1 / 32

04 – Passing Data between pages: Forms, Sessions, & Query Strings

04 – Passing Data between pages: Forms, Sessions, & Query Strings. Session Aims & Objectives. Aims To introduce the fundamental ideas involved in passing data between pages Objectives, by end of this week’s sessions, you should be able to: pass data between pages , using: Self Posting

julie-welch
Télécharger la présentation

04 – Passing Data between pages: Forms, Sessions, & Query Strings

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 04 – Passing Data between pages:Forms, Sessions, & Query Strings

  2. Session Aims & Objectives • Aims • To introduce the fundamental ideas involved in passing data between pages • Objectives,by end of this week’s sessions, you should be able to: • pass data between pages, using: • Self Posting • Query Strings • Session Variables • Cookies

  3. Example: Logon v2 (design) • Restrict access tohome page

  4. Example: Logon v2 (code) Home.html <html> <head><title>My Home page</title></head> <body> <p> Welcome to my home page.<br /> <img src="YouAreHere.jpg" /> </p> </body> </html> Logon.jsp <%@page contentType="text/html" pageEncoding="UTF-8"%> <% String un; String pw; String msg = ""; if (request.getParameter("btnLogon") != null){ un = request.getParameter("txtUserName"); pw = request.getParameter("txtPassWord"); if (un.equals("mark") && pw.equals("soft234")){ response.sendRedirect(“Home.html"); }else{ msg = "Login details incorrect."; } } %> <!DOCTYPE html> <html> <head><title></title></head> <body> <form> Please logon:<br /> <input name="txtUserName" type="text" /><br /> <input name="txtPassWord" type="text" /><br /> <input name="btnLogon" type="submit" value="Logon" /> <p><%=msg%></p> </form> </body> </html>

  5. Example: Logon (Fixed Problem) • View Source – shows client-side script: No server-side code

  6. Example: Logon (Problem 2) • User can type home page url (address) directly (bypassing logon page)

  7. Solution • Need way for: • password page to tell home page • that user logged in OK

  8. Technique: Dead-Drop Variables • 2 Spies wish to pass message between each other without actually meeting • Arrange a dead-drop location • one spy leaves message at location • other spy visits location later to pick up message • Variables used as dead-drop containers

  9. Example: Logon v3 (code) Home3.jsp <%@page contentType="text/html“ %> <% Boolean LogonOK; if (LogonOK == false){ response.sendRedirect("Logon3.jsp"); } %> <!DOCTYPE html> <html> <head><title>My Home page</title></head> <body> <p> Welcome to my home page.<br /> <img src="YouAreHere.jpg" /> </p> </body> </html> Logon3.jsp <%@page contentType="text/html" pageEncoding="UTF-8"%> <% String un; String pw; String msg = ""; Boolean LogonOK; LogonOK = false; if (request.getParameter("btnLogon") != null){ un = request.getParameter("txtUserName"); pw = request.getParameter("txtPassWord"); if (un.equals("mark") && pw.equals("soft234")){ LogonOK = true; response.sendRedirect("Home3.jsp"); }else{ msg = "Login details incorrect."; } } %> <!DOCTYPE html> <html> <head><title></title></head> <body> <form> Please logon:<br /> <input name="txtUserName" type="text" /><br /> <input name="txtPassWord" type="text" /><br /> <input name="btnLogon" type="submit" value="Logon" /> <p><%=msg%></p> </form> </body> </html>  Does not work  Variables do not persist between pages LogonOK True

  10. Example: Logon v3 (Error) • Variables – don't persist between pages

  11. Passing Data (temporary) • Session object • used to pass information between pages: • exists for current session • persist between pages • clears if user closes browser • clears after 20 mins of inactivity • no need for declaration session.setAttribute("Thing", 91); Put 91 into Thing

  12. Maintaining State: Session Object Send.jsp <%@page contentType="text/html" %> <% if (request.getParameter("btnSend") != null){ session.setAttribute("MSG", "Meet in BGB202"); }else if (request.getParameter("btnClear") != null){ session.invalidate(); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <form> <input name="btnSend" type="submit" value="Send" /> <input name="btnClear" type="submit" value="Clear" /> <p><a href="display.jsp">Display</a></p> </form> </body> </html> • Session variable • all objects • no declaration • invalidate method • deletes all session variables

