Theory Assignment

Q1. What do you mean by protocol? Describe the various protocols governing the web applications? Ans 1. When computers communicate with each other there needs to be a common set of rules and instructions that each computer follows. A specific set of communication rules is called a protocol. Protocol usually refers to a set of rules that define an exact format for communication between systems. For example the HTTP protocol defines the format for communication between web browsers and web servers the IMAPprotocol defines the format for communication between IMAP email servers and clients and the SSL protocol defines a format for encrypted communications over the Internet. A uniform set of rules that enable two devices to connect and transmit data to one another. Protocols determine how data are transmitted between computing devices and over networks. They define issues such as error control and data compression methods. The protocol determines the following: type of error checking to be used, data compression method (if any), how the sending device will indicate that it has finished a message and how the receiving device will indicate that it has received the message. Internet protocols include TCP/IP (Transfer Control Protocol/Internet Protocol), HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), and SMTP (Simple Mail Transfer Protocol). The various protocols governing the web are as follows :1. HTTP - The Hypertext Transfer Protocol (HTTP) is a networking protocol for distributed, collaborative, hypermedia information systems.[1] HTTP is the foundation of data communication for the World Wide Web. It usually works on port 80 2. FTP - File Transfer Protocol (FTP) is a standard network protocol used to copy a file from one host to another over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server.[1] FTP users may authenticate themselves using a clear-text sign-in protocol but can connect anonymously if the server is configured to allow it. It usually works on port 21. 3. SMTP - Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. It works on port 25. It is mainly used to send e-mail messages. 4. POP - Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remoteserver over a TCP/IP connection. POP and IMAP (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. It works on port 110. 5. SSL - SSL is an acronym for Secure Sockets Layer. It creates an encrypted link between a web server and a web browser. The link ensures that all data passed between the web server and browser remains private and secure. 6. DHCP - The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks. DHCP allows a computer to be configured automatically, eliminating the need for intervention by a network administrator. This prevents two computers from accidentally being configured with the same IP address. 7. IRC - Internet Relay Chat (IRC) is a form of real-time Internet text messaging (chat) or synchronous conferencing.[1] It is mainly designed for group communication in discussion forums, called channels,[2] but also allows one-to-one communication via private message[3] as well as chat and data transfer,[4] including file sharing.[5]

Q2 a. What is the difference between static and dynamic web pages? Ans. A dynamic web site is one which is designed to have regularly changing content. A static web site is one where all the pages are worked out in advance, and don't change. A static website will generally provide consistent, standard information for an extended period of time. Although the website owner may make updates periodically, it is a manual process to edit the text, photos and other content and may require basic website design skills and software. A dynamic website is one that changes or izes itself frequently and automatically, based on certain criteria. A dynamic web site costs more to design and develop, but it is then flexible and can change and grow along with your organisation. A static web-site is cheaper and easier to design. Q2 b. What is web? What are the key elements of web design? Discuss some of the important features of web design. Ans The web is a distributed document delivery system. It uses the client server model. HTML is the main presentation language of the web. In other words, the web is a hypertext system that runs on top of the internet and is based on three main standards URL, HTTP, HTML. Q3 a. What is HTML? What are the benifits of HTML? Ans- The language used to develop web pages is called Hyper Text Markup Language. HTML is the language interpreted by the browser. HTML is a set of special codes that can be embedded in text to add formatting and linking information. Web pages are also called HTML documents. HTML is specified as tags in an HTML document. There are many benefits of HTML (Hyper Text Markup Language) over other computer languages, and here are just a few of them. Its easy to use even for non-programmers. It has a pretty loose syntax. It is supported on all the browsers It is widely used on all websites. It will cost you nothing. Easy to learn. Q3 b. What is a form? How do you create forms in HTML? Ans - An HTML form is a section of a document containing normal content, markup, special elements called controls (checkboxes, radio buttons, menus, etc.), and labels on those controls. Users generally "complete" a form by modifying its controls (entering text, selecting menu items, etc.), before submitting the form to an agent for processing (e.g., to a Web server, to a mail server, etc.) HTML forms are used to pass data to a server. A form can contain input elements like text fields, checkboxes, radio-buttons, submit buttons and more. A form can also contain select lists, textarea, fieldset, legend, and label elements. The <form> tag is used to create an HTML form: <form> . input elements . </form> Q3 c. What are menus? How would you create menus? Ans 3c. Menus are the best way to provide access to data. We give the visitors the option

