Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions.

Similar presentations


Presentation on theme: "1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions."— Presentation transcript:

1 1 Copyright © 2002 Pearson Education, Inc.

2 2 Chapter 8 Managing End-User Sessions

3 3 Copyright © 2002 Pearson Education, Inc. Objectives l Discover how to use hidden fields to build multiple-screen end-user sessions l Understand the complexities involved in creating Web applications with multiple-screen sessions l Recognize the advantages and limitations of browser cookies l Learn how to use browser cookies to track data about the end user

4 4 Copyright © 2002 Pearson Education, Inc. The Details of orderproduct2.cgi Will examine the programming code for orderproduct2.cgi in three pieces: »The main portion of the program decides which subroutine to call based CGI variable STATEs value. »The askname() subroutine generates a form that asks for a name and billing code. »The checkname() subroutine generates a form to verify the customer name and customer billing code.

5 5 Copyright © 2002 Pearson Education, Inc. The Main Program Section First set the FORM ACTION argument to call itself again (Line 4). Next get CGI variables product, quantity, and STATE. Based on the value of CGI variable STATE : »Generate a form. Called to create a form if $state == GET_INPUT. If so, call askname(). »Verify the form. If called to verify its own form. (12– 13). If $state == VERIFY_INPUT. »Generate an error message. If STATEs value is illegal (print a error message).

6 6 Copyright © 2002 Pearson Education, Inc. Main Program Body 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. print header, start_html('GetName'); 4. print ' '; 5. @Products=('Hammers', 'Hand Saws', 'Wrenches'); 6. $prod=param('product'); 7. $number=param('quantity'); 8. $state=param('STATE'); 9. if ( $state eq 'GET_INPUT' ) { 10. &askname(); 11. } elsif ( $state eq 'VERIFY_INPUT' ) { 12. &checkname(); 13. } else { print "ooops Get help! state=$state"; }

7 7 Copyright © 2002 Pearson Education, Inc. The askname Subroutine Called when STATE == GET_INPUT. It creates a form that gathers customer name and code. l This subroutine performs two major tasks: Saving state: Sets hidden fields to save for the product, quantity, and STATE. This enables access to these values the next time it is called. Generating the visible form fields.Generate the visible form fields that ask the end user for a name and billing code.

8 8 Copyright © 2002 Pearson Education, Inc. The askname Subroutine 15. sub askname { 16. 17. print "You selected product=$prod and quantity=$number"; 18. print br, " "; 19. print " "; 20. print ' '; 21. 22. print 'Please enter your name'; 23. print ''; 24. 25. print ' and Billing Code: (5 digits)'; 26. print ' '; 27. 28. print br, ' '; 29. print ' '; 30. 31. print end_form, end_html; 32. }

9 9 Copyright © 2002 Pearson Education, Inc. The checkname Subroutine Verifies the name and code fields. It assumes it has already been run and made name and code available to it. l It takes two different actions: »Invalid input: After getting name and code, uses a regular expression to tell if 5 digits entered. If not, output error message and called askname(). »Valid input: If valid input, then output a message indicating valid input and exit.

10 10 Copyright © 2002 Pearson Education, Inc. checkname() program Code 33. sub checkname { 34. 35. $code=param('code'); 36. $name=param('name'); 37. if ( $code !~ /^\d\d\d\d\d$/ ) { 38. print ' Sorry billing number must be all digits ', br; 39. &askname(); 40. } 41. else { 42. print ' Thanks for ordering ', br; 43. print "Got Product =$prod Number= $number"; 44. print " Also, got name=$name, code=$code"; 45. } 46. }

11 11 Copyright © 2002 Pearson Education, Inc. Building More Sophisticated Apps l Consider an application with four forms that gathers survey information. l Each form displays its initial fields and then calls itself to verify its own fields. l Each form could use a different CGI/Perl program that uses a hidden variable to set a state.

12 12 Copyright © 2002 Pearson Education, Inc. A Multi-form Application

13 13 Copyright © 2002 Pearson Education, Inc. Beyond Hidden Fields l Will describe 3 additional techniques: »Using files for storing state information. Can be used with hidden fields to store and retain session data. »Using files and databases for storing initial data and form results. Could include initial input to applications and stored survey results or product orders. »Sending e-mail from forms. Can cause e-mail to be sent to a transaction-handling e-mail account or back to the customer to confirm the order.

14 14 Copyright © 2002 Pearson Education, Inc. Using Files for Saving State l Using files to store session states increases session complexity. E.g, need to generate session IDs and keep them secure. l Some advantages of for session management: »Revisiting states. Can provide a consistent way to o remember session data, even when two screens do not normally call each other. »Remembering data between sessions. Can remember end user data even after the end user leaves your site. E.g., on-line shopping cart.

