news tickers or WYSIWYG editors are also known). Applets can also play media in
formats that are not natively supported by the browser
HTML pages may embed parameters that are passed to the applet. Hence the same applet may
appear differently depending on the parameters that were passed.
Examples of Web-based Applets include:
 QuickTime movies
 Flash movies
 Windows Media Player applets, used to display embedded video files in Internet Explorer (and
other browsers that support the plugin)
 3D modeling display applets, used to rotate and zoom a model
 Browser games can be applet-based, though some may develop into fully functional
applications that require installation.
Applet vs. Subroutine-
A larger application distinguishes its applets through several features:
 Applets execute only on the "client" platform environment of a system, as contrasted from
"servlet". As such, an applet provides functionality or performance beyond the default
capabilities of its container (the browser).
 The container restricts applets' capabilities.
 Applets are written in a language different from the scripting or HTML language that invokes
it. The applet is written in a compiled language, whereas the scripting language of the

29
container is an interpreted language, hence the greater performance or functionality of the
applet. Unlike a "subroutine", a complete web component can be implemented as an applet.
Java Applets is a java program that is launched from HTML and run in a web browser. Java applet
can provide web applications with interactive features that cannot be provided byHTML. Since
Java's bytecode is platform-independent, Java applets can be executed by browsers running
under many platforms, including Windows, Unix, Mac OS, and Linux. When a Java technology-
enabled web browser processes a page that contains an applet, the applet's code is transferred
to the client's system and executed by the browser's Java Virtual Machine (JVM).[10]
An HTML
page references an applet either via the deprecated <applet> tag or via its replacement,
the <object> tag.
Recent developments in the coding of applications including mobile and embedded systems have
led to the awareness of the security of applets.
Open Platform Applets
Applets in an open platform environment should provide secure interactions between different
applications. A compositional approach can be used to provide security for open platform applets.
Advanced compositional verification methods have been developed for secure applet
interactions.
Java Applets
A Java applet contains different security models: unsigned Java applet security, signed Java
applet security, and self signed Java applet security.
Web-based Applets
In an applet-enabled web browser, many methods can be used to provide applet security for
malicious applets. A malicious applet can infect a computer system in many ways, including denial
of service, invasion of privacy, and annoyance.[13]
A typical solution for malicious applets is to
make the web browser to monitor applets' activities. This will result in a web browser that will
enable the manual or automatic stopping of malicious applets. To illustrate this method,
AppletGuard was used to observe and control any applet in a browser successfully.
SERVLETS :
 Servlets are Java based analog to CGI programs, implemented by means of servlet
container associated with an HTTP server.
 Servlet is a server side component which runs on the web server.
 The servlet does not have a user interface.
 Servlet Methods: doGet(), doPost()
The servlet is a Java programming language class used to extend the capabilities of a server.
Although servlets can respond to any types of requests, they are commonly used to extend the

30
applications hosted by web servers, so they can be thought of as Java applets that run
on servers instead of in web browsers. These kinds of servlets are the Java counterpart to other
dynamic Web content technologies such as PHP andASP.NET.
Servlets provide a component-based, platform-independent method for building Web-based
applications, without the performance limitations of CGI programs. Servlets have access to the
entire family of Java APIs, including the JDBC API to access enterprise databases.
Servlets are most often used to:
 Process or store data that was submitted from an HTML form .
 Provide dynamic content such as the results of a database query
 Manage state information that does not exist in the stateless HTTP protocol, such as filling
the articles into the shopping cart of the appropriate customer
Technically speaking, a "servlet" is a Java class in Java EE that conforms to the Java Servlet
API,[2]
a standard for implementing Java classes which respond to requests. Servlets could in
principle communicate over any client–server protocol, but they are most often used with
the HTTP protocol. Thus "servlet" is often used as shorthand for "HTTP servlet".[3]
Thus,
a software developer may use a servlet to add dynamic content to a web server using the Java
platform. The generated content is commonly HTML, but may be other data such as XML. Servlets
can maintain state in session variables across many server transactions by using HTTP cookies,
or URL rewriting.