of selecting one of the options provided by us. We use the select tag along with the option tag to achieve this. For example <select name = Items size=2> <option selected> French Fries <option>Hamburgers </select> Here the size attribute is used to control the number of items initially visible in the list. The selected attribute specifies the option to be selected by default. Q4 a. What is a list? Explain the various types of lists used in HTML? Ans - A list provides a mechanism for specifying lists of information. All lists must contain one or more elements. There are three types of lists :1. Unordered List - An unordered list starts with the <ul> tag. Each list item starts with the <li> tag. The list items are marked with bullets (typically small black circles). Ex <ul> <li>Coffee</li> <li>Milk</li> </ul> How the HTML code above looks in a browser: Coffee Milk 2. Ordered List - An ordered list starts with the <ol> tag. Each list item starts with the <li> tag. The list items are marked with numbers. Ex <ol> <li>Coffee</li> <li>Milk</li> </ol> How the HTML code above looks in a browser: 1. Coffee 2. Milk 3. Definition List - A definition list is a list of items, with a description of each item. The <dl> tag defines a definition list. The <dl> tag is used in conjunction with <dt> (defines the item in the list) and <dd> (describes the item in the list):<dl> <dt>Coffee</dt> <dd>- black hot drink</dd> <dt>Milk</dt> <dd>- white cold drink</dd> </dl> How the HTML code above looks in a browser: Coffee - black hot drink Milk - white cold drink Q4 b. What is frameset? How would you combine various framesets? Ans The splitting of a browser screen into frames is accomplished with the frameset tag.

The Frameset tags require either of the 'rows' or 'cols' attribute depending on whether the screen has to be divided into rows or columns. Frameset allows us to divide a browser screen into two or more unique regions. Each region is called a frame. Framesets are combined to have both vertical and horizontal frames together. We need to insert a frameset within a frameset. Frameset can be nested to any level. Ex <FRAMESET cols="20%, 80%"> <FRAMESET rows="100, 200"> </FRAMESET> </FRAMESET> Q4 c. How would you create a table? Describe the process of dividing the table into columns? Ans - Tables are defined with the <table> tag. A table is divided into rows (with the <tr> tag), and each row is divided into data cells (with the <td> tag). td stands for "table data," and holds the content of a data cell. A <td> tag can contain text, links, images, lists, forms, other tables, etc. Table Example <table border="1"> <tr> <td>row 1, cell 1</td> <td>row 1, cell 2</td>Ans 8b </tr> <tr> <td>row 2, cell 1</td> <td>row 2, cell 2</td> </tr> </table> How the HTML code above looks in a browser: row 1, cell row 1, cell 2 1 row 2, cell row 2, cell 2 1 Q 5a. What is a Cascading Style Sheet? What are the different ways of creating a stylesheet? Explain. Ans 5a. Cascading Style sheets (CSS) define how to display and present HTML elements. Cascading Style Sheets (CSS) is a style sheet language used to describe the presentation semantics (the look and formatting) of a document written in amarkup language. Its most common application is to style web pages written in HTML and XHTML, but the language can also be applied to any kind ofXML document. Different ways of creating a style sheet are as follows :1. Inline Inline styles are when you just insert the type of style you want inside another tag, using the style attribute. This is usually the least useful way to use CSS. <p style="width:100%; color:#660099; text-align:right; background-color:#ffcc00;" > 2. <style> Styles can also be placed in the document using the <style> tag. The <style> tag is usually placed in the head section of the document, where it will apply to the whole document.

