what is web ?
why database on the web?
website technologies like HTML,CSS,JavaScript,Server,Servlets,Ajax..
all contents ownership goes to respective owners :)
(Classroom Presentaion)
20240508 QFM014 Elixir Reading List April 2024.pdf
Web Database
1. Introduction to Web Database
J.MuzamilIdroos
N.Parthiban
S.Ramachandran
R.Siva
1
2. Contents
• What Is Web Database?
– Basics of Web
• Client-Server Archietecture
– Client side processing
» Dynamic and Static Web Pages
» HTML,CSS,Client Side Scripting,Ajax
– Server side processing
» Server Architecture
• 2 layer, 3 layer server architecture,
» Server Side Scripting
• Servlets,ASP,PHP
• Security
– Encryption techniques
• Advantages & Disadvantages
• Demo
2
3. Why is ‘Databases on the Web’ ?
• Web browsers have become the de-facto
standard user interface to databases
– Enable large numbers of users to access
databases from anywhere
– Avoid the need for downloading/installing
specialized code, while providing a good
graphical user interface
• Examples: banks, airline and rental car
reservations, university course
registration and grading, an so on
Credit: Netskills3
4. • The Web is a distributed information system based on
hypertext.
• Most Web documents are hypertext documents
formatted via the HyperText Markup Language (HTML)
• HTML documents contain
– text along with font specifications, and other formatting
instructions
– hypertext links to other documents, which can be
associated with regions of the text.
– forms, enabling users to enter data which can then be sent
back to the Web server
4
6. Web Interface to Database
Web interface provides attractive, even for
database applications that are used only with
a single organization.
The HyperText Markup Language(HTML)
standard allows text to be neatly formatted ,
with important information highlighted.
Hyperlinks which are links to other
documents.Clicking the Hyperlink fetches and
displays the linked document.
6
7. Web Interface to Database(cont.)
Browsers today can fetch programs along with
HTML documents and run on the browser , in
safe-mode that is without damaging data on the
user’s computer.
Programs written in client side scripting language
such as JavaScript,or applets written in Java
language, or animation written in Flash or
Shockwave . These program permit the
construction of sophisticated user
interface,beyond that what possible in HTML.
7
8. Communication Protocols and Web
Addresses
• Web address
– Also called Uniform Resource Locator (URL)
URL Components
8
9. Basics of Web:
Client and Server
• Server: A program that provides services to
other programs. It stands ready for requests
and when it gets a request, it provides the
service.
• Client: A program requesting a service of a
server program. It makes a request, gets the
service, and makes use of it.
9
10. Basics of Web:
HTML and HTTP
• HyperText Markup Language - Allows “marking up”
a document with tags specifying appearance and
structure.
• HyperText Transfer Protocol - Protocol used for
browsers to communicate with web servers.
Basically, this consists of “requests” from the
browser and “responses” from the server.
10
11. Basics of Web:
Web Browsers and Servers
• Web server - This is a program that runs on
the internet host computer (server machine).
It takes requests for web pages from clients
and delivers the pages back to the client.
• Web browser - This is a program that runs on
your local PC (client). It allows you to request
web pages from an internet host.
11
12. What “Web Server” does?
• A Web server is a program that Run on a Server
machine which accepts requests from Web Browser
and sends back results in the form of HTML
documents.
• The most important feature is ability to execute programs,
with arguments supplied by the user, and deliver the
results back as an HTML document.
For example, when users enter a Uniform Resource Locator
(URL) address,
Such as www.independent.co.uk ,into a web browser ,they
are requesting a specific document from a web server. The
web server maps the URL to a resource on the server and
returns the requested resource to the client.
12
13. Task’s Of Web Server:
Handling a client request consists of several key
steps:
Parsing the request message
Checking that the request is authorized
Associating the URL in the request with a file name
Constructing the response message
Transmitting the response message to the requesting
client
13
14. “Web Site! Vs Web Server!”