  13. Maintaining State: Session Object Display.jsp <%@page contentType="text/html" %> <% String s = ""; if (session.getAttribute("MSG") != null){ s = session.getAttribute("MSG").toString(); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <p>Message: <%=s%></p> </body> </html> • read session variable, and • display

  14. Example: Message Display.jsp <%@page contentType="text/html" %> <% String s = ""; if (session.getAttribute("MSG") != null){ s = session.getAttribute("MSG").toString(); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <p>Message: <%=s%></p> </body> </html> Send.jsp <%@page contentType="text/html" %> <% if (request.getParameter("btnSend") != null){ session.setAttribute("MSG", "Meet in BGB202"); }else if (request.getParameter("btnClear") != null){ session.invalidate(); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <form> <input name="btnSend" type="submit" value="Send" /> <input name="btnClear" type="submit" value="Clear" /> <p><a href="display.jsp">Display</a></p> </form> </body> </html> • Using Session variable: MSG Meet in BGB202

  15. Questions: Session Variables • Write a line of code to put the number 74 into a session variable called id. • Write code that puts 'Hello' a variable called msg if the session variable called id is equal to 74 session.setAttribute("id", 74); if (session.getAttribute("id") == 74){ msg = "Hello"; }

  16. Passing Data (temporary) • Query Strings • Useful for passing information between pages via links

  17. Maintaining State: Query Strings Query String • Data added to end of URL (address): page.jsp?Surname=Bob • JSP code can use this data: • request.getParameter("Surname") • would return the value "Bob" • Form method=get • data automatically added to query string

  18. Example: Date-Time Menu.jsp <html> <head> </head> <body> <p>What background colour do you want for you date information? <br><a href=DateTime.jsp?Colour=yellow>Yellow</a> <br><a href=DateTime.jsp?Colour=cyan>Light Blue</a> </body> </html> DateTime.jsp <%@page contentType="text/html" %> <%@page import="java.util.Date" %> <!DOCTYPE html> <html> <head><title></title></head> <body bgcolor=<%=request.getParameter("Colour")%>> <p>The date is <%=new Date()%>. </body> </html>

  19. store small textual data on user's (client) computer Actual location varies with platform (Windows, Linux, etc.)C:\Documents and Settings\UserName\Local Settings\Temporary Internet Files e.g. (from www.amazon.co.uk)session-id-time2082758401lamazon.co.uk/1536267915020831961202421942348830182897 Cookies: What

  20. has 6 parts: Name Value Domain Path Expiration Security flag Name and Value are required others have default values Cookies: Parts 20

  21. create cookie object Constructor takes 2 parameters: name and value(both Strings) add cookie to response Cookies: Creating Cookie c; c = new Cookie("X", "23"); response.addCookie(c); • Note: • any number of cookies can be created and added • cookies with same name are replaced

  22. get cookies using request.getCookies cookies are in an array process the cookies: use loop getName returns name getValue returns value Cookies: Reading Cookie[] cookies; cookies = request.getCookies(); for(int i=0; i<cookies.length; i++){ // cookies[i].getName() // cookies[i].getValue() }

  23. browsers don’t always accept cookies most modern browsers support cookies still a few people using very old browsers often the user turns cookies off! user concerned with what server is doingwith information about themthen probably turn cookies off can be used to transfer sensitive information in clear text NOT a serious security threat (no viruses) Cookies: Disadvantages