Example <style> p { color:#009900; font-family:"comic sans ms",sans-serif; } h1 { color:#660000; font-size:12pt; } </style> 3. External styles Styles can also be set in an external style sheet which is linked to the page with a <link> tag. For example the style sheet for a site is included like this: <link rel="stylesheet" type="text/css" href="class.css" /> The advantage of doing this is that the same style sheet can be used in every page on your site. Your entire site can be updated by changing just this one file. Q6 a. Why do we need XML? What are the features of XML? What are the applications of XML? Ans The main need of XML is that it separates content from presentation. XML tags and attributes are defined to describe content and structure. This cannot be done with HTML in which tags and attributes are predefined and describe presentation. It also enables meaningful searches and provides a meaningful format for data exchange and communication. The main features of XML are:1. Easy data exchange. 2. Customized markup languages. 3. Self describing data. 4. Structured and integrated data. 5. Well formed XML documents. 6. Supports a wide variety of applications. 7. Compatible with SGML. The following are some of the many applications for which XML is useful: Web publishing: XML allows you to create interactive pages, allows the customer to customize those pages, and makes creating e-commerce applications more intuitive. With XML, you store the data once and then render that content for different viewers or devices based on style sheet processing using an Extensible Style Language (XSL)/XSL Transformation (XSLT) processor. Web searching and automating Web tasks: XML defines the type of information contained in a document, making it easier to return useful results when searching the Web: For example, using HTML to search for books authored by Tom Brown is likely to return instances of the term 'brown' outside of the context of author. Using XMLrestricts the search to the correct context (for example, the information contained in the <author> tag) and returns only the information that you want. By usingXML, Web agents and robots (programs that automate Web searches or other tasks) are more efficient and produce more useful results. General applications: XML provides a standard method to access information, making it easier for applications and devices of all kinds to use, store, transmit, and display data.

 e-business applications: XML implementations make electronic data interchange (EDI) more accessible for information interchange, business-to-business transactions, and business-to-consumer transactions. Metadata applications: XML makes it easier to express metadata in a portable, reusable format. Pervasive computing: XML provides portable and structured information types for display on pervasive (wireless) computing devices such as personal digital assistants (PDAs), cellular phones, and others. For example, WML (Wireless Markup Language) and VoiceXML are currently evolving standards for describing visual and speech-driven wireless device interfaces. Q6 b. List the advantages of XML over HTML and SGML. Ans The advantages of XML over HTML and SGML are as follows:1. In SGML, the DTD is required to be valid. XML can be delivered with or without a DTD. 2. XML was designed to maintain the most useful parts of SGML. 3. XML allows the creation of new or user defined tags. Hence it is Xtensible. 4. It enables the creation of new markup languages. 5. XML allows storage of data and is useful where implementing a full RDBMS is overkill. Q6 c. What is DTD? How would you create a DTD? Ans The Document Type Definition (DTD) defines the structure of XML documents. It allows the creation of valid xml documents. DTD is like grammar to indicate which tags are legal in XML documents. It defines rules for the following :1. Allowable tags and attributes. 2. Which tags are allowed to be nested in other tags. 3. Which tags and atrributes are mandatory or optional. 4. What values are allowed for attributes. 5. Number of occurances for tags. 6. Entity definitions. DTDs are simple text files that can be created with any basic text editor. A DTD can be declared inline inside an XML document, or as an external reference. Seen from a DTD point of view, all XML documents are made up by the following building blocks: Elements Attributes Entities PCDATA CDATA These building blocks can be used to create DTDs. Example <?xml version="1.0"?> <!DOCTYPE note [ <!ELEMENT note (to,from,heading,body)> <!ELEMENT to (#PCDATA)> <!ELEMENT from (#PCDATA)> <!ELEMENT heading (#PCDATA)> <!ELEMENT body (#PCDATA)> ]> <note> <to>Tove</to> <from>Jani</from>

<heading>Reminder</heading> <body>Don't forget me this weekend</body> </note> The DTD above is interpreted like this: !DOCTYPE note defines that the root element of this document is note !ELEMENT note defines that the note element contains four elements: "to,from,heading,body" !ELEMENT to defines the to element to be of type "#PCDATA" !ELEMENT from defines the from element to be of type "#PCDATA" !ELEMENT heading defines the heading element to be of type "#PCDATA" !ELEMENT body defines the body element to be of type "#PCDATA" Q7 a. What is XSL and why is it used? Ans 7a. XSL is a language for expressing style sheets. An XSL style sheet is, like with CSS, a file that describes how to display an XML document of a given type. The term Extensible Stylesheet Language (XSL) is used to refer to a family of languages used to transform and render XML documents. XSL is a language that can transform XML into HTML, a language that can filter and sort XML data and a language that can format XML data, based on the data value, like displaying negative numbers in red. XSL shares the functionality and is compatible with CSS (although it uses a different syntax). It also adds: A transformation language for XML documents: XSLT. XSL consists of two parts: a method for transforming XML documents a method for formatting XML documents In order to display XML documents, it is necessary to have a mechanism to describe how the document should be displayed. One of these mechanisms is Cascading Style Sheets (CSS), but XSL (eXtensible Stylesheet Language) is the preferred style sheet language of XML, and XSL is far more sophisticated than the CSS used by HTML. XSL can be used for many XML transformation and reformatting tasks. The transformation and reformatting tasks that you can do with XSL include the following: XML to HTML rendering XML vocabulary conversion XML to plain text conversion Simple XML queries