Web site and Web server are different:
A Web site consists of a collection of Web pages
associated with a particular hostname.
A Web server is a program to satisfy client
requests for Web resources.
14
15. Typical HTML Request
Client Side (Browser)
Issues request for HTML
page
Receives response HTML
page
Interprets HTML and
creates web page
Displays web page
Work is done here
Server Side
Reads request from
client
Finds page on server
Sends response page
to client
Essentially a file server
15
16. Steps in Handling a Client Request
A Web server proceeds through the following steps in handling an HTTP request:
Read and parse the HTTP request message
the web browser sends an HTTP request to the server. The request (in
its simplest form is
for example: GET /books/downloads.html
(The word GET is an HTTP method indicating that the client wishes to
obtain a resource from the server.)
Translate the URL to a file name
for example the resource be located in the base
directory such as /www, where the URL
http://www.fileshare.com/books/downloads.html
corresponds to
the file of www/books/index.html
16
17. Client interacting with web server.
Step 1: The GET request.
Client interacting with web server.
Step 2: The HTTP response. 17
18. Checking that the request is authorized
The server first responds by sending a line of text that indicates the
HTTP version, followed by a numeric code and a phrase
describing the status of the transaction. For example,
HTTP/1.1 200 OK
(Indicates success)
Whereas HTTP/1.1 404 Not found
informs the client that the web server could not locate the
requested resource.
18
22. • HTML codes are written using Text editor,there
are number of editors that permit direct creation
of HTML by using graphical interface
• Eg: Adobe DreamWeaver
• HTML supports stylesheets , which can alter the
default definition of how an HTML formatting
contruct is displayed.
• Cascading Style Sheets (CSS)used for
multiple HTML documents,giving distinct but
uniform look to page on a web site…
22
23. Cascading Style Sheets
#nav {
width: 100%;
float: right;
background-color: #F2F5A9;
}
#nav li {
text-align: left;
float:left; }
#nav li a {
display: block;
padding: 15px 45px;
text-decoration: BOLD;
font-weight: bold;
color: #088A29;
}
#nav li a:hover {
color: #FF0000;
border-right: 5px solid #FFFFFF;
}
For top menu widget
23
26. Dynamic and Static Web pages
• Static Web page
– Page content established at the time page is created
– Useful for displaying data that doesn’t change often, and
for navigating between HTML Web page files
• Dynamic Web page
– Also called an interactive Web page
– Page content varies according to user requests or inputs
26
28. Approaches for Creating Dynamic
Web Pages
• In server-side processing, the Web server:
– Receives the dynamic Web page request
– Performs all of the processing necessary to create the
dynamic Web page
– Sends the finished Web page to the client for display
in the client’s browser
28
29. Approaches for Creating Dynamic
Web Pages(cont..)
• Client-side processing
– Some processing is done on the client
workstation, either to form the request for the
dynamic Web page or to create or display the
dynamic Web page
– Eg: JavaScript code to validate user input.
– Often needs to be “executed” by the Browser.
29
31. Client-side Processing
– One approach to client-side processing involves downloading
compiled executable programs stored on the Web server to the user’s
Web browser and then running them on the user’s workstation
– This program interfaces with the user and, as needed, sends and
retrieves data from a database server
– A Java applet uses this approach
– Java applets run identically on any operating system and with any Web
browser
• ActiveX program are generally used to create intranet applications
– An intranet is a self-contained internal corporate network based on
Internet protocols but separate from the Internet
– Active X programs are capable of modifying data on the client machine (eg
registry) – security risk
31
32. Client Side Scripting and Applets
• Scripting languages - Allow us to add capability
to what’s provided by HTML. Allow parts of the
page to be built “on the fly”. These scripts are
“interpreted” as they run rather than being
compiled.
• Client-side scripts - Script engine on client
machine builds parts of page when page is
loaded by browser (date is simple example).
