Server-Side vs. Client-Side Scripting Languages What are they and what are their differences? By Lories Slockbower S What is server-side scripting? Server-side scripting is a method of programming for the web that runs software on the server rather than the browser or installed plugins to create dynamic web pages. Languages used for these tasks are normal programming languages which include Perl, PHP, JSP, Ruby, ColdFusion, and Python What can server scripts do? S Customize a web page and dynamically change its contents S Respond to queries from users or from HTML forms S Access database and send the information back to the browser Advantages of server-side scripting User does not need to download plugins like Java or Flash User can create one template for the entire website The site can use a content management system which makes editing simpler. Generally quicker to load than client-side scripting User is able to include external files to save coding Scripts are hidden from view so it’s more secure. Users only see the HTML output. Disadvantages of server-side scripting S The scripts can be used by attackers to access the server. They do this by changing the URL to something that takes advantage of a hole in security. System administrators must keep all serverside scripting updated and use an application firewall to prevent this. S Scripting software must be installed on the content management system tools in order to store the dynamic data. Common server-side scripting languages S ASP/ASP.net –Active Server Pages developed by Microsoft to make advanced web pages. Unix servers use Chillisoft ASP. Allows user to get any .net-enabled language to program a site. S JSP/Servlets – Java Server Pages which include JSP tags mixed in with html. Most popular language for higher level applications. S ColdFusion – Runs on top of a JSP/servlet engine. Can cost $1,299 a server. Users can download a free “developer” edition but that is limited to one IP address. Server-side scripting example ASP source: <html> <body> <% response.write("Hello World!")%> </body> </html> Output result S Hello world! More server-side scripting languages S Perl – Practical Extraction and Reporting Language, first released in 1987, is a powerful language with advanced features. Available for free from various scripting directories. Supported by operating systems UNIX, MAC OS 7-9 and S PHP or PHP Hypertext Preprocessor is an open source language. Considered by “standard’ choice for server side scripting in Unix/Linux platforms. S Python- Created in 1989, it is not supported by most web hosting companies. Although easy to learn, there is no standard web application framework for it. What is client-side scripting language? S Client-side scripts are placed within an HTML document in the user’s web browser rather than the web server to allow greater interactivity in a document. For example – client-side scripting could check the user’s form for errors before submitting it S Enables web pages to change content according to user input and other variables, including the time of day. Can also be stored in a separate file that is referenced to the documents that use it. How does it work? S Usually, JavaScript code starts with the tag <script language="JavaScript"> and ends with the tag </script>. S Files are first sent to the user’s computer by the web server which executes the script and displays the document. S The client-side script may also include browser directions based on certain user functions such as clicking buttons. S Frequently, you can see the the source card by viewing the file that contains the script. Example of client-side scripting S Suppose a person completes a form but omits information. When they slick the submit button, an alert box appears telling them about the mistake. S This is JavaScript and is an example of Client Side Scripting because all the activity takes place inside the browser.> Advantages of client-side scripting S Allows for more interactivity S Can perform actions quickly without going to the server S May be easier to use for those whose browsers don’t support scripts S Are available from many free resources such as Hotscripts.com and Javascript.com Disadvantages of client-side scripts S If the user’s browser is out of date, the website will not display properly. S More quality assurance testing is required because different browsers support scripts differently S Not secure because anyone can look at the code in the page source S Some browsers will disable the active content and tell the user they may be harmful. Client-side scripting language S JavaScript – Not to be confused with Java, JavaScript client-side is a programming language is implemented as part of the web browser to enhance dynamic websites S VBScript is a programming language that can manipulate the document objects and the browser So how to know which to use? S Know your audience – Be sure to know what scripts work best with the browsers your audience will use. JavaScript is most compatible with Microsoft Internet Explorer and Netscape. VBScript usually just works on Internet Explorer. S Test scripts on the browsers for both PC and MAC users as browsers on the MACs don’t support scripts as well as the PC versions do. S Scripts should be tested on at least the previous two versions of your audience’s browser since people are slow to update their browsers so the latest scripts may not work. References S http://www.w3schools.com/web/web_scripting.asp S http://www.serverschool.com S http://en.wikipedia.org/wiki/JavaScript S http://opensourcetutorials.com/Design-AndLayout/Usability/web-widgets S http://htmlhelp.com/reference/html40/special/script.html S http://astahost.com/info.php/serverside-clientside_t16081.html S http://exforsys.com/tutorials/client-server/server-sidescripting.html S http://www.ehow.co.uk/how_8426161_remove-client-sidescripting.html S http://www.webdesignerdepot.com/2009/11/coding-a-webdesign-for-speed-and-quality/ S http://www.google.com/imgres?imgurl=http://nas.uhcl.edu/y ang/research/webdevelopmentcourse/clientSideScripting.gif& S http://rentacomputertoday.com/tag/computer-hackers/ S http://www.w3schools.com/asp/showasp.asp?filename=demo _text S http://whatismyipaddress.ricmedia.com/help/JavaScript/about /