XSL can be used to define how an XML file should be displayed by transforming the XML file into a format that is recognizable to a browser. One such format is HTML. Normally XSL does this by transforming each XML element into an HTML element. XSL can also add completely new elements into the output file, or remove elements. It can rearrange and sort the elements, test and make decisions about which elements to display, and a lot more.

Q7 b. What is SAX? What are the advantages and disadvantages of SAX? Ans - The Simple API for XML (SAX) is a publicly developed standard for the eventsbased parsing of XML documents. SAX provides a mechanism for reading data from an XML document. It allows us to parse and process xml documents. It is an event driven model for processing XML content. The documents are read sequentially and callbacks are made to handlers.

Advantages of SAX:1. Do not need to process and store the entire document. (Low memory requirement) 2. Fast processing. Disadvantages of SAX:1. Limited API Every element is processed through the same event handler. There is a need to keep track of location in the document and in cases, store temporary data. 2. Only traverses the document once. Q7 c. What is DOM and how does it relate to XML? Ans - The Document Object Model (DOM) is an interface specification maintained by the W3C DOM Workgroup that defines an application independent mechanism to access, parse, or update XML data. In simple terms it is a hierarchical model that allows developers to manipulate XML documents easily. DOM is a tree representation of an XML document in memory. DOM provides a robust API to easily modify and extract data from an XML document. The objects described in the DOM allow the programmer to read, search, modify, add to and delete from an XML document. Furthermore, the DOM API can be implemented in any programming language. Q8 a. What do you mean by XML parsing? Briefly describe the parsers involved with XML. Ans - XML parsing is the process of converting an XML document into an XML DOM object which can then be manipulated with javascript. An XML Parser is a parser that is designed to read XML and create a way for programs to use XML.There are different types, and each has its advantages. The main types of parsers are SAX, DOM and pull. SAX - SAX stands for Simple API for XML. Its main characteristic is that as it reads each unit of XML, it creates an event that the calling program can use. DOM - DOM stands for Document Object Model. It differs from SAX in that it builds the entire XML document representation in memory. Thus DOM can be very memory intensive. Pull - SAX is a push parser, since it pushes events out to the calling application. Pull parsers, on the other hand, sit and wait for the application to come calling. Pull parsers are useful in streaming applications, which are areas where either the data is too large to fit in memory, or the data is being assembled just in time for the next stage to use it. Q8 b. What is the difference between XML and SGML? Explain the structure of an XML document. Ans 8b The differences are:1. XML is a significant version of SGML and was designed to maintain the most useful part of SGML. 2. XML was designed to be a subset of SGML and as a result many features and options were removed from SGML. 3. XML is a simpified version of XML. 4. SGML requires that a reference to a DTD must be valid. But XML allows for well formed data which can be delivered without a DTD. Q 9a. What is HTTPS authentication? Describe the issues related to form based authentication and HTTPS client authentication. Ans 9a. Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and

secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems. The main idea of HTTPS is to create a secure channel over an insecure network. This ensures reasonable protection from eavesdroppers and man-inthe-middle attacks, provided that adequate cipher suites are used and that the server certificate is verified and trusted. As opposed to HTTP URLs that begin with "http://" and use port 80 by default, HTTPS URLs begin with "https://" and use port 443 by default. HTTP is unsecured and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information.HTTPS is designed to withstand such attacks and is considered secure against such attacks. Everything in the HTTP message is encrypted, including the headers, and the request/response load. Q 9c. Explain ssl and tls with their working and security measures. Ans 9c. TLS and SSL are most widely recognized as the protocols that provide secure HTTP (HTTPS) for Internet transactions between Web browsers and Web servers. TLS/SSL can also be used for other application level protocols, such as File Transfer Protocol (FTP), Lightweight Directory Access Protocol (LDAP), and Simple Mail Transfer Protocol (SMTP). TLS/SSL enables server authentication, client authentication, data encryption, and data integrity over networks such as the World Wide Web. Working - TLS and its predecessor SSL make significant use of certificate authorities. Once your browser requests a secure page and adds the "s" onto "http," the browser sends out the public key and the certificate, checking three things: 1) that the certificate comes from a trusted party; 2) that the certificate is currently valid; and 3) that the certificate has a relationship with the site from which it's coming. The browser then uses the public key to encrypt a randomly selected symmetric key. Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetric key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated. Q 10 b. How do you use JDBC to modify a database? Explain with examples. Ans 10 b. JDBC is a piece of software that knows how to talk to the actual database server.