15 15 Copyright © 2002 Pearson Education, Inc. Sample Screen Flow

16 16 Copyright © 2002 Pearson Education, Inc. Storing Orders in Files Use a field delimiter such as a comma, tab, or vertical bar ( | ), to ensure that the fields can be identified and retrieved easily. (E.g, split) l Files work well when traffic is moderate in volume and the amount of data to be saved is relatively small. »They are simple to use, can be edited with text editors (to add fields or records or fix a damaged line), and can be implemented quickly.

17 17 Copyright © 2002 Pearson Education, Inc. Using Databases l Databases can provide faster access, higher security, and greater data integrity than do files. »Perl supports a special DBI module for working with a variety of databases, including most major databases (such as Oracle, Informix, and Access) and some free ones (Mysql).

18 18 Copyright © 2002 Pearson Education, Inc. Sending email l Sometimes useful to send e-mail providing survey results or confirming order information. The sendmail program is a popular way to send email from a UNIX Web server. (Available on UNIX systems since the 1980s) »It comes as a preinstalled utility on most UNIX servers. You can use it to send e-mail via programs or interactively when logged into the Web server.

19 19 Copyright © 2002 Pearson Education, Inc. Where is sendmail? l Need to know the directory path to the file where this program is stored. » On a UNIX system, it is usually stored in /usr/lib/sendmail. –Either ask your ISP or check out this location for yourself. –If you can Telnet to your Web server, on many UNIX systems you can execute the whereis command to identify the location of sendmail. For example, l whereis sendmail

20 20 Copyright © 2002 Pearson Education, Inc. Using sendmail Need to connect to sendmail using open(). » MAIL - connection name for sendmail. » sendmail path - the full directory path. The vertical bar ( | ) is used when establishing an open connection to an external program. -t instructs sendmail to get the destination e-mail address and subject lines from the To: and Subject: data that we will send to it.

21 21 Copyright © 2002 Pearson Education, Inc. Basic Code For Using sendmail(). open ( MAIL, "|/usr/lib/sendmail -t" ) || die "Cannot start sendmail: $!";. $email='myhandle@myhandle.com';. print MAIL "To: $email \n";. print MAIL "Subject: New Order\n";. print MAIL "Product =$prod Number= $number\n"; close (MAIL);

22 22 Copyright © 2002 Pearson Education, Inc. Modification to checkname() 1. sub checkname { 2. 3. $code=param('code'); 4. $name=param('name'); 5. if ( $code !~ /^\d\d\d\d\d/ ) { 6. print ' Sorry billing number must be all digits '; 7. &askname(); 8. } 9. else { 10. print ' Thanks for ordering ', "$name", br; 11. open ( MAIL, "|/usr/lib/sendmail -t" ) || die "Cannot start sendmail: $!"; 12. 13. $email='perlpgm@host33.hostingcheck.com'; 14. print MAIL "To: $email \n"; 15. print MAIL "Subject: New Order\n"; 16. print MAIL "Got Product =$prod Number= $number\n"; 17. print MAIL " Also, got name=$name, email=$email, code=$code \n"; 18. close (MAIL); 19. print ' Just sent email to ', "$email"; 20. 21. } 22. }

23 23 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

24 24 Copyright © 2002 Pearson Education, Inc. Email Received...

25 25 Copyright © 2002 Pearson Education, Inc. Using Cookies to Save Information l Browser cookies a method for Web sites to remember visitor information. »They are small pieces of data that can be saved by a Web site application when an end user visits the Web site. » They are stored on the visitors hard drive in a special cookie file. » When the visitor returns, program reads browser cookie data (it previously stored) and use it to remember something about the visitor. –E.g., book site remember you prefer mysteries

26 26 Copyright © 2002 Pearson Education, Inc. Cookie Limitations l Cookies can be easily disabled. Both IE and Netscape enable users to disable cookies and refuse to allow sites to set them. (In Netscape click Edit, Preferences, Advanced.)

27 27 Copyright © 2002 Pearson Education, Inc. Cookie Limitations l People move around. Make less sense on computers with multiple users (such as a library or computer lab). l Not all browsers support cookies. Not all browsers support cookies. Your site might exclude people with older browsers or people who disable cookies. l Cookies can be easily deleted. Cookie data can be accidentally or intentionally deleted.