  24. Example: Message 2 (cookies) Send.jsp <%@page contentType="text/html" %> <% Cookie c; if (request.getParameter("btnSend") != null){ c = new Cookie("MSG", "Meet in SMB109"); c.setMaxAge(3600); // 1 hour (60 * 60) response.addCookie(c); }else if (request.getParameter("btnClear") != null){ c = new Cookie("MSG", null); c.setMaxAge(0); // delete cookie. response.addCookie(c); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <form> <input name="btnSend" type="submit" value="Send" /> <input name="btnClear" type="submit" value="Clear" /> <p><a href="DisplayCookie.jsp">Display</a></p> </form> </body> </html> MSG Meet in BGB202 Display.jsp <%@page contentType="text/html" %> <% Cookie[] cookies; int i; String s = ""; cookies = request.getCookies(); if (cookies != null){ for(i=0; i<cookies.length; i++){ if (cookies[i].getName().equals("MSG")){ s += cookies[i].getValue() + "<br />"; } } } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <p>Message: <%=s%></p> </body> </html>

  25. Example: Message 2 (add cookies) Send.jsp <%@page contentType="text/html" %> <% Cookie c; if (request.getParameter("btnSend") != null){ c = new Cookie("MSG", "Meet in SMB109"); c.setMaxAge(3600); // 1 hour (60 * 60) response.addCookie(c); }else if (request.getParameter("btnClear") != null){ c = new Cookie("MSG", null); c.setMaxAge(0); // delete cookie. response.addCookie(c); } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <form> <input name="btnSend" type="submit" value="Send" /> <input name="btnClear" type="submit" value="Clear" /> <p><a href="DisplayCookie.jsp">Display</a></p> </form> </body> </html> Cookie c; if (request.getParameter("btnSend") != null){ c = new Cookie("MSG", "Meet in SMB109"); c.setMaxAge(3600); // 1 hour (60 * 60) response.addCookie(c); }else if (request.getParameter("btnClear") != null){ c = new Cookie("MSG", null); c.setMaxAge(0); // delete cookie. response.addCookie(c); }

  26. Example: Message 2 (get cookies) Display.jsp Cookie[] cookies; int i; String s = ""; cookies = request.getCookies(); if (cookies != null){ for(i=0; i<cookies.length; i++){ if (cookies[i].getName().equals("MSG")){ s += cookies[i].getValue() + "<br />"; } } } <%@page contentType="text/html" %> <% Cookie[] cookies; int i; String s = ""; cookies = request.getCookies(); if (cookies != null){ for(i=0; i<cookies.length; i++){ if (cookies[i].getName().equals("MSG")){ s += cookies[i].getValue() + "<br />"; } } } %> <!DOCTYPE html> <html> <head><title>JSP Page</title></head> <body> <p>Message: <%=s%></p> </body> </html>

  27. Reference: Server Object Model • request object: calling web page • getParameter: used to get form and query-string data from page • getCookies: used to get cookie data from page • response object: web page sent back • sendRedirect: used to navigate to other page • session object: store data between pages • setAttribute: stores data • getAttribute: gets data • invalidate: clears session data

  28. Passing Data (persistent) • Cookies • stored on users’ (client) hard drive • persists between sessions • can be viewed by client • sent over http • Database/file (covered in later lectures) • stored on server hard drive • persists between sessions • cannot be accessed directly by client

  29. Tutorial Exercise: Message • LEARNING OBJECTIVE:pass data between pages using session variables, and (form)self-posting • Task 1: Get the message example working (from the lecture) • Task 2: Change the send.jsp page so that when you click the buttons it gives some feedback as to what has happened.

  30. Tutorial Exercise: Logon • LEARNING OBJECTIVE:pass data between pages using session variables, and (form)self-posting • Task 1: Type in the code for the Logon v3 example (from the lecture) NOTE: this will not work properly (variables do not persist between pages) • Task 2: Modify this to use a session variable to 'remember' whether the logon was successful. Note: It should not be possible to view the source code Note: It should not be possible to bypass the logon

  31. Tutorial Exercise: Date • LEARNING OBJECTIVE:pass data between pages using query strings • Task 1: Get the Date-Time example (from the lecture) working • Task 2: Modify your page to provide another choice of background colour.

  32. Tutorial Exercise: Message 2 • LEARNING OBJECTIVE:pass data between pages using cookies • Task 1: Get the message 2 example working (from the lecture) • Task 2: Change the send.jsp page so that the user can change the text that is senthint: add a text box

More Related