Introduction to Server-side Scripting
Server-side scripts are discrete blocks of program code that execute on a web server (as opposed to a web client) computer. They are generally used to create dynamic web pages. This means that the page displayed to the user does not exist as a document on the server in its own right, and is only brought into existence in response to a user request. Often, a server-side script provides the interface between a web-based user interface and a database that resides on a web server.
Early server-side scripts were almost always C programs, Perl scripts or shell scripts which were accessed via the Common Gateway Interface (CGI). Today these scripts, together with scripts created in more recent web application programming environments such as ASP or PHP, can be executed directly by the web server itself, or through the use of server extensions. Direct execution is usually faster, as the involvement of a separate interpreter is not required. The following technologies are currently used to create web applications using server-side scripts:
- Active Server Pages (ASP) - a server-side scripting environment from Microsoft, first released in 1996, that is used to create dynamically generated web pages. The files produced are essentially HTML documents with ASP scripts embedded within them, and a file extension of .asp. Scripts are usually written in VBScript (although other scripting languages such as Jscript or JavaScript can also be used), and interpreted by the server at run-time. ASP will normally run only on Microsoft servers, although third party vendors have produced versions that run on other platforms.
- ASP.NET - the successor to Microsoft's Active Server Pages (now frequently referred to somewhat nostalgically as "Classic ASP"), and described by Microsoft as a "web application framework". First released in 2002 with version 1.0 of Microsoft's .NET Framework, ASP.NET allows programmers to create web applications using any scripting or programming language supported by the .NET Framework. The main building blocks of ASP.NET web applications are pages known as web forms, which are essentially HTML or XHTML documents that contain definitions for server-side Web Controls and User Controls, and (optionally) server-side code. Web forms have the file extension .aspx.
- ColdFusion Markup Language (CFML) - a scripting language originally introduced by Adobe Systems in 1995 that enables web developers to embed database commands and other server-side scripting elements within standard HTML or XHTML documents in order to create web applications. The pages in a ColdFusion web application are pre-processed by the ColdFusion Application Server when requested by a client browser. As of 2008, the current version was 8.0.1. Version 9 is currently under development.
- JavaServer Pages (JSP) - a Java technology similar to ASP that is used to create dynamically generated web pages by embedding Java programming code in HTML or XHTML documents. JSP was Sun Microsystems' response to ASP. A JavaServerPage is compiled into a Java servlet by an application server, rather than being interpreted like "Classic" ASP (a servlet is a Java program that executes on the server to create dynamic web pages).
- Perl - a high-level, interpreted programming language originally developed by Larry Wall in 1987 as a general purpose scripting language for UNIX systems. Perl is essentially a procedural programming language loosely based on C that has been used to write CGI scripts since the early days of the Web, and has become very popular for the creation of web applications, especially those where database access is required. Perl is free software licensed under both the Artistic License and the GNU General Pubic License, and distributions are available for most operating systems. The Comprehensive Perl Archive Network (CPAN), established in 1995, is a repository for both Perl distributions and publicly available Perl modules that are not part of the Perl distributions themselves. As of 2009 Perl 5 is still being actively maintained (version 5.8.9 was released in December 2008), although version 6 is currently in development. Like PHP and Python, Perl represents on of "the three Ps" associated with the LAMP and WAMP web application architectures
- PHP - a widely-used scripting language originally created by Rasmus Lerdorf in 1995, and now maintained by the PHP Group. PHP originally stood for Personal Home Pages, although the acronym is now understood to stand (somewhat recursively) for PHP: Hypertext Preprocessor. PHP is free software released under the PHP License, and is especially suited to web development. As with other server side scripting languages, PHP code can be embedded into HTML or XHTML documents and is executed on the server to generate dynamic web content. The current version of PHP is version 5, with version 6 currently under development. PHP is frequently used together with MySQL, and is one of the key technologies in the WAMP (Windows, Apache, MySQL and PHP) and LAMP (Linux, Apache, MySQL and PHP) web application architectures, although the "P" may also refer to Perl or Python.
- Python - a general-purpose high-level programming language conceived in the late 1980s by Guido van Rossum that supports multiple programming paradigms (primarily object-oriented, imperative and functional), and is often used as a scripting language for web applications. The language is now maintained by the Python Software Foundation. The current version (3.0) was released in December 2008. Python is a standard component of several operating systems, including most Linux distributions.
Server-side versus client-side scripting
Server-side and client-side scripting serve very different purposes. Client-side scripting is executed on the client computer, and usually runs as interpreted program code within the browser. It can be used to make web pages more interactive (for example by creating rollover effects), to determine which user-agent (browser) is running on the client computer, or to validate form data before it is sent to the server to be processed by a server-side script. One of the most important differences is that the factors that determine the effectiveness of client-side scripting will be largely outside the control of the application developer. Although most client-side scripts are written in an ECMAScript-compliant language such as JavaScript, some are written in a proprietary scripting language that will not work correctly in all browsers. Furthermore, older versions of popular browsers may not support client-side scripting at all, while newer versions offer the user the option of turning off support for scripting.
Server-side scripting can be used to process form information submitted by a client, query or update a server-side database, and dynamically generate web pages that can be displayed in the user's browser. All the necessary processing is carried out on the server, and is therefore entirely under the control of the application developer. The web content generated and sent to the client will be displayed correctly, regardless of the type of browser in use, or any restrictions imposed by a user-defined browser configuration. In fact, the server-side script can use the environment variables contained within client requests to determine which user-agent sent the request, and if necessary modify the format of the dynamically generated response accordingly. When deciding whether to use client-side or server-side scripting, therefore, consider the extent to which you need to control the processing being carried out by the script. The main benefit of server-side scripting is that you have far more control over the behaviour of your application. The main disadvantage is that the server will have a greater overall workload, and the user will experience significant delays between initiating a request and receiving a response.