31
To deploy and run a servlet, a web container must be used. A web container (also known as a
servlet container) is essentially the component of a web server that interacts with the servlets.
The web container is responsible for managing the lifecycle of servlets, mapping a URL to a
particular servlet and ensuring that the URL requester has the correct access rights.
The Servlet API, contained in the Java package hierarchy javax.servlet, defines the expected
interactions of the web container and a servlet.[3]
A Servlet is an object that receives a request and generates a response based on that request.
The basic Servlet package defines Java objects to represent servlet requests and responses, as
well as objects to reflect the servlet's configuration parameters and execution environment. The
package javax.servlet.http defines HTTP-specific subclasses of the generic servlet
elements, including session management objects that track multiple requests and responses
between the web server and a client. Servlets may be packaged in a WAR file as a web
application.
Servlets can be generated automatically from Java Server Pages (JSP) by the JavaServer Pages
compiler. The difference between servlets and JSP is that servlets typically embed HTML inside
Java code, while JSPs embed Java code in HTML. While the direct usage of servlets to generate
HTML (as shown in the example below) has become rare, the higher level MVC web framework
in Java EE (JSF) still explicitly uses the servlet technology for the low level request/response
handling via the FacesServlet. A somewhat older usage is to use servlets in conjunction with
JSPs in a pattern called "Model 2", which is a flavor of the model–view–controller pattern.
The current version of Servlet is 3.1.
. JSP :
JavaServer Pages (JSP) is a technology that helps software developers create dynamically
generated web pages based on HTML,XML, or other document types. Released in 1999 by Sun
Microsystems,[1]
JSP is similar to PHP, but it uses the Java programming language.
To deploy and run JavaServer Pages, a compatible web server with a servlet container, such
as Apache Tomcat or Jetty, is required.
Architecturally, JSP may be viewed as a high-level abstraction of Java servlets. JSPs are
translated into servlets at runtime; each JSP servlet is cached and re-used until the original JSP
is modified.[2]
JSP can be used independently or as the view component of a server-side model–view–
controller design, normally with JavaBeans as the model and Java servlets (or a framework such
as Apache Struts) as the controller. This is a type of Model 2 architecture.

32
JSP allows Java code and certain pre-defined actions to be interleaved with static web markup
content, with the resulting page being compiled and executed on the server to deliver a document.
The compiled pages, as well as any dependent Java libraries, use Java bytecode rather than a
native software format. Like any other Java program, they must be executed within a Java virtual
machine (JVM) that integrates with the server's host operating system to provide an abstract
platform-neutral environment.
JSPs are usually used to deliver HTML and XML documents, but through the use of Output
Stream, they can deliver other types of data as well.
The Web container creates JSP implicit objects like pageContext, servletContext, session,
request & response.
SYNTAX –
JSP pages use several delimiters for scripting functions. The most basic is <% ... %>, which
encloses a JSP scriptlet. A scriptlet is a fragment of Java code that is run when the user requests
the page. Other common delimiters include <%= ... %> for expressions, where the scriptlet and
delimiters are replaced with the result of evaluating the expression, and directives, denoted
with <%@ ... %>.
JavaServer Pages (JSP) is a server-side programming technology that enables the creation of
dynamic, platform-independent method for building Web-based applications. JSP have access to
the entire family of Java APIs, including the JDBC API to access enterprise databases.

33
Java code is not required to be complete or self-contained within its scriptlet element block, but
can straddle markup content providing the page as a whole is syntactically correct. For example,
any Java if/for/while blocks opened in one scriptlet element must be correctly closed in a later
element for the page to successfully compile. Markup which falls inside a split block of code is
subject to that code, so markup inside an if block will only appear in the output when
the if condition evaluates to true; likewise, markup inside a loop construct may appear multiple
times in the output depending upon how many times the loop body runs.
The following would be a valid for loop in a JSP page:
<p>Counting to three:</p>
<% for (int i=1; i<4; i++) { %>
<p>This number is <%= i %>.</p>
<% } %>
<p>OK.</p>
The output displayed in the user's web browser would be:
Counting to three:
This number is 1.
This number is 2.
This number is 3.
OK.
JAVA BEANS :
JavaBeans are reusable software components for Java. They are classes that encapsulate
many objects into a single object (the bean). They are serializable, have a 0-argument
constructor, and allow access to properties using getter and setter methods.
A JavaBean is a specially constructed Java class written in the Java and coded according to the
JavaBeans API specifications.
Following are the unique characteristics that distinguish a JavaBean from other Java classes:
 It provides a default, no-argument constructor.
 It should be serializable and implement the Serializable interface.
 It may have a number of properties which can be read or written.
 It may have a number of "getter" and "setter" methods for the properties.

34
JavaBeans Properties:
A JavaBean property is a named attribute that can be accessed by the user of the object. The
attribute can be of any Java data type, including classes that you define.
A JavaBean property may be read, write, read only, or write only. JavaBean properties are
accessed through two methods in the JavaBean's implementation class:
Method Description
getPropertyName()
For example, if property name is firstName, your method
name would be getFirstName() to read that property. This
method is called accessor.
setPropertyName()
For example, if property name is firstName, your method
name would be setFirstName() to write that property. This
method is called mutator.
A read-only attribute will have only a getPropertyName() method, and a write-only attribute will
have only a setPropertyName() method.
The full syntax for the useBean tag is as follows:
<jsp:useBean id="bean's name" scope="bean's scope" typeSpec/>
Advantages :
 The properties, events, and methods of a bean that are exposed to another application can
be controlled.
 A bean may register to receive events from other objects and can generate events that are
sent to those other objects.
 Auxiliary software can be provided to help configure a java bean.
 The configuration setting of bean can be saved in a persistent storage and restored at a later
time.
Disadvantages :
 A class with a nullary constructor is subject to being instantiated in an invalid state. If such a
class is instantiated manually by a developer (rather than automatically by some kind of
framework), the developer might not realize that the class has been improperly instantiated.
The compiler can’t detect such a problem, and even if it’s documented, there’s no guarantee
that the developer will see the documentation.

