1 / 19

Passing Data Between Web Pages: Sessions, Query Strings, and Self-Posting Techniques

This session introduces the fundamental concepts of passing data between web pages using various methods, including self-posting, query strings, and session variables. By the end of the week, you will be able to effectively transfer data between pages, restrict access based on login credentials, and manage user sessions. Practical examples will illustrate the use of server-side scripting (VB Script) and the implementation of session management for secure web applications.

corin
Télécharger la présentation

Passing Data Between Web Pages: Sessions, Query Strings, and Self-Posting Techniques

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 16 – Passing Data between pages: Sessions, Query Strings, & Self Posting

  2. Session Aims & Objectives • Aims • To introduce the fundamental ideas involved in passing data between pages • Objectives,by end of this week’s sessions, you should be able to: • pass data between pages, using: • Self Posting • Query Strings • Session Variables

  3. Example: Logon • Restrict access tohome page

  4. Example: Logon - code (v2) LoginFail.aspx Home.htm <html> <head> <title></title> <% If Request.Form("txtUserName") = "mark" And Request.Form("txtPassWord") = "soft131" Then Response.Redirect("home.htm") End If %> </head> <body> <p>Sorry, those login details were incorrect. <p>Please try <a href=Logon.htm>again</a> </body> </html> <html> <head> <title>My Home page</title> </head> <body> <p>Welcome to my home page.<br> <img src="YouAreHere.jpg" WIDTH="450" HEIGHT="259"> </body> </html> Logon.htm <html> <head> <title></title> </head> <body> <p>Please logon: <form action=LoginFail.aspx method=post> <input name=txtUserName type=text> <input name=txtPassWord type=text> <input name=btnLogon type=submit value=Logon> </form> </body> </html> • Using Server-side VB Script:

  5. Problem • Want restricted access: • However, can type home page directly (bypassing password page)

  6. Solution • Need way for: • password page to tell home page • that user logged in OK

  7. Passing Data between pages • Problem • want to protect all pages from unauthorised access • need to store record of successful login • Variables • only persist for duration of page

  8. Passing Data (persistent) • Cookies (not covered in Soft131) • stored on users’ (client) hard drive • persists between sessions • Database/file (covered in next lecture) • stored on server hard drive • persists between sessions

  9. Passing Data (temporary) • Session object • exists for current session • clears if user closes browser • clears after 20 mins of inactivity • Forms and Self Posting • Query Strings • Useful for passing information between pages

  10. Example: Logon - code (v3) LoginFail.aspx Home.aspx <html> <head> <title></title> <% If Request.Form("txtUserName") = "mark" And Request.Form("txtPassWord") = "soft131" Then Session("LoggedIn") = "Yes" Response.Redirect("home.htm") End If %> </head> <body> <p>Sorry, those login details were incorrect. <p>Please try <a href=Logon.htm>again</a> </body> </html> <html> <head> <title>My Home page</title> <% If Session("LoggedIn") <> "Yes" Then Response.Redirect("Logon.htm") End If %> </head> <body> <p>Welcome to my home page.<br> <img src="YouAreHere.jpg" WIDTH="450" HEIGHT="259"> </body> </html> Logon.htm <html> <head> <title></title> </head> <body> <p>Please logon: <form action=LoginFail.aspx method=post> <input name=txtUserName type=text> <input name=txtPassWord type=text> <input name=btnLogon type=submit value=Logon> </form> </body> </html> • Using Session variable:

  11. Maintaining State: Session Object <html> <head> <title>Login</title> </head> <body> <% If Request.Form("txtUserName") = "George" Then Session("LoginOK") = "Yes" Response.Redirect("Home.aspx") Else Session.Abandon() If Request.Form("txtUserName") <> "" Then Response.Write("Invalid user name, please try again.") End If End If %> <p>Please login: <form name="frmLogin" action="Login.asp" method=post> Username:<input name="txtUserName" type="text"><br> Password:<input name="txtPassWord" type="password"><br> <input name="btnLogin" type="submit" value="Login"> </form> </body> </html> Login.aspx • Session variable • all strings • Abandon method • deletes all session variables • Redirect method • redirects browser to specified page

  12. Maintaining State: Session Object Home.aspx <html> <head> <title></title> <% If Session("LoginOK") <> "Yes" Then Response.Redirect("Login.aspx") End If %> </head> <body> <center><b>Home Page</b></center> <p>Welcome to my home page. </body> </html> ASP code tocheck forsuccessful login

  13. Maintaining State: Self Posting • Form points to self: • If any submitbutton pressedpage re-loads Multiply.aspx <html> <head> <title>Multiply</title> … </head> <body> <form action=Multiply.aspx method=post> … </form> </body> </html>

  14. Example: Multiply do whenbutton clicked Post to Self Multiply.aspx <html> <head> <title>Multiply</title> <% Dim tmpRes Dim tmpNum1 Dim tmpNum2 If Request.Form("btnCalc") <> ""Then tmpNum1 = CDbl(Request.Form("txtNum1")) tmpNum2 = CDbl(Request.Form("txtNum2")) tmpRes = tmpNum1 * tmpNum2 End If %> </head> <body> <form name="frmDefault" action=Multiply.aspx method=post> <p><input name=txtNum1 type=text size=5 maxlength=5 value=<%=tmpNum1%>> <input name=txtNum2 type=text size=5 maxlength=5 value=<%=tmpNum2%>> <p><input name=btnCalc type=submit value=Calc> </form> <p><%=tmpRes%> </body> </html>

  15. Maintaining State: Query Strings Query String • Data added to end of URL (address):http://localhost/page.asp?Surname=Bob • ASP code can use this data: • Request.QueryString("Surname") • would return the value "Bob" • Form method=get • data automatically added to query string

  16. Example: Date-Time Menu.aspx <html> <head> </head> <body> <p>What background colour do you want for you date information? <br><a href=DateTime.aspx?Colour=yellow>Yellow</a> <br><a href=DateTime.aspx?Colour=cyan>Light Blue</a> </body> </html> DateTime.aspx <html> <head> </head> <body bgcolor=<%=request.querystring("Colour")%>> <p>The date is <%=Format(Now(), "D")%>. <p>The time is <%=Format(Now(), "T")%>. </body> </html>

  17. Reference: Server Object Model • Request object: calling web page • Form: used to get form data from page • QueryString: used to get data from address (?) • Response object: web page sent back • Write: used to put text into web page • Redirect: used to navigate to other page • Clear: erases all HTML in web page • Session object: store data between pages • Abandon: clears session data

  18. Example: Apples • SPECIFICATION • User Requirements • help children learn numbers 1 - 10 • Software Requirements • Functional: • display random number of apples (between 1 & 10) • ask child how many apples are there • child enters answer • computer responds appropriately • Non-functionalshould be easy to use, and interesting

  19. Tutorial Exercises • LEARNING OBJECTIVE:pass data between pages using session variables, query strings, and self-posting • Task 1: Get Logon v3 working (from the lecture) • Task 2: Get the Multiply example (from the lecture) working • Task 3: Get the Date-Time example (from the lecture) working • Task 4: Design and code the Apples example

More Related