28 28 Copyright © 2002 Pearson Education, Inc. Why Some People Dont Like Cookies l Anonymity. Some prefer to browse anonymously without allowing Web sites to track their preferences and movements at any given site. –For example, might set a cookie with a unique ID on it, then on a server record when that ID logs in, which pages it visits, and even which page that ID was viewing just before coming to the site. l Potential use in market research. Some marketing research companies use cookie data to develop profiles of Web usage patterns. (Then sell the data).

29 29 Copyright © 2002 Pearson Education, Inc. Setting a Cookie l Can request that a browser cookie be saved in memory (deleted when user exits browser)or onto disk (retained until an expiration date). l Syntax of an in memory cookie: l Must output before the MIME Content-type line.

30 30 Copyright © 2002 Pearson Education, Inc. Setting Cookie Expiration Date l When need to retain a cookie between browser sessions, need to set expiration date l Again this line must be output before the MIME Content-type line

31 31 Copyright © 2002 Pearson Education, Inc. A Sample Program That Sets A Cookie 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. $name=param('name'); 4. $prefers=param('prefers'); 5. print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT\n"; 6. print "Set-Cookie: cust_prefer=$prefers; expires=04-Jul-2003 00:00:0 GMT\n"; 7. 8. print header, start_html('set cookie'); 9. print br, "Thanks $name Lets now look at $prefers... "; 10. 11. print end_html;

32 32 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

33 33 Copyright © 2002 Pearson Education, Inc. Its Worth Noting... 1. Unless the end user explicitly sets browser settings to be notified when a site sets a cookie, the end user probably wont realize that a cookie was set. 2. If the end user disables cookies, the program will not know it. It is possible for CGI/Perl applications to detect whether cookies are enabled, but they must set a cookie and then try to read that cookie again to make this determination. 3. While you are testing the use of cookies, it is helpful to set your browser setting to Warn me before accepting a cookie.

34 34 Copyright © 2002 Pearson Education, Inc. Example Cookie Warning Pop-up

35 35 Copyright © 2002 Pearson Education, Inc. Reading Cookies Use the CGI.pm function called cookie() to read cookie data. Can also use %ENV hash variable called HTTP_COOKIE. (Returns a list of semicolon- separated name/value pairs of cookies. » For example, $cookies=$ENV(HTTP_COOKIE);

36 36 Copyright © 2002 Pearson Education, Inc. Example Cookie Reading Program 1. #!/usr/bin/perl 2. use CGI ':standard'; 3. print header, start_html("Welcome "); 4. $cust_name=cookie( 'cust_name'); 5. $prefers=cookie('cust_prefer'); 6. print ' '; 7. if ($cust_name) { 8. print "Welcome back $cust_name to our humble hardware site."; 9. } else { 10. print ' '; 11. print 'Welcome to our humble hardware site. '; 12. } 13. if ( $prefers eq "hand tools" ) { 14. print br,'We have hammers on sale for 5 dollars!'; 15. } elsif ( $prefers eq "power tools" ){ 16. print br, 'We have power drills on sale for 25 dollars!'; 17. } else { 18. print br, ' '; 19. print ' We have drills and hammers on special today! '; 20. } 21. print " ", end_html;

37 37 Copyright © 2002 Pearson Education, Inc. Would Output The Following...

38 38 Copyright © 2002 Pearson Education, Inc. Some Advanced Cookie Options l Sometimes may want to read the cookie from a different file system directory than where it was set. »You must specify the path option. »For example, you might set the cookie in http://perl- pgm.com/cgi-bin/C7 and then read it from a program in http://perl-pgm.com/cgi-bin/C8. »print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT; path=/\n;

39 39 Copyright © 2002 Pearson Education, Inc. Some More Advanced Options l May want to enable any server within your domain to be able to read the cookie. »Perhaps one server sets the cookie while taking the order and another server reads it while processing the order. » You use the domain option of the Set-Cookie »print "Set-Cookie: cust_name=$name; expires=04-Jul-2003 00:00:0 GMT; domain=.mysite.com\n;

40 40 Copyright © 2002 Pearson Education, Inc. Summary l Hidden fields are HTML form fields that you can use to set name/value CGI variables without displaying them on a form. l Hidden fields provide a method to manage user sessions by maintaining the state of each session. »Hidden fields are not a secure method to keep data. l You can create sophisticated multiple-screen applications, such as shopping carts and surveys, by using hidden fields.

41 41 Copyright © 2002 Pearson Education, Inc. Summary l Cookies provide a way for Web server applications to store small pieces of data on the end users machine. l Cookies can be easily refused by the end user and therefore cannot be relied upon to always be available to the CGI/Perl program. l Data set by cookies can be available for long periods of time, even when the end user leaves the site and comes back months later.


Download ppt "1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 8 Managing End-User Sessions."

Similar presentations


Ads by Google