35
 Having to create a getter for every property and a setter for many, most, or all of them can
lead to an immense quantity of boilerplate code.
ACTIVE X CONTROL :
ActiveX control is a control using Microsoft ActiveX technologies. An ActiveX control can be
automatically downloaded and executed by a Web browser. ActiveX is not a programming
language, but rather a set of rules for how applications should share information.
Programmers can develop ActiveX controls in a variety of languages, including C, C++, Visual
Basic, and Java.
An ActiveX control is similar to a Java applet. Unlike Java applets, however, ActiveX controls
have full access to the Windows operating system. This gives them much more power than Java
applets, but with this power comes a certain risk that the applet may damage software or data on
your machine. To control this risk, Microsoft developed a registration system so that browsers can
identify and authenticate an ActiveX control before downloading it. Another difference between
Java applets and ActiveX controls is that Java applets can be written to run on all platforms,
whereas ActiveX controls are currently limited to Windows environments.
ActiveX is a software framework created by Microsoft which adapts its earlier Component Object
Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded
from a network, particularly in the context of the World Wide Web. It was introduced 1996 and is
commonly used in its Windows operating system. In principle it is not dependent on Microsoft
Windows, but in practice, most ActiveX controls require either Microsoft Windows or a Windows
emulator. Most also require the client to be running on Intel x86 hardware, because they contain
compiled code.
Many Microsoft Windows applications — including many of those from Microsoft itself, such
as Internet Explorer, Microsoft Office, Microsoft Visual Studio, and Windows Media Player — use
ActiveX controls to build their feature-set and also encapsulate their own functionality as ActiveX
controls which can then be embedded into other applications. Internet Explorer also allows the
embedding of ActiveX controls in web pages.
However, ActiveX will not work on all platforms, so using ActiveX controls to implement essential
functionality of a web page restricts its usefulness.

36
ASP COOKIES CREATING AND READING COOKIES :
ASP COOKIES :-
What is a Cookie?
A cookie is often used to identify a user. A cookie is a small file that the server embeds on the
user's computer. Each time the same computer requests a page with a browser, it will send the
cookie too. With ASP, you can both create and retrieve cookie values.
Writing cookies- You write a cookie using the page's Response property, which exposes an
object that allows you to add to the information being rendered to the browser by the page.
TheResponse object supports a collection named Cookies, to which you add the cookies you
want to write to the browser.
Note The Response object and the Request object, which I will discuss shortly, are properties
of the page that contain, respectively, instances of theHttpResponse and HttpRequest classes.

37
To find information in the documentation about Response and Request, look
under HttpResponse and HttpRequest.
When you create a cookie, you specify several values. To start with, you specify the name of the
cookie and the value to store in it. You can create multiple cookies, and each cookie must have
a unique name so you can identify it later when you want to read it. (Cookies are stored by name,
so if you create two cookies with the same name, one overwrites the other.)
How to Create a Cookie?
The "Response.Cookies" command is used to create cookies.
Note: The Response.Cookies command must appear BEFORE the <html> tag.
In the example below, we will create a cookie named "firstname" and assign the value "Alex" to
it:
<%
Response.Cookies("firstname")="Alex"
%>
It is also possible to assign properties to a cookie, like setting a date when the cookie should
expire:
<%
Response.Cookies("firstname").Expires=#May 10,2012#
%>
How to Retrieve a Cookie Value?
The "Request.Cookies" command is used to retrieve a cookie value.
In the example below, we retrieve the value of the cookie named "firstname" and display it on a
page:
<%
fname=Request.Cookies("firstname")
response.write("Firstname=" & fname)
%>
Output: Firstname=Alex
A Cookie with Keys
If a cookie contains a collection of multiple values, we say that the cookie has Keys.
In the example below, we will create a cookie collection named "user". The "user" cookie has
Keys that contains information about a user:

38
<%
Response.Cookies("user")("firstname")="John"
Response.Cookies("user")("lastname")="Smith"
Response.Cookies("user")("country")="Norway"
Response.Cookies("user")("age")="25"
%>
Read all Cookies
When a browser makes a request to the server, it sends the cookies for that server along with the
request. In your ASP.NET applications, you can read the cookies using theRequest object. The
structure of the Request object is essentially the same as that of the Response object, so you
can read cookies out of the Request object much the same way you wrote cookies into
the Response object.
Look at the following code:
<%
Response.Cookies("user")("firstname")="John"
Response.Cookies("user")("lastname")="Smith"
Response.Cookies("user")("country")="Norway"
Response.Cookies("user")("age")="25"
%>
Now we want to read all the cookies sent to a user. The example below shows how to do it (note
that the code below checks if a cookie has Keys with the HasKeys property):
<!DOCTYPE html>
<html>
<body>
<%
dim x,y
for each x in Request.Cookies
response.write("<p>")
if Request.Cookies(x).HasKeys then
for each y in Request.Cookies(x)
response.write(x & ":" & y & "=" & Request.Cookies(x)(y))
response.write("<br>")
next
else
Response.Write(x & "=" & Request.Cookies(x) & "<br>")
end if
response.write "</p>"
next
%>

