1
Introduction to Web Database
J.Muzamil IdroosN.ParthibanS.RamachandranR.Siva
2
Contents• What Is Web Database?
– Basics of Web
• Client-Server Archietecture– Client side processing
» Dynamic and Static Web Pages» HTML,CSS,Client Side Scripting,Ajax
– Server side processing» Server Architecture
• 2 layer, 3 layer server architecture,» Server Side Scripting
• Servlets,ASP,PHP
• Security– Encryption techniques
• Advantages & Disadvantages• Demo
3
Why is ‘Databases on the Web’ ?
• Web browsers have become the de-facto standard user interface to databases– Enable large numbers of users to access
databases from anywhere– Avoid the need for downloading/installing
specialized code, while providing a good graphical user interface
• Examples: banks, airline and rental car reservations, university course registration and grading, an so on
Credit: Netskills
4
• The Web is a distributed information system based on hypertext.
• Most Web documents are hypertext documents formatted via the HyperText Markup Language (HTML)
• HTML documents contain– text along with font specifications, and other formatting
instructions– hypertext links to other documents, which can be associated
with regions of the text.– forms, enabling users to enter data which can then be sent
back to the Web server
5
Web client/server architecture
6
Web Interface to Database
Web interface provides attractive, even for database applications that are used only with a single organization.
The HyperText Markup Language(HTML) standard allows text to be neatly formatted , with important information highlighted. Hyperlinks which are links to other documents.Clicking the Hyperlink fetches and displays the linked document.
7
Web Interface to Database(cont.)
Browsers today can fetch programs along with HTML documents and run on the browser , in safe-mode that is without damaging data on the user’s computer.
Programs written in client side scripting language such as JavaScript,or applets written in Java language, or animation written in Flash or Shockwave . These program permit the construction of sophisticated user interface,beyond that what possible in HTML.
8
Communication Protocols and Web Addresses
• Web address– Also called Uniform Resource Locator (URL)
URL Components
9
Basics of Web: Client and Server
• Server: A program that provides services to other programs. It stands ready for requests and when it gets a request, it provides the service.
• Client: A program requesting a service of a server program. It makes a request, gets the service, and makes use of it.
10
Basics of Web:HTML and HTTP
• HyperText Markup Language - Allows “marking up” a document with tags specifying appearance and structure.
• HyperText Transfer Protocol - Protocol used for browsers to communicate with web servers. Basically, this consists of “requests” from the browser and “responses” from the server.
11
Basics of Web:Web Browsers and Servers
• Web server - This is a program that runs on the internet host computer (server machine). It takes requests for web pages from clients and delivers the pages back to the client.
• Web browser - This is a program that runs on your local PC (client). It allows you to request web pages from an internet host.
12
What “Web Server” does?• A Web server is a program that Run on a Server machine
which accepts requests from Web Browser and sends back results in the form of HTML documents.
• The most important feature is ability to execute programs, with arguments supplied by the user, and deliver the results back as an HTML document.
For example, when users enter a Uniform Resource Locator (URL) address,
Such as www.independent.co.uk ,into a web browser ,they are requesting a specific document from a web server. The web server maps the URL to a resource on the server and returns the requested resource to the client.
13
Task’s Of Web Server:
Handling a client request consists of several key steps:
Parsing the request message Checking that the request is authorized Associating the URL in the request with a file name Constructing the response message Transmitting the response message to the requesting
client
14
“Web Site! Vs Web Server!” Web site and Web server are different:
A Web site consists of a collection of Web pages associated with a particular hostname.
A Web server is a program to satisfy client requests for Web resources.
15
Typical HTML RequestClient Side (Browser)
Issues request for HTML page
Receives response HTML page
Interprets HTML and creates web page
Displays web pageWork is done here
Server SideReads request from
client
Finds page on server
Sends response page to client
Essentially a file server
16
Steps in Handling a Client Request A Web server proceeds through the following steps in handling an HTTP request:
Read and parse the HTTP request message the web browser sends an HTTP request to the server. The request (inits simplest form is
for example: GET /books/downloads.html (The word GET is an HTTP method indicating that the client wishes to
obtain a resource from the server.)