There are seven standard steps in modifying databases: 1. 2. 3. 4. 5. Load the JDBC driver. Define the connection URL. Establish the connection. Create a statement object. Execute a query or update.

6. Process the results. 7. Close the connection. Step 1: Load the JDBC driver To load the driver, you need to load the appropriate class. Most database vendors supply free JDBC drivers for their databases. Here is an example: try { Class.forName("connect.microsoft.MicrosoftDriver"); catch(ClassNotFoundException e) { System.err.println("Error loading driver: " + e); } Step 2: Define the Connection URL Once you have loaded the JDBC driver, you need to specify the location of the database server. Generally, the url format is: jdbc:vendordb:userinfo plus server host, port number and database name. Example String host = "dbhost.yourcompany.com"; String dbName = "someName"; int port = 1234; String oracleURL = "jdbc:oracle:thin:@" + host + ":" + port + ":" + dbName; Step 3: Establish the connection To make the actual network connection, pass the URL, the database username, and the password to the getConnection method of the DriverManager class, as illustrated in the following example. String username = "user"; String password = "password"; Connection connection = DriverManager.getConnection(oracleURL, username, password); Step 4: Create a Statement A Statement object is used to send queries and commands to the database and is created from the Connection as follows: Statement statement = connection.createStatement(); Step 5: Execute a Query or update Once you have a Statement object, you can use it to send SQL queries by using the executeQuery method, which returns an object of type ResultSet. Here is an example: String query = "insert into tablename values(col1, col2, col3)"; ResultSet resultSet = statement.executeUpdate(query);

Step 6: Process the Results The simplest way to handle the results is to process them one row at a time, using the ResultSets next method to move through the table a row at a time.

while(resultSet.next()) { System.out.println(results.getString(1) + " " + results.getString(2) + " " + results.getString(3)); } Step 7: Close the Connection To close the connection explicitly, you should do: connection.close(); Q11 a. What do you mean by JSP? Explain some salient features of JSP. Ans 11 a. JavaServer Pages (JSP) is a Java technology that helps software developers serve dynamically generated web pages based on HTML, XML, or other document types. JSP allows Java code and certain pre-defined actions to be interleaved with static web markup content, with the resulting page being compiled and executed on the server to deliver an HTML or XML document. JSPs are compiled into servlets by a JSP compiler. The compiler either generates a servlet in Java code that is then compiled by the Java compiler, or it may compile the servlet to byte code which is directly executable. (JSP) technology provides a simplified, fast way to create dynamic web content. JSP technology enables rapid development of web-based applications that are server- and platformindependent. Some features of JSP are as follows :1. Simplifies the process of development: It allows programmers to insert the Java code directly into the JSP file, making the development process easier. Although JSP files are HTML files, they use special tags containing the Java source code which provides a dynamic ability. 2. Portability: The Java feature of write once, run anywhere is applicable to JSP. JSP is platform independent, making it portable across any platform and therefore, mulit-platform. It is possible for the programmer to take a JSP file and move it to another platform, JSP Servlet engine or web server. 3. Because of Efficiency : As soon as the request is received, the JSP pages gets loaded into the web servers memory. The following transactions are then carried out within a minimal time period, handling JSP pages with efficiency. 4. Reusability: JSP allow component reuse by using JavaBeans and EJBs. 5. Robust: JSP offers a robust platform for web development 6. Independency of Layers: There is a clear separation between presentation and implementation layers. The HTML on the web browser of the client is displayed as a presentation layer. The JSP on the server is displayed in the implementation layer.

