The intent of this page is to gather beginner resources for website scripting and programming. I assume you've already learned some HTML (if not, see LearningHtmlAndCss). WebSiteProgramming is different from WebApplicationDesign. If you are more interested in the client side programming aspects, see WebDesignCurriculum instead. '''MyWebsiteLearningExperience''' is to make sure there is some awareness of WebsitePatterns, but then get your hands dirty (CodeSmell''''''s) as soon as possible. The journey towards HtmlZen is long and windy. Let's ''start with CGI'' (CommonGatewayInterface). In today's world you need to be mindful of CgiScriptSecurity. CGI is used as ServerSideInclude''''''s in almost all environments. CGI scripts are often associated with PerlLanguage (see note), but personally I think PythonLanguage is better for beginners, so IwannaLearnPython too. * You may have heard of ''PerlLanguage being more powerful'', and WardsWiki is implemented that way. But forget it unless you want to learn a CareerLanguage. See also CgiVsServlet for more overview in regards to the former. ---- '''Server functionalities without CGI''' This is going to negate a bit what was said in the previous section. There are other ways to provide server functionality. ''?Lightweight Functionality on the webserver'' * ServerSideJavaScript * Server executed VbScript * JavaServlets * ComponentObjectModel ComPlus objects, usually written in VbClassic and front-ended by ActiveServerPagesInVbClassic The next section cover high end CGI alternatives that are 21st century technology marvels. ---- '''Server programming for the ServiceOrientedArchitecture driven companies''' It could be useful for the uninitiated to visit ComponentDesignPatternsContext and JavaBeans pages before the pages listed in the rest of this section is visited. In this arena there are two major camps of technology providers, JavaPlatform (3 main providers) and Microsoft. The views are discussed in EjbVsComPlus. ''Heavyweight server typically implemented on separate machines'' * JavaTwoEnterpriseEdition, requiring EnterpriseJavaBeans and EjbServers * Other application servers (e.g., ColdFusion) '''Q''' What do I miss out if I get focused on ActiveServerPages VbClassic (or VbDotNet) and forget about CGI / Perl? Are there essential functionalities not represented in MS-specific technologies? -- dl * I am aware that some MS shops hardly use CGI, but instead rely on VbScript for client-side processing, and JavaScript for server use. If I work in a shop like that, then IwannaLearnAsp. To get your hard work tested you need your WebSite tested. Various hosting services have different server environments you need to be aware of, and if you are lucky, you may be able to get by with some FreeHosting. ---- Resources: * 1997 book called ''CGI Unleashed'' available at http://docs.rinet.ru/UCGI/ ---- '''PerlLanguage and CommonGatewayInterface''' First, the CGI model is not tied to a specific language. And I am unable to parse the above... more powerful than what? But, traditional CGI under Unix is not a good model for web applications that must scale. Not only must a normal CGI process fork a shell on each request, it must also rebuild things like DB connections on each request (yes, I know that there are workarounds for this). If you want to run Perl CGI scripts under high load, you should take a look at ModPerl'''''''s Apache::Registry(?) module. ---- '''World of ApplicationServer''''''s''' See Rahul Kumar's excellent article (2000) called "Exploring the World of Application Servers". One source is http://www.serverwatch.com/tutorials/article.php/10825_538781_2, but it appears to be partly broken (incomplete). Worthwhile to track down for a good copy as it discusses all aspects related to servers, (i.e., security, management, load balancing, etc.) ---- '''Website InformationSecurity aspects''' It is certainly worth understanding the security implications of taking data from non-trusted users. There are some pretty ''convoluted exploits'' out there. A main focus area is to program very defensively against deliberate exploits. Examples: * "poison null byte" - See http://users.easystreet.com/ovid/cgi_course/lessons/lesson_three.html. * "cross site scripting attack" - What is insidious about it is that you can have secured your own site against attack, but still leave your users open to attack. See Google for details. ''Security related Resources'' * 1998 Web security presentation by LincolnStein at http://stein.cshl.org/~lstein/talks/WWW7/WebSecurity.zip * SansInstitute 2003 paper on DomainNameService security at http://www.sans.org/rr/whitepapers/dns/1264.php See also WebApplicationSecurity ---- ''IwannaLearnCgiScripting as a better name? The current name connotes "writing html"'' * To you, maybe. To me it means "programming in direct support of implementing a web site", which is certainly more than just CGI. Client-side applets (JavaApplet''''''s, JavaScript, MacromediaFlash), Server-side servlets, DHTML, CGI in perl/python/ruby/PHP, forms handling, database tie-ins to forms and dynamically generated HTML, dynamic generation of GIFs to display math from TeX/MathMl/eqn, MovableType plugins... * Flash, ShockWave, XML, XHTML... and the cross-browser shenanigans aren't over yet. ---- ''Anyone got comments on LincolnStein book "How to Set-up and Maintain a WebSite?" (ISBN: 0201634627)'' * Is it good for beginners? If not, what else? ---- See also WebApplicationSecurity WebApplicationProblemDomain ---- CategoryWebDesign