Translate the URL to a file name for example the resource be located in the base
directory such as /www, where the URL http://www.fileshare.com/books/downloads.html
corresponds to the file of www/books/index.html
17
Client interacting with web server. Step 1: The GET request.
Client interacting with web server. Step 2: The HTTP response.
18
Checking that the request is authorizedThe server first responds by sending a line of text that indicates the
HTTP version, followed by a numeric code and a phrase describing the status of the transaction. For example,
HTTP/1.1 200 OK(Indicates success)
Whereas HTTP/1.1 404 Not foundinforms the client that the web server could not locate the
requested resource.
19
HyperText Markup LanguageSample HTML Source Code<html><body> <center><table border><br><br><br><br><tr> <th>ID</th> <th>Name</th> <th>Department</th> </tr>
<tr> <td>36814021</td> <td>J.Muzamil Idroos</td> <td>Comp. Sci.</td> </tr><tr> <th>ID</th> <th>Name</th> <th>Department</th> </tr>
<tr> <td>36814022</td> <td>N.Parthiban</td> <td>Comp. Sci.</td> </tr><tr> <th>ID</th> <th>Name</th> <th>Department</th> </tr>
<tr> <td>36814024</td> <td>R.siva</td> <td>Comp. Sci.</td> </tr> <tr> <th>ID</th> <th>Name</th> <th>Department</th> </tr>
<tr> <td>36814023</td> <td>S.Ramachandran</td> <td>Comp. Sci.</td> </tr></b></table> <form action="PersonQuery" method=get> <select name="persontype"> <option value="student" selected>Student </option> <option value="instructor"> Instructor </option> </select> <br>
Name: <input type=text size=20 name="name"><input type=submit value="submit"> </form></center></body> </html>
20
21
Output of HTML source code
22
• HTML codes are written using Text editor,there are number of editors that permit direct creation of HTML by using graphical interface
• Eg: Adobe DreamWeaver• HTML supports stylesheets , which can alter the
default definition of how an HTML formatting contruct is displayed.
• Cascading Style Sheets (CSS)used for multiple HTML documents,giving distinct but uniform look to page on a web site…
23
Cascading Style Sheets#nav {
width: 100%;float: right;background-color: #F2F5A9;
}#nav li {text-align: left;
float:left; }#nav li a {
display: block;padding: 15px 45px;text-decoration: BOLD;font-weight: bold;color: #088A29;
}#nav li a:hover {
color: #FF0000;border-right: 5px solid #FFFFFF; }
For top menu widget
24
HTML page without CSS
25
HTML page with CSS
26
Dynamic and Static Web pages• Static Web page
– Page content established at the time page is created– Useful for displaying data that doesn’t change often, and
for navigating between HTML Web page files• Dynamic Web page
– Also called an interactive Web page– Page content varies according to user requests or inputs
27
Database-driven Web site Architecture
28
Approaches for Creating Dynamic Web Pages
• In server-side processing, the Web server:– Receives the dynamic Web page request– Performs all of the processing necessary to create the
dynamic Web page– Sends the finished Web page to the client for display
in the client’s browser
29
Approaches for Creating Dynamic Web Pages(cont..)
• Client-side processing– Some processing is done on the client workstation,
either to form the request for the dynamic Web page or to create or display the dynamic Web page
– Eg: JavaScript code to validate user input.– Often needs to be “executed” by the Browser.
30
Server-side and client-side Web database technologies
31
Client-side Processing– One approach to client-side processing involves downloading compiled
executable programs stored on the Web server to the user’s Web browser and then running them on the user’s workstation
– This program interfaces with the user and, as needed, sends and retrieves data from a database server
– A Java applet uses this approach– Java applets run identically on any operating system and with any Web
browser• ActiveX program are generally used to create intranet applications
– An intranet is a self-contained internal corporate network based on Internet protocols but separate from the Internet
– Active X programs are capable of modifying data on the client machine (eg registry) – security risk
32
Client Side Scripting and Applets
• Scripting languages - Allow us to add capability to what’s provided by HTML. Allow parts of the page to be built “on the fly”. These scripts are “interpreted” as they run rather than being compiled.