39
</body>
</html>
Output:
firstname=Alex
user:firstname=John
user:lastname=Smith
user:country=Norway
user:age=25
SEMANTIC WEB :
The Semantic Web is a collaborative movement led by international standards body the World Wide Web
Consortium (W3C). The standard promotes common data formats on the World Wide Web. By encouraging
the inclusion of semantic content in web pages, the Semantic Web aims at converting the current web,
dominated by unstructured and semi-structured documents into a "web of data". The Semantic Web stack
builds on the W3C's Resource Description Framework (RDF).
According to the W3C, "The Semantic Web provides a common framework that allows data to be shared
and reused across application, enterprise, and community boundaries." The term was coined by Tim
Berners-Lee for a web of data that can be processed by machines.
While its critics have questioned its feasibility, proponents argue that applications in industry, biology and
human sciences research have already proven the validity of the original concept. Scholars have explored
the social potential of the semantic web in the business and health sectors, and for social networking.

40
The main purpose of the Semantic Web is driving the evolution of the current Web by enabling
users to find, share, and combine information more easily. Humans are capable of using the Web
to carry out tasks such as finding the Estonian translation for "twelve months", reserving a library
book, and searching for the lowest price for a DVD. However, machines cannot accomplish all of
these tasks without human direction, because web pages are designed to be read by people, not
machines. The semantic web is a vision of information that can be readily interpreted by
machines, so machines can perform more of the tedious work involved in finding, combining, and
acting upon information on the web.
The Semantic Web, as originally envisioned, is a system that enables machines to "understand"
and respond to complex human requests based on their meaning. Such an "understanding"
requires that the relevant information sources be semantically structured.
Tim Berners-Lee originally expressed the vision of the Semantic Web as follows:
I have a dream for the Web [in which computers] become capable of analyzing all the data on the
Web – the content, links, and transactions between people and computers. A "Semantic Web",
which makes this possible, has yet to emerge, but when it does, the day-to-day mechanisms of
trade, bureaucracy and our daily lives will be handled by machines talking to machines. The
"intelligent agents" people have touted for ages will finally materialize.[12]
The Semantic Web is regarded as an integrator across different content, information applications
and systems. It has applications in publishing, blogging, and many other areas.
Often the terms "semantics", "metadata", "ontologies", and "Semantic Web" are used
inconsistently. In particular, these terms are used as everyday terminology by researchers and
practitioners, spanning a vast landscape of different fields, technologies, concepts and application
areas. Furthermore, there is confusion with regard to the current status of the enabling
technologies envisioned to realize the Semantic Web. Gerber, Barnard, and Van der Merwe chart
the Semantic Web landscape and provide a brief summary of related terms and enabling
technologies in a paper.[13]
The architectural model proposed by Tim Berners-Lee is used as basis
to present a status model that reflects current and emerging technologies.
Components :
The term "Semantic Web" is often used more specifically to refer to the formats and technologies that
enable it. The collection, structuring and recovery of linked data are enabled by technologies that
provide a formal description of concepts, terms, and relationships within a given knowledge domain.
These technologies are specified as W3C standards and include:
 Resource Description Framework (RDF), a general method for describing information
 RDF Schema (RDFS)

41
 Simple Knowledge Organization System (SKOS)
 SPARQL, an RDF query language
 Notation3 (N3), designed with human-readability in mind
 N-Triples, a format for storing and transmitting data
 Turtle (Terse RDF Triple Language)
 Web Ontology Language (OWL), a family of knowledge representation languages
 Rule Interchange Format (RIF), a framework of web rule language dialects supporting rule
interchange on the Web
The Semantic Web Stack illustrates the architecture of the Semantic Web. The functions and
relationships of the components can be summarized as follows:
 XML provides an elemental syntax for content structure within documents, yet associates no
semantics with the meaning of the content contained within. XML is not at present a necessary
component of Semantic Web technologies in most cases, as alternative syntaxes exists, such
as Turtle. Turtle is a de facto standard, but has not been through a formal standardization
process.

