10 Passing Data between pages Sessions Query Strings
10 – Passing Data between pages: Sessions, Query Strings, & Self Posting Mark Dixon, So. CCE SOFT 131 Page 1
Session Aims & Objectives • Aims – To introduce the fundamental ideas involved in passing data between pages • Objectives, by end of this week’s sessions, you should be able to: – pass data between pages, using: • Self Posting • Query Strings • Session Variables Mark Dixon, So. CCE SOFT 131 Page 2
IIS • Put ASP pages in: – C: INet. Pubwww. Root (this part of hard disk exposed to outside world) • Execute pages by putting: – localhost (in web browser, e. g. IE, means local machine) • ASP pages don't work by double-clicking Mark Dixon, So. CCE SOFT 131 Page 3
IIS – Date. asp Short for Response. Write C: INet. Pubwww. RootTestDate localhost/test/date. asp Mark Dixon, So. CCE SOFT 131 Page 4
Example: Logon • Restrict access to home page Mark Dixon, So. CCE SOFT 131 Page 5
Example: Logon - code (v 2) • Using Server-side VB Script: Home. htm Logon. htm <html> <head> <title>My Home page</title> </head> <html> <head> <title></title> </head> <body> <p>Welcome to my home page. <p>Please logon: <img src="You. Are. Here. jpg" WIDTH="450" HEIGHT="2 <form action=Login. Fail. asp method=post> </body> <input name=txt. User. Name type=text> Login. Fail. asp </html> <input name=txt. Pass. Word type=text> <html> <input name=btn. Logon type=submit value=Logon> <head> </form> <title></title> </body> <% </html> If Request. Form("txt. User. Name") = "mark" And Request. Form("txt. Pass. Word") = " Response. Redirect "home. htm" End If %> </head> <body> <p>Sorry, those login details were incorrect. <p>Please try <a href=Logon. htm>again</a> </body> </html> Mark Dixon, So. CCE SOFT 131 Page 6
Problem • Want restricted access: • However, can type home page directly (bypassing password page) Mark Dixon, So. CCE SOFT 131 Page 7
Solution • Need way for: – password page to tell home page – that user logged in OK Mark Dixon, So. CCE SOFT 131 Page 8
Passing Data between pages • Problem – want to protect all pages from unauthorised access – need to store record of successful login • Variables – only persist for duration of page Mark Dixon, So. CCE SOFT 131 Page 9
Passing Data (persistent) • Cookies (not covered in Soft 131) – stored on users’ (client) hard drive – persists between sessions • Database/file (covered in next lecture) – stored on server hard drive – persists between sessions Mark Dixon, So. CCE SOFT 131 Page 10
Passing Data (temporary) • Session object – exists for current session – clears if user closes browser – clears after 20 mins of inactivity • Forms and Self Posting • Query Strings – Useful for passing information between pages Mark Dixon, So. CCE SOFT 131 Page 11
Example: Logon - code (v 3) • Using Session variable: Logon. htm <html> <head> <title></title> </head> Home. asp <html> <head> <title>My Home page</title> <% If Session("Logged. In") <> "Yes" Then Response. Redirect "Logon. htm" End If %> </head> <body> <p>Please logon: <p>Welcome to my home page. <form action=Login. Fail. asp method=post> <img src="You. Are. Here. jpg" WIDTH="450" HEIGHT="2 <input name=txt. User. Name type=text> Login. Fail. asp </body> <input name=txt. Pass. Word type=text> </html> <input name=btn. Logon type=submit value=Logon> <head> </form> <title></title> </body> <% </html> If Request. Form("txt. User. Name") = "mark" And Request. Form("txt. Pass. Word") = " Session("Logged. In") = "Yes" Response. Redirect "home. htm" End If %> </head> Mark Dixon, So. CCE <body> <p>Sorry, those login details were incorrect. <p>Please try <a href=Logon. htm>again</a> </body> </html> SOFT 131 Page 12
Maintaining State: Session Object • Session variable – all strings <html> <head> <title>Login</title> </head> <body> Login. asp <% If Request. Form("txt. User. Name") = "George" Then • Abandon method – deletes all session variables • Redirect method – redirects browser to specified page Mark Dixon, So. CCE Session("Login. OK") = "Yes" Response. Redirect "Home. asp" Else Session. Abandon If Request. Form("txt. User. Name") <> "" Then Response. Write "Invalid user name, please try End If %> <p>Please login: <form name="frm. Login" action="Login. asp" method=post> Username: <input name="txt. User. Name" type="text"> Password: <input name="txt. Pass. Word" type="password" <input name="btn. Login" type="submit" value="Login"> </form> </body> </html> SOFT 131 Page 13