• Client-side scripts - Script engine on client machine builds parts of page when page is loaded by browser (date is simple example). JavaScript is prime example.
33
Client Side Scripting and Applets(cont..)
• JavaScript is commonly used in variety of tasks • Exaple:Validation,such as date format,value
entered in appropriate range(such as range).• There are also special purpose scripting
language for specialized tasks such as animation for example Macromedia Shockwave , and three dimensional modelling (Virtual Reality Markup Language)
34
Dynamic Web Pages• AJAX-Asynchronous JavaScript and XML
• AJAX=HTML+CSS+XML+JavaScript• Ajax is combination of several technologies. it was introduced in
2005 by Jesse James Garrette . Ajax applications separate client-side user interaction and server communication, and run them in parallel, reducing the delays of server-side processing normally experienced by the user.
For Example:Google Suggest in this the part of the web page load instead of reload the entire web
page.
35
36
Ajax(cont..)
37
Ajax(cont..)
Ajax improves the user experience by making interactive web applications more responsive.
Eg: Consider a registration form with a number of fields (e.g., first name, last name e-mail address, telephone number, etc.) and a Register (or Submit ) button that sends the entered data to the server. Usually each field has rules that the user’s entries have to follow(e.g., valid e-mail address, valid telephone number, etc.).
38
• We seen some client side concepts like HTML CSS,Client Side Scripts,Ajax in web databases.
• The Web has become important as a front end to database . Because it’s a UNIVERSAL Front End to information supplied by back end located anywhere in the world.
• The front end is run any computer user need not to download any special purpose software to access information.
39
• Now we Focus on another side in Web Database is Server and its components like Server side Scripting, Architecture, Servlets.etc
40
Web Server functions• Maintaining session states• Maintaining Server Side Scripting Environment • Publishing Web pages
41
Server-side ProcessingWeb Servers and Sessions:• The most common server-side dynamic Web
page technology uses HTML forms– Enhanced documents designed to collect user inputs
and send them to the Web server– HTML forms allow users to input data using text
boxes, option buttons, and lists– HTTP provides powerful , beyond the simple transfer
of documents. The most important feature is ability to execute programs , with argument passed by user and deliver results back to the HTML document.
42
• As a result , a web server can easily act as an intermediary to provide access to a variety of information services.
• A new service can be created by creating and installing an application program that provides the service.
• For this we can implement Common gateway Interface(CGI).
43
Common gateway interface(CGI)
• Common Gateway Interface (CGI): a standard interface between web and application server
• Used as a method for communicating between the HTML form and the servicing program
• CGI defines how the web server communicates with the application programs. The application program typically communicates with a data server , through ODBC,JDBC in order to get or store data.
44
Three-tier Application
First Tier
Second Tier
Client
Application Server
Tasks
Tasks
•User interface
•Business logic•Data processing logic
Third Tier Database Server
Tasks•Data validation•Database access
45
Two-tier Application
First Tier
Second Tier
Client
Database Server
Tasks
Tasks
•User interface•Main business and data processing logic
•Server-side validation•Database access
46
Three-layer Architecture
Web service using a three layer architecture , with a web server , application server and a database server. Using multiple levels of server increases system overhead;
Disadvantage of using CGI-based servicing programs is that each form submitted to a Web server starts its own copy of the servicing program, potentially causing memory problems for the Web server
47
Two-Layer architecture
• Most web services today use a two-layer architecture , where the application program runs within a web server.
• There is no continuous connection between the client and the web server . when a web server receives a request, a connection is temporarily created send the request and recieve the response from web server.