42
 XML Schema is a language for providing and restricting the structure and content of elements
contained within XML documents.
 RDF is a simple language for expressing data models, which refer to objects ("web
resources") and their relationships. An RDF-based model can be represented in a variety of
syntaxes, e.g., RDF/XML, N3, Turtle, and RDFa. RDF is a fundamental standard of the
Semantic Web.
 RDF Schema extends RDF and is a vocabulary for describing properties and classes of RDF-
based resources, with semantics for generalized-hierarchies of such properties and classes.
 OWL adds more vocabulary for describing properties and classes: among others, relations
between classes (e.g. disjointness), cardinality (e.g. "exactly one"), equality, richer typing of
properties, characteristics of properties (e.g. symmetry), and enumerated classes.
 SPARQL is a protocol and query language for semantic web data sources.
 RIF is the W3C Rule Interchange Format. It's an XML language for expressing Web rules
which computers can execute. RIF provides multiple versions, called dialects. It includes a
RIF Basic Logic Dialect (RIF-BLD) and RIF Production Rules Dialect (RIF PRD).
SEMANTIC WEB SERVICE :
Semantic Web services combine Web services communication technology with the intelligent
processing of ontology-based metadata to achieve highly integrated enterprise application
integration scenarios, for service look-up, schema matching, or protocol negotiation, for example.
Rudi Studer and his team deliver a self-contained compendium about this exciting field, starting
with the basic standards and technologies and also including advanced applications in
eGovernment and eHealth. The contributions provide both the theoretical background and the
practical knowledge necessary to understand the essential ideas and to design new cutting-edge
applications. They address computer science students as well as researchers in academia and
industry who need a concise introduction and state-of-the-art survey of current research, and the
book can easily be used as the basis of a specialized course on Web services or Semantic Web
applications. In addition, IT professionals will be able to assess the potential and possible benefits
of this new technology.

43
Resource Description Framework (RDF) – I –
 Resource Description Framework (RDF) is a framework for describing and interchanging
metadata (data describing the web
resources).
 RDF provides machine understandable semantics for metadata.
This leads,
 better precision in resource discovery than full text search,
 assisting applications as schemas evolve,
 interoperability of metadata.
Resource Description Framework (RDF)- II-
 RDF has following important concepts
 Resource : The resources being described by RDF are anything that can be
named via a URI.
 Property : A property is also a resource that has a name, for instance Author or
Title.
 Statement : A statement consists of the combination of a Resource, a Property,
and an associated value.
Semantic Web Services, like conventional web services, are the server end of a client–
server system for machine-to-machine interaction via the World Wide Web. Semantic services
are a component of the semantic web because they use markup which makes data machine-
readable in a detailed and sophisticated way (as compared with human-readable HTML which is
usually not easily "understood" by computer programs).
The mainstream XML standards for interoperation of web services specify
only syntactic interoperability, not the semantic meaning of messages. For example, Web
Services Description Language (WSDL) can specify the operations available through a web
service and the structure of data sent and received but cannot specify semantic meaning of the

44
data or semantic constraints on the data. This requires programmers to reach specific agreements
on the interaction of web services and makes automatic web service composition difficult.
Semantic web services are built around universal standards for the interchange of semantic data,
which makes it easy for programmers to combine data from different sources and services without
losing meaning. Web services can be activated "behind the scenes" when a web browser makes
a request to a web server, which then uses various web services to construct a more sophisticated
reply than it would have been able to do on its own. Semantic web services can also be used by
automatic programs that run without any connection to a web browser.
A directory of Semantic Web Services providing semantic web service investigators with an index
to projects, standards and bibliographical references of semantic web service proposals was
created and is maintained by Dr. Khalid Belhajjame.
A Semantic Web Services platform that uses OWL (Web Ontology Language) to allow data and
service providers to semantically describe their resources using third-party ontologies is SSWAP:
Simple Semantic Web Architecture and Protocol.[1]
SSWAP establishes a lightweight protocol
(few OWL classes and predicates; see the SSWAP Protocol) and the concept of a "canonical
graph" to enable providers to logically describe a service. A service is essentially a transformation
of some, possibly null, input (or subject) to some, possibly null, output (or object). Services are
semantically discoverable based on their subsumption hierarchies as well as their input and
output data types.
SADI[2]
(Semantic Automated Discovery and Integration) is a Semantic Web Service initiative that
consists of a set of design-practices for Semantic Web Service publishing that minimizes the use
of non-standard protocols and message structures. SADI Services natively consume data in
RDF Resource Description Framework format, where input and output data must be instances of
(OWL Individuals of) input and output Classes defined in OWL-DL. Unlike canonical Web
Services, SADI Services do not use the SOAP messaging protocol, and unlike SSWAP, SADI
services have no project-specific messaging scaffold; services are invoked by passing RDF
instance data to the Service endpoint through HTTP POST, and multiplexing is achieved by
sending more than one OWL Individual in the HTTP POST invocation. SADI imposes a single
constraint on the behavior of the Service: that the URI of the output individual must be the same
as the URI of the corresponding input individual. In practice, this results in Services that create
semantic linkages between the input and output of the service. Thus, chaining SADI services
together into a workflow results in an uninterrupted Linked Data graph.
WEB SERVER SCALABILITY :
Web Server Scalability is the ability of a system, network, or process to handle a growing amount of
work in a capable manner or its ability to be enlarged to accommodate that growth.[1]
For example, it