JavaScript is prime example.
32
33. Client Side Scripting and
Applets(cont..)
• JavaScript is commonly used in variety of tasks
• Exaple:Validation,such as date format,value
entered in appropriate range(such as range).
• There are also special purpose scripting
language for specialized tasks such as
animation for example Macromedia
Shockwave , and three dimensional modelling
(Virtual Reality Markup Language)
33
34. Dynamic Web Pages
• AJAX-Asynchronous JavaScript and XML
• AJAX=HTML+CSS+XML+JavaScript
• Ajax is combination of several technologies. it was introduced in 2005
by Jesse James Garrette . Ajax applications separate client-side user
interaction and server communication, and run them in parallel,
reducing the delays of server-side processing normally experienced by
the user.
For Example:Google Suggest
in this the part of the web page load instead of reload the entire web
page.
34
37. Ajax(cont..)
Ajax improves the user experience by making
interactive web applications more responsive.
Eg: Consider a registration form with a number
of fields (e.g., first name, last name e-mail
address, telephone number, etc.) and a
Register (or Submit ) button that sends the
entered data to the server. Usually each field
has rules that the user’s entries have to
follow(e.g., valid e-mail address, valid
telephone number, etc.).
37
38. • We seen some client side concepts like HTML
CSS,Client Side Scripts,Ajax in web databases.
• The Web has become important as a front end to
database . Because it’s a UNIVERSAL Front End
to information supplied by back end located
anywhere in the world.
• The front end is run any computer user need not
to download any special purpose software to
access information.
38
39. • Now we Focus on another side in Web
Database is Server and its components like
Server side Scripting, Architecture, Servlets.etc
39
40. Web Server functions
• Maintaining session states
• Maintaining Server Side Scripting Environment
• Publishing Web pages
40
41. Server-side Processing
Web Servers and Sessions:
• The most common server-side dynamic Web
page technology uses HTML forms
– Enhanced documents designed to collect user inputs
and send them to the Web server
– HTML forms allow users to input data using text
boxes, option buttons, and lists
– HTTP provides powerful , beyond the simple transfer
of documents. The most important feature is ability to
execute programs , with argument passed by user
and deliver results back to the HTML document.
41
42. • As a result , a web server can easily act as an
intermediary to provide access to a variety of
information services.
• A new service can be created by creating and
installing an application program that provides
the service.
• For this we can implement Common gateway
Interface(CGI).
42
43. Common gateway interface(CGI)
• Common Gateway Interface (CGI): a standard
interface between web and application server
• Used as a method for communicating between the HTML
form and the servicing program
• CGI defines how the web server
communicates with the application programs.
The application program typically
communicates with a data server , through
ODBC,JDBC in order to get or store data.
43
44. Three-tier Application
First Tier
Second Tier
Client
Application Server
Tasks
Tasks
•User interface
•Business logic
•Data processing logic
Third Tier
Database Server
Tasks
•Data validation
•Database access
44
45. Two-tier Application
First Tier
Second Tier
Client
Database Server
Tasks
Tasks
•User interface
•Main business and data
processing logic
•Server-side validation
•Database access
45
46. Three-layer Architecture
Web service using a three layer architecture , with
a web server , application server and a database
server. Using multiple levels of server increases
system overhead;
Disadvantage of using CGI-based servicing
programs is that each form submitted to a Web
server starts its own copy of the servicing
program, potentially causing memory problems
for the Web server
46
47. Two-Layer architecture
• Most web services today use a two-layer
architecture , where the application program
runs within a web server.
• There is no continuous connection between
the client and the web server . when a web
server receives a request, a connection is
temporarily created send the request and
recieve the response from web server.
47
48. • The HTTP protocol is connectionless is that most computers have
limits on the number of simultaneous connections they can
accommadate, and the if a large number of sites on the web open
connections,this limit would be exceeded denying the service to
further users.