48
• The HTTP protocol is connectionless is that most computers have limits on the number of simultaneous connections they can accommadate, and the if a large number of sites on the web open connections,this limit would be exceeded denying the service to further users.– That is, once the server replies to a request, the server closes the
connection with the client, and forgets all about the request– Motivation: reduces load on server
• operating systems have tight limits on number of open connections on a machine
• Information services need session information– E.g., user authentication should be done only once per session
• Solution: use a cookie
49
Sessions and Cookies
• A cookie is a small piece of text containing identifying information– Sent by server to browser
• Sent on first interaction, to identify session– Sent by browser to the server that created the cookie on
further interactions• part of the HTTP protocol
– Server saves information about cookies it issued, and can use it when serving a request
• E.g., authentication information, and user preferences
• Cookies can be stored permanently or for a limited time
50
Servlets
• Java servlets are pieces of Java code that run in Web servers. There are special conventions on how to read the input from the user request and how to write output generated by the servlet. Servlets are truly platform-independent, and so they have become very popular with Web developers.
• Since servlets are Java programs, they are very versatile. For example, servlets can build webpages, access databases, and maintain state.
51
Sevlet code:
import java.io. *;import javCLx.servlet. *;import javax.servlet.http. *;pUblic class ServletTemplate extends HttpServlet {public void doGet(HttpServletRequest request,HttpServletResponse response)throws ServletException, IOException {PrintWriter out = response.getWriter();/ / Use 'out' to send content to browserout.println("Hello World");}}This simpleservlet just outputs the two words "Hello World," but it shows the generalstructure of a full-fledged servlet.
52
Server side Scripting
• Several scripting language are available in recent years eg: JavaScript,Jscript,Java Server Page(JSP),HyperText Preprocessor(PHP),Active Server Pages(ASP)..etc.
• It is even possible to embed code written in VBScript,Perl,and Python into HTML pages.ASP supports embedded VBScripts and Jscripts.
53
Server side Scripting(cont..)• PHP is widely used for Web server scripting• Extensive libaries including for database access using ODBC <html>
<head> <title> Hello </title> </head><body><?php if (!isset($_REQUEST[‘name’])){ echo “Hello World”; }else { echo “Hello, ” + $_REQUEST[‘name’]; }?></body></html>
54
Server side Scripting(cont..)• A JSP page with embedded Java code
<html><head> <title> Hello </title> </head><body><% if (request.getParameter(“name”) == null){ out.println(“Hello World”); }else { out.println(“Hello, ” + request.getParameter(“name”)); }%></body></html>
55
Application Security
• Data must be protected while they are being transmitted.
• Data need to be protected from intruders who are able to bypass operating system security.
56
Encryption
• Data may be encrypted when database authorization provisions do not offer sufficient protection.
• Properties of good encryption technique:– Relatively simple for authorized users to encrypt and
decrypt data.– Encryption scheme depends not on the secrecy of the
algorithm but on the secrecy of a parameter of the algorithm called the encryption key.
– Extremely difficult for an intruder to determine the encryption key.
57
• Symmetric-key encryption: same key used for encryption and for decryption
• Public-key encryption (a.k.a. asymmentric-key encryption): use different keys for encryption and decryption– encryption key can be public, decryption key
secret
58
• Data Encryption Standard (DES) substitutes characters and rearranges their order on the basis of an encryption key which is provided to authorized users via a secure mechanism. Scheme is no more secure than the key transmission mechanism since the key has to be shared.
• Advanced Encryption Standard (AES) is a new standard replacing DES, and is based on the Rijndael algorithm, but is also dependent on shared secret keys.
59
• Public-key encryption is based on each user having two keys:– public key – publicly published key used to encrypt
data, but cannot be used to decrypt data– private key -- key known only to individual user,
and used to decrypt data. Need not be transmitted to the site doing encryption.
Encryption scheme is such that it is impossible or extremely hard to decrypt data given only the public key.
60
Web-DBMS Advantages
• Simplicity (minor)• Platform Independence• GUI• Standardization (minor)• Cross-Platform Support (minor)• Transparent Network Access• Scalable Deployment• Innovation
61
Web-DBMS Disadvantages• Reliability (minor)• Security• Cost – commercial web site ~ $300K-$3.4mil• Scalability• Limited Functionality of HTML (minor)• Statelessness (minor)• Bandwidth• Performance• Immaturity of Development Tools (minor)
62
LETS RECAP..!
63
Thank YOU…