Q11 b. Explain the difference between JSP and ASP. Ans 11b. The major differences are as follows:1. JSP technology uses the Java language for scripting, while ASP pages use Microsoft VBScript or JScript. The Java language is a mature, powerful, and scalable programming language that provides many benefits over the Basic-based scripting languages. 2. SP technology adheres to the Write Once, Run AnywhereTM philosophy of the JavaTM architecture. Instead of being tied to a single platform or vendor, JSPtechnology can run on any Web server and is supported by a wide variety of tools from multiple vendors. On the other hand ASP uses ActiveX controls for its components, ASP technology is basically restricted to Microsoft Windows-based platforms. Offered primarily as a feature of Microsoft IIS, ASP technology does not work easily on a broader range of Web servers. 3. JSP technology enables developers to extend the JSP tags available. JSP developers can create custom tag libraries, so page authors can access more functionality using XML-like tags and depend less on scripting. Such custom tags are not available with ASP. 4. JSP provides better error handling. Java throws exceptions when it tries to process invalid methods or data. In contrast, for VBScript, the programmer must explicitly check for invalid data or an invalid result. 5. JSP uses Java and Java is a strongly-typed language and its variables must have their types declared before they are used. For VBScript, declaring variables is strongly advised but not necessary. The types are not specified for the declaration.

Q12 a. What is ASP? Write the procedure to run ASP on windows XP operating system Ans 12 a. ASP is a web application framework developed and marketed by Microsoft to allow programmers to build dynamic web sites, web applications and web services. It stands for active server pages. It runs on the IIS (Internet Information services) server. It dynamically builds documents in response to client requests. ASP files have a .asp extension. It can contain XHTML tags. When a user requests a web-page containing ASP, the web-server will parse code and send the result to the user, so the ASP code will never reach the user's browser. This is the exact opposite of JavaScript. You can use ASP code to do a lot of things: dynamically edit, change or add any content to a web-page, access and query databases, read or write files, connect to remote computers, create images. Here are some of the things we can do with asp: Dynamically edit, change, or add any content of a Web page Respond to user queries or data submitted from HTML forms Access any data or databases and return the results to a browser Customize a Web page to make it more useful for individual users The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed Provide security - since ASP code cannot be viewed from the browser Clever ASP programming can minimize the network traffic

To run ASP scripts, you must have installed Microsoft's IIS (Internet Information Services), which is a web-server included in Windows XP Professional. Follow these steps to install IIS on Windows XP: 1. On the Start menu, click Settings and select Control Panel 2. Double-click Add or Remove Programs 3. Click Add/Remove Windows Components 4. Click Internet Information Services (IIS) 5. Click Details 6. Select the check box for World Wide Web Service, and click OK 7. In Windows Component selection, click Next to install IIS After you have installed IIS follow these steps: 1. 2. 3. 4. 5. 6. Look for a new folder called Inetpub on your hard drive Open the Inetpub folder, and find a folder named wwwroot Create a new folder, like "MyWeb", under wwwroot Write some ASP code and save the file as "test1.asp" in the new folder Make sure your Web server is running (see below) Open your browser and type "http://localhost/MyWeb/test1.asp", to view your first web page

Q13 a. What is CGI? Is it a script or a program? Ans 13 a. The Common Gateway Interface (CGI) is a standard that defines how web server software can delegate the generation of web pagesto a stand-alone application, an executable file. Such applications are known as CGI scripts; they can be written in any programming language, although scripting languages are often used. CGI is a method which is used to exchange data between the server and a web client (your browser). CGI is actually a set of standards where a program or script (a series of commands) can send data back to the web server where it can be processed. Typically, you use standard HTML tags to get data from a person, then pass that data to a CGI routine. The CGI routine then performs some action with the data. Some of the more common uses of CGI include: Guestbooks Email Forms Mailing List Maintenance A CGI routine can be anything which understands the CGI standard. A popular CGI language is called PERL. In a nutshell: 1. You (the webmaster) specify a form tag which includes the name of the CGI routine. 2. You create HTML tags which retrieves data from your visitors. 3. When the visitor presses the "submit" button, the CGI routine which was specified in the form tag is executed. At this time, the CGI routine "takes control". 4. This CGI routine can get data from variable names. It retrieves the data and does whatever action is required. 5. When the CGI routine finishes, it returns control back to the web client (the browser). Yes, CGI is a script because it is normally used with Perl language. Normal convention is that code written in interpreted languages are called scripts while those written in compiled languages are called programs. Since perl is an interpreted language CGI can be said to

