The Server object controls the environment in which the server-side scripts are executed. The single most important member of the Server object is its CreateObject method, which can create a new instance of an object from a registered class.
The CreateObject Method
This method Is identical to the Visual Basic CreateObjectO function. It accepts as an argument the programmatic ID (Class 10) of an object and returns an instance of the object. The syntax of the CreateObject method is:
To access a database through the AOO component, for instance, you first create a Connection object and a Re order set object with the following statements (see the section “Using ActiveX Data Objects,”.
Similarly, you must create object variables to access the other basic components of ASp, such as the File Access component and the Advertisement Rotator component. You can also use the Server’s CreateObject method to create object variables for accessing your own custom ActiveX components. See the section “Using the Active Data Objects” for information on how to contact databases through object . variables.In the section “Contacting ActiveX Components,” at the end of the chapter, you’ll see how to create object variables that contact custom ActiveX components running on the server.
The MapPath Method
Another commonly used method of.the Server object is the MapPath method, which maps virtual folders to actual path names, nus method is useful in developing server-side scripts for a very simple reason; all the files you access are stored in virtual folders. You can rearrange the entire folder structure of a Web site and then
rename a few virtual folders, and your scripts will never know. In some situations, however, you need to know the actual path to a file, and the MapPath method will return this value.
The Session and Application Objects
The Session object maintains variables that apply to a specific session. Before we examine the members of this object and how it’s used in developing an ASP application, let’s look at how the ASP.component maintains sessions with a stateless protocol.
When the client connects for the first time, the server sends the ASP SESSION ID cookie, which is stored on the client computer. Then.every time the client contacts the server, the ASP SESSION ID cookie is transmitted along with the request’s header.
ASP processes this cookie and.uses it to restore the variable values saved previously in the Session object. The ASP SESSION ID cookie doesn’t have an expiration value and expires automatically when the client disconnects. The next time the same client connects, a new cookie is sent, and a new session is created. To maintain information between sessions, you must store a cookie with an expiration date on the client, read it as soon as the client to the Web server, and use it as a key to a database with ·relevant data (such as use! preferences, access rights, and so on).
The Application object plays a similar role. It maintains a set of variables, not for each session, but for the application. Simple examples are a welcome message that’s displayed on each client’s window and a visitor counter. To implement a visitor counter with ASP, all you have to do is create an application-wide variable and increment it every time a client hits your home page (which must be an ASP document).
To create a new Session or Application variable, you need only reference it in your code:C this is VBScript; you are not required to declare variables). The statement:
assigns the value of the cookie UserName (which presumably has been set by the client) the Session variable UName. You can also assign function values to the Session variables, as the following statement does:
The name of the variable is on the left side of the above expressions. You can use Session variables to build all types of expressions and ,statements with VBScript. The following statement terminates a client connection if it’s been active for more than 12 hours:
The Abandon method terminates the current session. Application variables are declared and used in the same manner, but since multiple scripts can access Application variables, there is always a chance that more than one script will attempt to change the value of an Application variable. The Application object provides the Lock and Unlock methods, which must be called before and after setting the variable:
The Session and Application objects support object variables too, created with the.CreateObject method of the Server object. The difference is that object variables stored in the ~on, object can’t be accessed by.other sessions. If you have many clients accessing the same object (~, same component on the server), you will be creating many instances of the same component, which may affect performance. This isn’t as simple as it sounds. An object can be accessed by multiple sessions only if it has been designed to support multiple threads of execution.
The Start and End Events
Bot:l\the Session and the Application objects support Start and End events, which signal when a Session or an Application starts and when it ends. The Start events are:
• Session_On Start
The End events are:
These ‘event handlers include code you should run whenever an application or a session starts or ends. If an application and a session start at the same time, the Application_OnStart event is executed first These events are important in developing ASP applications, but they are not available from within the script. You must enter them in the GLOBALASA file, which lives in the root folder of the application (the folder where the first ASP file to be requested by the client is stored).Typically, the GLOBAL ASP file contains the Start and End events of the Session and .Application objects, as well as variable definitions.