45
can refer to the capability of a system to increase its total output under an increased load when
resources (typically hardware) are added. An analogous meaning is implied when the word is used in
an economic context, where scalability of a company implies that the underlying business model offers
the potential for economic growth within the company.
Scalability, as a property of systems, is generally difficult to define and in any particular case it is
necessary to define the specific requirements for scalability on those dimensions that are deemed
important. It is a highly significant issue in electronics systems, databases, routers, and networking. A
system whose performance improves after adding hardware, proportionally to the capacity added, is
said to be a scalable system.
An algorithm, design, networking protocol, program, or other system is said to scale if it is
suitably efficient and practical when applied to large situations (e.g. a large input data set, a large
number of outputs or users, or a large number of participating nodes in the case of a distributed
system). If the design or system fails when a quantity increases, it does not scale. In practice, if there
are a large number of things n that affect scaling, then n must grow less than n2. An example is a
search engine, that must scale not only for the number of users, but for the number of objects it
indexes. Scalability refers to the ability of a site to increase in size as demand warrants.[3]
The concept of scalability is desirable in technology as well as business settings. The base concept is
consistent – the ability for a business or technology to accept increased volume without impacting
the contribution margin (= revenue − variable costs). For example, a given piece of equipment may
have capacity from 1–1000 users, and beyond 1000 users, additional equipment is needed or
performance will decline (variable costs will increase and reduce contribution margin).

46
DISTRIBUTED OBJECTS :
The term distributed objects usually refers to software modules that are designed to work
together, but reside either in multiple computers connected via a network or in
different processes inside the same computer. One object sends a message to another object in
a remote machine or process to perform some task. The results are sent back to the calling object.
The term may also generally refer to one of the extensions of the basic object concept used in
the context of distributed computing, such as replicated objects or live distributed objects.

47
 Replicated objects are groups of software components (replicas) that run a distributed multi-
party protocol to achieve a high degree of consistency between their internal states, and that
respond to requests in a coordinated manner. Referring to the group of replicas jointly as
an object reflects the fact that interacting with any of them exposes the same externally visible
state and behavior.
 Live distributed objects (or simply live objects)[1]
generalize the replicated object concept to
groups of replicas that might internally use any distributed protocol, perhaps resulting in only
a weak consistency between their local states. Live distributed objects can also be defined as
running instances of distributed multi-party protocols, viewed from the object-oriented
perspective as entities that have distinct identity, and that can encapsulate distributed state
and behavior.
Image describes communication between distributed objects residing in different machines.
Local vs Distributed Objects –
Local and distributed objects differ in many respects. Here are some of them:
1. Life cycle : Creation, migration and deletion of distributed objects is different from local
objects
2. Reference : Remote references to distributed objects are more complex than simple
pointers to memory addresses
3. Request Latency : A distributed object request is orders of magnitude slower than local
method invocation
4. Object Activation : Distributed objects may not always be available to serve an object
request at any point in time

48
5. Parallelism : Distributed objects may be executed in parallel.
6. Communication : There are different communication primitives available for distributed
objects requests
7. Failure : Distributed objects have far more points of failure than typical local objects.
8. Security : Distribution makes them vulnerable to attack.
Examples :
Distributed objects are implemented in Objective-C using the Cocoa API with the NSConnection
class and supporting objects.
Distributed objects are used in Java RMI.
CORBA lets one build distributed mixed object systems.
DCOM is a framework for distributed objects on the Microsoft platform.
DDObjects is a framework for distributed objects using Borland Delphi.
Jt is a framework for distributed components using a messaging paradigm.
JavaSpaces is a Sun specification for a distributed, shared memory (spaces based)
OBJECT REQUEST BROKER :
 The core of the CORBA architecture is the ORB. Each machine involved in a CORBA
application must have an ORB running in order for processes on that machine to
interact with CORBA objects running in remote processes.
 Object clients and servers make requests through their ORBs and the remote ORB
locates the appropriate object and passes back the object reference to the requestor.
 The ORB provides the communication infrastructure needed to identify and locate
objects, handles connection management, etc. The ORBs communicate with each
other via the IIOP.
In Common Object Request Broker Architecture (CORBA), an Object Request Broker (ORB) is
the programming that acts as a "broker" between a client request for a service from a
distributed object or component and the completion of that request. Having ORB support in a
network means that a client program can request a service without having to understand where
the server is in a distributed network or exactly what the interface to the server program looks like.
Components can find out about each other and exchange interface information as they are
running.
CORBA's ORB may be thought of as strategic middleware that is more sophisticated conceptually
and in its capabilities than earlier middleware, including Remote Procedure Calls (RPCs),
message-oriented middleware, database stored procedures, and peer-to-peer services.

