|
Using Query Strings |
|
| Web Toolkit Tutorial Home | Table of Contents | Using Sessions for the Logon Page | Server-Side Includes |
|
We can improve the logon process, especially if the employee fails to login incorrectly.
|
||||||
|
In this lesson, we will use query strings to make the logon page more friendly. However,
in order to do that, the login page must now become an SSP instead of a plain HTML file
because it must contain logic. Is the page is being displayed for the first time or did
the employee fail to login correctly? The use of query strings will solve this question.
|
||||||
|
1.
If VisualWorks is not already running, please start running it now, load the Web Toolkit
parcel and start a Wave HTTP server. You should also file in the code from
Toyz Inc J2 and make sure the initialize
method of the Filestuff class sets the correct location of the directory
variable (i.e. the directory that contains the 3 data files).
2. Create servlet ServletVerify3 and copy the doPost:response: method from ServletVerify2 into this class. 3. Modify the two lines that contain the redirectTo: method. The change would be as follows:
ifTrue: [ aResponse redirectTo: '/teach/main3.ssp'. ]
4.
The line of interest is the second line. Note the question mark followed by msg=111.
This is an example of how to pass data to an SSP page using query strings. The question
mark informs the web server that what follows is a "named pair" - a variable (msg) and a
value (111) separated by an equal sign. There can be no spaces between the variable
and the value. You can use "spaces" for the value by substituting a space with the characters
%20 (as many as you have). The variable you use can be anything string of characters
you want - it is completely arbitrary as to what you use.
ifFalse: [ aResponse redirectTo: '/teach/logon3.ssp?msg=1111'.]. 5. Accept the changes in ServletVerify3. 6. It's possible that the employee bookmarked the home page after a successful logon. Session variables "live" for only 20 minutes. If the employee comes back to the home page via the bookmark after this time period, 20 minutes, it will not find the session variable. In this case, we should redirect the employee back to the logon page with an appropriate message. 7. Start with the file main2.ssp from the previous lesson. 8. Insert logic to check for the presence of the session. If the session (variable) still exists, welcome the employee as usual and provide a link to the Cincom home page. If the session has expired, inform them of this and provide a link back to the logon page. The core logic code would be as follows:
<%
9.
Save this file as main3.ssp.
signon := session at: 'signon' ifPresent: [ :signon | response write: ('<h3>Hello ', signon firstName,'</h3>'). response write: '<br><br>'. response write: '<a href="http://www.cincom.com">Cincom Home Page</a>'. ]. session at: 'signon' ifAbsent: [ response write: '<h5>Your session has timed out.</h5>'. response write: '<a href=logon3.ssp?msg=222>Please Login Again</a>'. ]. %> 10. Finally, the modification to the logon page. Start with the file logon2.htm from the previous lesson. Insert code to extract the value of the query string parameter and display an appropriate message based upon its value. Place the following code between the <hr> line and the <form> line. The change would be as follows:
<hr width="75%" size=4>
11.
Save this file as logon3.ssp.
<% message := request anyParameterValueAt: 'msg'. (message size) > 0 ifTrue: [ response write: '<font color=red>'. (message = '111') ifTrue: [ response write: 'Login incorrect. Please try again'.]. (message = '222') ifTrue: [ response write: 'Session expired. Please logon again'.]. response write: '</font>'. ] ifFalse: [ response write: 'Welcome to the TEACH login page.<br>'. ]. %> <form action="servlet/ServletVerify3" method="post" name="form1"> 12. Test your changes. |
||||||
|
Why can't we just redirect the user to the logon page if their session has expired?For example, the following code should work. However, to fully explain why it will not, the HTML that precedes this code block is presented as well.
<html>
The problem here is where the redirect occurs. All of the HTML above the code block has already
been sent out by the web server. The web server, at this point, has no clue that a redirect is
going to occur. As soon as the web server sees its first HTML tag, it assumes this is a
"normal" SSP page and starts pumping everything out to the data stream. All of a sudden, it
gets a statement to redirect to another page.
<head> <title>Toyz Inc. Home Page</title> <link rel="stylesheet" type="text/css" href="toyzinc.css"> </head> <body bgcolor=white> <center> <hr width="75%" size=4> <table border=0 cellpadding=2 cellspacing=2 width=75% bgcolor=#FFFFFF> <tr> <td width="40%" align=right> <img src=images/toyzinc.gif> </td> <td width="50%" align=left> <h3> Toyz Inc. <br> Employee <br> Accreditation & <br> Course <br> History </h3> </td> </tr> </table> <hr width="75%" size=4> <% session at: 'signon' ifAbsent: [ response redirectTo: ('logon3.ssp?msg=222'). ]. %> This is not allowed!! Once the web server starts outputting data to the HTML data stream, it cannot be given a redirect command. This must always be kept in mind when dealing with a redirect. The solution would be to place the code block at the very beginning of the SSP and check for the presence of the session before any HTML is sent to the output buffer. However, this would require you to totally restructure the entire page. At this point in the tutorial, the solution is beyond the scope of what has been covered so far and will be discussed at a later time. 13. From the System Browser, <Operate-Click> the category of ToyzInc and select File Out As.... Enter ToyzInc_j3.st as the filename. |
||||||
|
|
Congratulations! Phase 3 of the logon process is complete
You now should be able to:
|
| Web Toolkit Tutorial Home | Table of Contents | Using Sessions for the Logon Page | Server-Side Includes |