For example, if you want to implement a variable that stores the number of visitors hitting the site, initialize it in the Application_OnStart.event. Enter the following code in the GLOBAL.ASA file:
This event takes place every time the Web server software starts. Since you don’t want to reset this counter every time you stop and restart the service ,you can save the value of the variable Visitors to a text file on the server’s disk, as explained. In the Application_OnStart event, you read the value of the variable from the text file, and in the Session_OnStart event, you increase’it by one:
You must also enter this procedure in the GLOBACASA file. This technique works well. The number will not increase each. time a visitor hits the home page during the same session, because the Session_OnStart event is only triggered the first time.
Displaying a fancy counter on your pages is a different story. You can simply display this number in a large font on your home page, or you can generate a GIF file on the fly and display it on the home page. The Structured Graphics control that comes with Internet Explorer 4 lets you create elaborate graphics with simple text commands. This control Is-probably the simplest way to display a graphic that shows the number of visitors.
If your pages call a specific component frequently during a session, you can declare an object variable in the Session’s Start event, This variable will be available from within any part during the current session, Here’s a simple example that creates an obj~ variable referring the MyObject component:
Any page in the current session can use the MyObj object variable, and each session’s MyObj variable is independent of the other sessions’ MyObj variable.
Storing and Recalling Cookies
You have certainly noticed that some of the sites you’ve visited (Microsoft’s home page is one of them) can be customized according to the visitor’s preferences. How is this done? How does the server know each visitor’s preferences between sessions? If each user had a fixed IP address, it would be possible (although not very practical) for the server to maintain a database with IP addresses and the preferences for each user. The IP address of the client computer is given by the Server- . Variables collection of the Se,ver object. But clients have different IP addresses each time they connect, so this approach is out of the question .
If you think about it, you will see that the only way for the server to maintain information about specific clients is to store this information on the client computer itself and recall it each time the client connects to the server. The information is stored on the client computer by the browser, in a special folder, in the form of variables and values. But instead of variables, they are called cookies .
You could force your site’s visitors to register before they are allowed to connect and store customization information in a database on the server. This approach, however, can only be used by sites of specific interest. A general Web site shouldn’t have to maintain an enormous database, when cookies work just as well.
Cookies are also used to pass information between pages of the same site. Let’s say you’re building a Web site for online orders. The site is made up of many pages, and visitors can order items from each page. How do you keep track of the visitors’ orders? Each page can have its own script, and each page can have its own variables, but their scope is limited to the page on which they were declared. There is no way for two or more pages to share common variables. This is direct consequence of HTTP being a stateless protocol. Each time a new page arrives at the client, the browser forgets everything about the current page (except for its URL so that it can jump back to it). Orders made on one page can be stored on the client computer in the form of cookies and read by any other page of the same site.
Since cookies are managed by the browser, Web pages can’t access your computer’s hard disk directly (that’s why cookies are safe). Moreover, when a page requests the values of the cookies, the browser supplies only those cookies that were stored by pages of the same site. In other words, cookies left on your computer by Microsoft’s Web site can’t be read by pages of other sites. The browser . supplies each page with the cookies left by other pages of the same site .
Cookies have expiration dates too. If a cookie is stored without an expiration date, it ceases to exist after the current session. A cookie with an expiration date remains on the client computer until it expires .
To store a cookie on the client computer, use the Cookies property of the Response object. The Cookies’ property is a collection, and you can create and access individual cookies by name. To create a new cookie, use a statement such as the following:
If the cookie Favorite Sport exists on the client computer, its value will be overwritten. If it does ‘not exist, a new cookie is created. This cookie is released as soon as the current session ends.
You can specify the expiration date and time with the Expires property of the cookie, as follows;
Cookies have other properties too:
Domain: If specified, the cookie value is sent only to requests from this domain. This property is used along with the Path property.
Path: If specified, the cookie is sent only to requests made from this path on the server, and not to every page on the same site.
HasKeys: Specifies whether the cookie contains multiple keys (in which case it’s a dictionary). This property is read-only.