49
An ORB uses the CORBA Interface Repository to find out how to locate and communicate with a
requested component. When creating a component, a programmer uses either CORBA's
Interface Definition Language (IDL) to declare its public interfaces or the compiler of the
programming language translates the language statements into appropriate IDL statements.
These statements are stored in the Interface Repository as metadata or definitions of how a
component's interface works.
The Common Object Request Broker Architecture (CORBA) is a standard developed by the
Object Management Group (OMG) to provide interoperability among distributed objects.
CORBA is the world's leading middleware solution enabling the exchange of information,
independent of hardware platforms, programming languages, and operating systems. CORBA
is essentially a design specification for an Object Request Broker (ORB), where an ORB
provides the mechanism required for distributed objects to communicate with one another,
whether locally or on remote devices, written in different languages, or at different locations on
a network.
The CORBA Interface Definition Language, or IDL, allows the development of language and
location-independent interfaces to distributed objects. Using CORBA, application components
can communicate with one another no matter where they are located, or who has designed
them. CORBA provides the location transparency to be able to execute these applications.

50
CORBA is often described as a "software bus" because it is a software-based communications
interface through which objects are located and accessed. The illustration below identifies the
primary components seen within a CORBA implementation.
Data communication from client to server is accomplished through a well-defined object-
oriented interface. The Object Request Broker (ORB) determines the location of the target
object, sends a request to that object, and returns any response back to the caller. Through this
object-oriented technology, developers can take advantage of features such as inheritance,
encapsulation, polymorphism, and runtime dynamic binding. These features allow applications
to be changed, modified and re-used with minimal changes to the parent interface. The
illustration below identifies how a client sends a request to a server through the ORB:

51
Interface Definition Language (IDL)
A cornerstone of the CORBA standards is the Interface Definition Language. IDL is the OMG
standard for defining language-neutral APIs and provides the platform-independent delineation
of the interfaces of distributed objects. The ability of the CORBA environments to provide
consistency between clients and servers in heterogeneous environments begins with a
standardized definition of the data and operations constituting the client/server interface. This
standardization mechanism is the IDL, and is used by CORBA to describe the interfaces of
objects.
IDL defines the modules, interfaces and operations for the applications and is not considered a
programming language. The various programming languages, such as Ada, C++, or Java,
supply the implementation of the interface via standardized IDL mappings.
Application Development Using ORBexpress
The basic steps for CORBA development can be seen in the illustration below. This illustration
provides an overview of how the IDL is translated to the corresponding language (in this
example, C++), mapped to the source code, compiled, and then linked with the ORB library,
resulting in the client and server implementation.

52
The basic steps for CORBA development include:
Create the IDL to Define the Application Interfaces
The IDL provides the operating system and programming language independent interfaces to
all services and components that are linked to the ORB. The IDL specifies a description of any
services a server component exposes to the client. The term "IDL Compiler" is often used, but
the IDL is actually translated into a programming language.
Translate the IDL
An IDL translator typically generates two cooperative parts for the client and server
implementation, stub code and skeleton code. The stub code generated for the interface
classes is associated with a client application and provides the user with a well-defined
Application Programming Interface (API). In this example, the IDL is translated into C++.
Compile the Interface Files
Once the IDL is translated into the appropriate language, C++ in this example, these interface
files are compiled and prepared for the object implementation.
Complete the Implementation
If the implementation classes are incomplete, the spec and header files and complete bodies
and definitions need to be modified before passing through to be compiled. The output is a
complete client/server implementation.
Compile the Implementation
Once the implementation class is complete, the client interfaces are ready to be used in the
client application and can be immediately incorporated into the client process. This client
process is responsible for obtaining an object reference to a specific object, allowing the client
to make requests to that object in the form of a method call on its generated API.
Link the Application
Once all the object code from steps three and five have been compiled, the object
implementation classes need to be linked to the C++ linker. Once linked to the ORB library, in