be a script. Q 13 b. How do you integrate CGI with HTML pages? Explain with the help of examples. Ans 13 b. CGI scripts can be easily integrated with HTML pages. The CGI script is executed when an anchor tag <A ... > or an image tag <IMG ...> refers to the CGI script file rather than a normal file. CGI scripts are usually placed in the cgi-bin directory. A CGI script can also be specified in the action attribute of a form tag. The CGI script will then be called when the form is submitted. Example - <form method="post" action="http://mysite.com/cgi-bin/myperl.cgi">. Q13 c. What is a cookie? Write a procedure for creating cookies? Ans - A "cookie" is a small piece of information sent by a web server to store on a web browser so it can later be read back from that browser. This is useful for having the browser remember some specific information.A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing text data. An example is when a browser stores your passwords and user ID's. A cookie consists of one or more namevalue pairs containing bits of information. The cookie is sent as a field in the header of the HTTP response by a web server to a web browser and then sent back unchanged by the browser each time it accesses that server. Cookies in JavaScript are accessed using the cookie property of the document object. To set a cookie, we set the document.cookie property to a string containing the properties of the cookie that we want to create: document.cookie = "name=value; expires=date; path=path; domain=domain; secure"; Example - document.cookie = "username=John; expires=15/02/2003 00:00:00"; This code sets a cookie called username, with a value of "John", that expires on Feb 15th, 2003 To retrieve all previously set cookies for the current document, you again use the document.cookie property: var x = document.cookie; This returns a string comprising a list of name/value pairs, separated by semi-colons, for all the cookies that are valid for the current document. Q 14. a. What is Java Beans? What are the elements of JavaBeans? Ans 14 a. JavaBeans are reusable software components for Java that can be manipulated visually in a builder tool.[1] Practically, they are classes written in the Java programming language conforming to a particular convention. They are used to encapsulate many objects into a single

object (the bean), so that the bean can be passed around rather than the multiple individual objects. A JavaBean is a Java Object that isserializable, has a nullary constructor, and allows access to properties using getter and setter methods. In order to function as a JavaBean class, an object class must obey certain conventions about method naming, construction, and behavior. These conventions make it possible to have tools that can use, reuse, replace, and connect JavaBeans. The required conventions are as follows: The class must have a public default constructor (no-argument). This allows easy instantiation within editing and activation frameworks. The class properties must be accessible using get, set, is (used for boolean properties instead of get) and other methods (so-calledaccessor methods and mutator methods), following a standard naming-convention. This allows easy automated inspection and updating of bean state within frameworks, many of which include custom editors for various types of properties. The class should be serializable. It allows applications and frameworks to reliably save, store, and restore the bean's state in a fashion independent of the VM and of the platform. Q14 b. Explain how javascript is integrated with various elements of html? Ans 14b. Javascript integrates very tightly with the elements of html. Javascript code can be added directly to the html page using the script tag or indirectly by adding a separate javascript file. Javascript supports event handling on the various html elements. It can trigger javascript code by various events. For example, when you pass a cursor over a link or when you click a button or interact with any other html element. Javascript provides several functions like getElementByTagName, getElementById which allow us to traverse the html document. It also has in-built functions which can manipulate the html inside the the various elements directly. Javascript can also generate dynamic content which can then be used with the html elements. All html elements can be accessed and manipulated by javascript code as per the requirement. Javascript provides several functions that allow us to access the values of various tags, be it a form, a link, a table, etc. Q15. Explain the working of EJB with a suitable diagram. Ans - Enterprise JavaBeans (EJB) is a managed, server-side component architecture for modular construction of enterprise applications. The EJB specification is one of several Java APIs in the Java EE specification. EJB is a server-side model that encapsulates the business logic of an application. The EJB specification was originally developed in 1997 by IBM and later adopted by Sun Microsystems (EJB 1.0 and 1.1) in 1999. The EJB specification intends to provide a standard way to implement the back-end 'business' code typically found in enterprise applications (as opposed to 'front-end' interface code). In a typical J2EE application, Enterprise JavaBeans (EJBs) contain the application's business logic and live business data. Although it is possible to use standard Java objects to contain your business logic and business data, using EJBs addresses many of the issues you would find by using simple Java objects, such as scalability, lifecycle management, and state management. EJBs themselves will make use of data sources, such as databases and mainframe systems, to perform the required business logic. In a Web-centric application, the EJBs will provide the business logic that sits behind the Web-oriented components, such as servlets

and JSPs. If a Web-oriented application requires a high level of scalability or maintainability, use of EJBs can help to deliver this.