Maintaining State: Session Object Home. asp <html> <head> <title></title> <% ASP code to If Session("Login. OK") <> "Yes" Then Response. Redirect "Login. asp" check for successful login End If %> </head> <body> <center><b>Home Page</b></center> <p>Welcome to my home page. </body> </html> Mark Dixon, So. CCE SOFT 131 Page 14
Maintaining State: Self Posting • Form points to self: • If any submit button pressed page re-loads Multiply. asp <http> <head> <title>Multiply</title> … </head> <body> <form action=Multiply. asp method=post> … </form> </body> </http> Mark Dixon, So. CCE SOFT 131 Page 15
Example: Multiply. asp <http> <head> <title>Multiply</title> <% Dim tmp. Res Dim tmp. Num 1 Dim tmp. Num 2 Only do calc if first load Post to Self Mark Dixon, So. CCE If Request. Form("txt. Num 1") <> "" And Request. Form("txt. Num 2") < tmp. Num 1 = CDbl(Request. Form("txt. Num 1")) tmp. Num 2 = CDbl(Request. Form("txt. Num 2")) tmp. Res = tmp. Num 1 * tmp. Num 2 End If %> </head> <body> <form name="frm. Default" action=Multiply. asp method=post> <p><input name=txt. Num 1 type=text size=5 maxlength=5 value=<%=tmp. N <input name=txt. Num 2 type=text size=5 maxlength=5 value=<%=tmp. Nu <p><input name=btn. Calc type=submit value=Calc> </form> <p><%=tmp. Res%> </body> </http> SOFT 131 Page 16
Maintaining State: Query Strings • Data added to end of URL (address): http: //localhost/page. asp? Surname=Bob Query String • ASP code can use this data: – Request. Query. String("Surname") • would return the value "Bob" • Form method=get – data automatically added to query string Mark Dixon, So. CCE SOFT 131 Page 17
Example: Date-Time Menu. asp <html> <head> </head> <body> <p>What background colour do you want for you date information? <a href=Date. Time. asp? Colour=yellow>Yellow</a> <a href=Date. Time. asp? Colour=cyan>Light Blue</a> </body> </html> Date. Time. asp <html> <head> </head> <body bgcolor=<%=request. querystring("Colour")%>> <p>The date is <%=date()%>. <p>The time is <%=time()%>. </body> </html> Mark Dixon, So. CCE SOFT 131 Page 18
Reference: Server Object Model • Request object: calling web page – Form: used to get form data from page – Query. String: used to get data from address (? ) • Response object: web page sent back – Write: used to put text into web page – Redirect: used to navigate to other page – Clear: erases all HTML in web page • Session object: store data between pages – Abandon: clears session data Mark Dixon, So. CCE SOFT 131 Page 19
Numeric Expressions data • 23 + 11 - a * 2 operators • 34 + * 12 + x d ood od many people instinctively know these are wrong • b + 1 – 21 45 d odo d d Mark Dixon, So. CCE SOFT 131 Page 20
String Expressions • "What is " & num 1 & " times " & num 2 data operator • "What is twice " num 1 & "? " • "What is 6 minus " & & num & "? " Mark Dixon, So. CCE SOFT 131 Page 21
Example: Apples SPECIFICATION • User Requirements – help children learn numbers 1 - 10 • Software Requirements – Functional: – display random number of apples (between 1 & 10) – ask child how many apples are there – child enters answer – computer responds appropriately – Non-functional should be easy to use, and interesting Mark Dixon, So. CCE SOFT 131 Page 22
Design • user interface: – design: • what buttons, text boxes, text do you need? – implement using HTML • how do you create these? • functionality: – design: • what do you want to happen, and when? – implement using VB Script code • how do you do this? Mark Dixon, So. CCE SOFT 131 Page 23
Problem Solving • Imagine working things out by hand • Consider: – what actions you take, and when they are done – what information you remember • Computer must mimic these Mark Dixon, So. CCE SOFT 131 Page 24
Solutions • 'which is right? ' – both? • better solution – smaller (more elegant) • fewer lines of code • shorter lines of code Mark Dixon, So. CCE SOFT 131 Page 25
Tutorial Exercises • Task 1: Get Logon v 3 working (from the lecture) • Task 2: Get the Multiply example (from the lecture) working • Task 3: Get the Date-Time example (from the lecture) working • Task 4: Design and code the Apples example Mark Dixon, So. CCE SOFT 131 Page 26
- Slides: 26