53
this example, ORBexpress, two executable operations are created, one for the client and one
for the server.
Run the Client and Server
The development process is now complete and the client will now communicate with the server.
The server uses the object implementation classes allowing it to communicate with the objects
created by the client requests.
In its simplest form, the server must perform the following:
 Create the required objects.
 Notify the CORBA environment that it is ready to receive client requests.
 Process client requests by dispatching the appropriate servant.
CORBA Programming Definitions
Within a CORBA development process, there are a number of unique terms specific to a
CORBA implementation. Developers may find our Glossary of Terms helpful in understanding a
full CORBA implementation.
Interoperability
The first version of CORBA provided the IDL and standard mappings to just a few languages,
and as the CORBA standard has matured, CORBA 2.0 added more language bindings
(particularly C++ and Java) as well as General Inter-ORB Protocol (GIOP). When a client calls
a CORBA operation, the client ORB sends a GIOP message to the server. The server ORB
converts this request into a call on the server object and then returns the results in a GIOP
reply. This standard transfer syntax, specified by the Object Management Group, allows the
interoperability of ORB-to-ORB interaction and is designed to work over any transport protocol
meeting a minimal set of assumptions.
When GIOP is sent over TCP/IP, it is called Internet Inter ORB Protocol (IIOP). IIOP is
designed to allow different ORB vendors to interoperate with one another. An example of this
interoperability occurs when there is communication between an enterprise designed ORB, and
a smaller real-time application, utilizing a real-time ORB.
Object Management Group (OMG)
The OMG is a non-profit consortium created in 1989 to promote the theory and practice of
object technology for the development for distributed operating systems. The goal is to provide
a common architectural framework for object-oriented applications based on widely available
interface specifications. With a membership of over 800 members, representing large and small
companies within the computer industry, OMG leads the specification development efforts of
CORBA, OMG IDL, IIOP, OMA, UML, MOF, and CWM specifications.
The OMG does not produce software or implementation guidelines, only the specifications to
which OMG members respond to in Request For Information (RFI) and Requests for Proposals
(RFP). By managing these specifications, the OMG supports the adoption process for the
member companies interested in advancing the uses and applications of distributed object-
oriented computing.

54
WEB SERVICES :
A Web service is a method of communications between two electronic devices over a network.
It is a software function provided at a network address over the web with the service always on as
in the concept of utility computing.
The W3C defines a Web service as:
a software system designed to support interoperable machine-to-machine interaction over
a network. It has an interface described in a machine-processable format (specifically WSDL).
Other systems interact with the Web service in a manner prescribed by its description
using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction
with other Web-related standards.
The W3C also states:
We can identify two major classes of Web services:
 REST-compliant Web services, in which the primary purpose of the service is to manipulate
XML representations of Web resources using a uniform set of stateless operations; and
 Arbitrary Web services, in which the service may expose an arbitrary set of operations.
Many organizations use multiple software systems for management. Different software systems
often need to exchange data with each other, and a web service is a method of communication
that allows two software systems to exchange this data over the internet. The software system
that requests data is called a service requester, whereas the software system that would process
the request and provide the data is called a service provider.
Web services architecture: the service provider sends a WSDL file to UDDI. The service requester
contacts UDDI to find out who is the provider for the data it needs, and then it contacts the service
provider using the SOAP protocol. The service provider validates the service request and sends

55
structured data in an XML file, using the SOAP protocol. This XML file would be validated again
by the service requester using an XSD file.
Automated tools can aid in the creation of a web service. For services using WSDL, it is possible
to either automatically generate WSDL for existing classes (a bottom-up model) or to generate a
class skeleton given existing WSDL (a top-down model).
 A developer using a bottom-up model writes implementing classes first (in some programming
language), and then uses a WSDL generating tool to expose methods from these classes as
a web service. This is simpler to develop but may be harder to maintain if the original classes
are subject to frequent change.
 A developer using a top-down model writes the WSDL document first and then uses a code
generating tool to produce the class skeleton, to be completed as necessary. This model is
generally considered more difficult but can produce cleaner designs and is generally more
resistant to change. As long as the message formats between sender and receiver do not
change, changes in the sender and receiver themselves do not affect the web service. The
technique is also referred to as contract first since the WSDL (or contract between sender
and receiver) is the starting point.
Web services in a service-oriented architecture.

56
WEB APPLICATION ARCHITECTURE :
Simple architecture of web application is-
One of the key elements of any application design is the system architecture. The system
architecture defines how the pieces of the application interact with each other, and what
functionality each piece is responsible for performing. Whether we like it or not, in the Web-based
world we inhabit, we are more often than not going to be building applications that exist in
a distributed environment. In fact, the ASP applications that we have been looking at up to this
point in the book are actually distributed applications.
A distributed application utilizes the resources of multiple machines or at least multiple process
spaces, by separating the application functionality into more manageable groups of tasks that can
be deployed in a wide variety of configurations. There are a number of benefits to dividing
applications up into pieces, not the least of which are reusability, scalability, and manageability.
Ultimately, dividing up an application in this manner results in the creation of a series of application
layers or tiers, each of which is responsible for an individual, or atomic, element of the
application's processing.
Tiered Applications
Tiered applications can be characterized by the number of layers that information will pass
through on its journey from the data tier (where it is stored in a database typically) to the
presentation tier (where it is displayed to the client). Each layer generally runs on a different
system, or in a different process space on the same system, than the other layers.
Presentation Business
Logic
Data
Storage

Web technology and commerce unit 2

Web technology and commerce unit 2

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Web technology and commerce unit 2

Similar to Web technology and commerce unit 2 (20)

Recently uploaded

Recently uploaded (20)

Web technology and commerce unit 2