– That is, once the server replies to a request, the server closes
the connection with the client, and forgets all about the request
– Motivation: reduces load on server
• operating systems have tight limits on number of open
connections on a machine
• Information services need session information
– E.g., user authentication should be done only once per
session
• Solution: use a cookie
48
49. Sessions and Cookies
• A cookie is a small piece of text containing
identifying information
– Sent by server to browser
• Sent on first interaction, to identify session
– Sent by browser to the server that created the cookie
on further interactions
• part of the HTTP protocol
– Server saves information about cookies it issued, and
can use it when serving a request
• E.g., authentication information, and user preferences
• Cookies can be stored permanently or for a
limited time
49
50. Servlets
• Java servlets are pieces of Java code that run in
Web servers. There are special conventions on
how to read the input from the user request and
how to write output generated by the servlet.
Servlets are truly platform-independent, and so
they have become very popular with Web
developers.
• Since servlets are Java programs, they are very
versatile. For example, servlets can build
webpages, access databases, and maintain state.
50
51. Sevlet code:
import java.io. *;
import javCLx.servlet. *;
import javax.servlet.http. *;
pUblic class ServletTemplate extends HttpServlet {
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
PrintWriter out = response.getWriter();
/ / Use 'out' to send content to browser
out.println("Hello World");
}
}
This simple
servlet just outputs the two words "Hello World," but it shows the general
structure of a full-fledged servlet.
51
52. Server side Scripting
• Several scripting language are available in
recent years eg: JavaScript,Jscript,Java Server
Page(JSP),HyperText Preprocessor(PHP),Active
Server Pages(ASP)..etc.
• It is even possible to embed code written in
VBScript,Perl,and Python into HTML
pages.ASP supports embedded VBScripts and
Jscripts.
52
53. Server side Scripting(cont..)
• PHP is widely used for Web server scripting
• Extensive libaries including for database access using ODBC
<html>
<head> <title> Hello </title> </head>
<body>
<?php if (!isset($_REQUEST[‘name’]))
{ echo “Hello World”; }
else { echo “Hello, ” + $_REQUEST[‘name’]; }
?>
</body>
</html>
53
54. Server side Scripting(cont..)
• A JSP page with embedded Java code
<html>
<head> <title> Hello </title> </head>
<body>
<% if (request.getParameter(“name”) == null)
{ out.println(“Hello World”); }
else { out.println(“Hello, ” +
request.getParameter(“name”)); }
%>
</body>
</html>
54
55. Application Security
• Data must be protected while they are being
transmitted.
• Data need to be protected from intruders
who are able to bypass operating system
security.
55
56. Encryption
• Data may be encrypted when database
authorization provisions do not offer sufficient
protection.
• Properties of good encryption technique:
– Relatively simple for authorized users to encrypt and
decrypt data.
– Encryption scheme depends not on the secrecy of the
algorithm but on the secrecy of a parameter of the
algorithm called the encryption key.
– Extremely difficult for an intruder to determine the
encryption key.
56
57. • Symmetric-key encryption: same key used for
encryption and for decryption
• Public-key encryption (a.k.a. asymmentric-
key encryption): use different keys for
encryption and decryption
– encryption key can be public, decryption key
secret
57
58. • Data Encryption Standard (DES) substitutes
characters and rearranges their order on the
basis of an encryption key which is provided to
authorized users via a secure mechanism.
Scheme is no more secure than the key
transmission mechanism since the key has to be
shared.
• Advanced Encryption Standard (AES) is a new
standard replacing DES, and is based on the
Rijndael algorithm, but is also dependent on
shared secret keys.
58
59. • Public-key encryption is based on each user
having two keys:
– public key – publicly published key used to encrypt
data, but cannot be used to decrypt data
– private key -- key known only to individual user,
and used to decrypt data. Need not be
transmitted to the site doing encryption.
Encryption scheme is such that it is
impossible or extremely hard to decrypt data
given only the public key.
59