Client server relationship

Client-server – client request action, server perform action and respond to client

Request response definition- first computer request data, second computer respond the request

How browser communicate with server

1. User enters a URL.

2. Browser requests the DNS server for the website's IP address.
3. DNS server responds with the IP address.
4. Browser sends an HTTP/HTTPS request to the server.
5. Server sends the website files.
6. Browser renders and displays the website.

Static Website:

 Created using HTML

 Prebuilt content, fixed each time the page is loaded
 Content changes only when the source code is manually updated
 Easy program
 For small scale website

Dynamic Website:

 Uses server-side scripting to interact with a database

 Content displayed based on user interactions, changes regularly
 Content stored in a database, allowing for personalized and real-time updates
 More complex and difficult to program
 Suitable for large-scale website

Multi Tier Approach

3 tier architecture
Presentation side(Client-Side) – Handles user interaction, send user interaction to
logic tier.

Logic Side(Server-Side) – handling user request,process data, interact with data tier

Data side(Database management system) – store,manage,retrieve data for the

application, interact with logic tier for CRUD(Create,read,update,delete) operation.
Server side scripting
Part of backend, responsible functionality of website.
Programming language run on web server to generate dynamic web page.

Localhost refers to the local machine making the request.

A web server stores and serves website content. Localhost is used to develop and test websites on
the same computer.

网络服务器存储并提供网站内容。本地主机用于在同一台计算机上开发和测试网站。

 Server: Stores and delivers website files. When a user loads a webpage, their
device requests files from the server, which sends them to be assembled and
displayed.

 Database: Stores website data like user information, search history, articles,
and comments.

 Server-side programming language: Back-end web applications use server-

side programming languages to manage website functionality.

PHP- hypertext processor

-open source scripting language can embedded to html

Variable use for storing values

variable must start with a dollar ($) sign

(A-z, 0-9, _).

Cannot contain space

Local variable- can only accessed within that function

Global variable – can accessed from any part of script

Static variable – local variable will not delete after execute

String- hold number, alphabet and any special character.

Integer – for number, no integer

Float – number with decimal point

Boolean- hold in conditional testing – 2 values true and false

Null –

Array- store multiple values of same data type in single variable

PHP operator
If statement – the expression is true

if else statement- the expression is true, another is false

if else if else – exceute the expression for more than 2 condition

nested if: iuter if is true only will excecute

switch statement – execute 1 statement for mutiple condition

while loop – repeat if true(may cause infinite loop)

do while – excecute once only , conditiom true will repeat

for loop – iterate code for specified time

for each- iterate each element in array, execute code for each element

CRUD operation

Create – create a table to the database

Read – display and read the existing data in database

Update – change and update the current data in database to new data

Delete – delete the existing table in database

CREATE

-Create new entries

-definie structure data such as, tables,colums,fields,data type

- ensure the data is valid based on the data model and check data to prevent data intergrity issues

-using primary keys for unique identification.

Example

User registration: • New user signs up for a website or application, their information is typically
inserted into a user table in the database
READ

-Querying data to retrieve information

- Indexing to optimize READ operation that allow data faster retrieval

-Data retrieval ensure data is fetch in suitable format for the application

example

User profile retrieval: • User logs in to the system, their profile information, such as name, email, and
address, is retrieved from the user table in the database

Update

-Use query language to specify the colums nid to updated and new values

-Validating input data and concurrency to prevents conflict and ensure data consistency

example

User profile update: • User edits their profile information, such as changing their email address, the
updated information is reflected in the user’s record in the database.

Delete

-use query language to specify condition for delete record

Cascading delete – auto delete related record when parent is delete

Soft delete – physical delete, but mark as flag in the database (delete 了不过还在 database)

Implement proper data retention and backup strategy is to prevent data lost in delete operation

Example

• User account deletion: • User requests to delete their account, the corresponding user record is
deleted from the database.

Best practice for CRUD

1. Creation (Create):
 Validate user data to avoid issues.
 Use transactions for consistent data creation.
 Generate unique IDs efficiently.
2. Reading (Read):
 Cache frequently accessed data.
 Use optimized queries and limit data retrieval.
3. Updates (Update):
 Use efficient methods for updating large datasets.
 Implement version control and permissions.
 4. Deletions (Delete):
 Use deletion flags or archiving instead of direct deletions.
 Handle dependent relationships and consider data recovery.
- 使用删除标记或存档，而不是直接删除。
- 处理从属关系并考虑数据恢复,

User input validation ensures that data entered by users is correct and meets specified
criteria. It prevents errors and enhances security. Validation can be done on the client-side for
better user experience and real-time feedback, but server-side validation is needed for
security. Using both types provides the best balance of convenience and security.

1. Function of web cookies

Small piece of data stored by user browsers.
Cookies are send to the server for each request which can remember user preferenes
and track user activity

2. Explain types of web cookies implemented in the website.

Session cookies – temporary cookies stored by browser until browsing session end.
Persistent cookies – stored by the browser even closed. Use to remember user activity across
multiple visit to a site.

3. Discuss the reasons why cookies need to be implemented in the web development.
Session management - allow server to remember user across multiple page request
User authentication – store information for user identifiers, which validate user and provide
access to secure area
Personalization- stored user preferences
Tracking and analysis – collect user pattern and improve performance

4. Describe the function of PHP session.

PHP help track user activity. Allow server remember user specific information. If user was
inactive awhile, the session will end. If he come back again a new session will come out.

5. Find the importance of PHP session.

User authentication: verify user and only user can access certain part
User tracking- track user information for analysis too makes improvement
Security- prevent unauthorized access to sensitive data
Data persistence- enable data to store throughout user browsing session

6. Suggest ways to implement strong session management to prevent from unauthorized

access.

Session ID generation – generate strong, unique session id for each user session
Session validation- implement multi-factor authentication
 Session Timeout and inactivity management- after a inactive period, user nid reauthenticate
again

7. Compare the differences between cookies and sessions

Storage- Stored
Capacity- small storage capacity and large storage capacity

1. Describe the HTTP characteristics.

2. Give examples of HTTP request methods
3. Analyse the HTTP request and response structure when accessing:
“https://www.utar.edu.my/” .
4. Explain HTTP status code in web communication.
5. Give examples of PHP superglobals.
6. Show an example to define and call PHP function.
7. Define action and method attributes in PHP form.
8. Distinguish the major differences between GET and POST methods

Request method

Get - request data from specify resource (can see data at url)(get data from server)

Post – send data to a server to create resource (cant see data ) (for form submission)

Http characteristic

Metadata support – additional information to understand data

Stateleness

Resource identification – request traget sources identify by URI

Request response – client send request to server, server send back response

Major difference between get and post

Get Post

Can visible data at url Not visible in url

Low security High security
Use for retreive data For submit data