Q 15 b. Describe the 5 benefits of EJB architecture to an application developer.

Ans 15. The benefits are as follows :1. The major operations of managing transactions, state, multithreading, connection pooling etc. will be managed by the EJB container. The security is also provided by theEJB container. 2. The EJB architecture is compatible with other APIs like servlets and JSPs. 3. The development of EJB applications is easy as the business logic is separated by theapplication developer and at the same time the developer can utilize the services of theEJB container.The isolation of labor in developing, deploying, administering, providers made it faster to develop an EJB application. 4. Application development made easy as the EJBspecification ensures the usability of beans developed by others can also be used in a specific application. 5. EJB provide developers architectural independence - EJB insulates developers from the underlying middleware, since the only environment an EJB developer sees is the Java environment. It also helps the EJB server/container vendor to change and make improvements on the underlying middleware layer without affecting a users existing enterprise applications. 6. It provides Write Once Run anywhere functionality - Since EJB is based on Java technology, both the developer and the user are guaranteed that their components are Write Once, Run Anywhere. As long as an EJB Server faithfully conforms to the EJB specification, any EJB application should run within that server.

Q 16 a. Explain session beans and define their lifecycle. Ans 16 a. A session bean represents a single client inside the J2EE server. To access an application that is deployed on the server, the client invokes the session bean's methods. The session bean performs work for its client, shielding the client from complexity by executing business tasks inside the server. As its name suggests, a session bean is similar to an interactive session. A session bean is not shared--it may have just one client, in the same way that an interactive session may have just one user. Like an interactive session, a session bean is not persistent. (That is, its data is not saved to a database.) When the client terminates, its session bean appears to terminate and is no longer associated with the client. A Session Bean implements a business task and is hosted by an EJB container. A session bean performs operations, such as calculations or database access, for the client. Although a session bean can be transactional, it is not recoverable should a system crash occur. Session bean objects either can be stateless or can maintainconversational state across methods and transactions. The following figure illustrates the life cycle of a stateful session bean.

The client initiates the life cycle by invoking the create method. The EJB container instantiates the bean and then invokes the setSessionContext and ejbCreate methods in the session bean. The bean is now ready to have its business methods invoked.While in the ready stage, the EJB container may decide to deactivate, or passivate the bean by using the ejbPassivate method. If a client invokes a business method on the bean while it is in the passive stage, the EJB container activates the bean, moving it back to the ready stage, and then calls the bean's ejbActivate method. At the end of the life cycle, the client invokes the remove method and the EJB container calls the bean's ejbRemove method. The bean's instance is ready for garbage collection. The following figure shows the lifecycle of a stateless bean.

Its life cycle has just two stages: nonexistent and ready for the invocation of business methods. Q 16 b. What is the difference between a stateless and stateful session bean? Ans 16 b. There are two types of session beans: stateful and stateless. Stateful Session Beans The state of an object consists of its instance variables. In a stateful session bean, the instance variables represent the state of unique client-bean sessions. The interaction of the client with bean is called as conversational state. The state is retained for the duration of the client-bean session. If the client removes the bean or terminates, the session ends and the state disappears. It is used when the bean needs to hold information about the client across method invocations. Stateless Session Beans A stateless session bean does not maintain a conversational state for a particular client. When a client invokes the method of a stateless bean, the bean's instance variables may contain a state, but only for the duration of the invocation. When the method is finished, the state is no longer retained. Because stateless session beans can support multiple clients, they can offer better scalability for applications that require large numbers of clients. Typically, an application requires fewer stateless session beans than stateful session beans to support the same number of clients. A stateless bean offers better performance. Q 17 a. What are event and event handlers? How are events handled in javascript? Ans 17 a. An event is something that happens, e.g. a mouse click on a button, an image that has loaded. Events usually occur as a result of human interaction with the browser, e.g. selecting a document to load, entering form information. Every element on a web page has certain events which can trigger a JavaScript. For example, we can use the onClick event of a button element to indicate that a function will run when a user clicks on the button. We define the events in the HTML tags. Examples of events: A mouse click A web page or an image loading Mousing over a hot spot on the web page

 Selecting an input field in an HTML form Submitting an HTML form A keystroke Event handlers are JavaScript methods, i.e. functions of objects, that allow us as JavaScript programmers to control what happens when events occur. JavaScript event handlers have 'on' before the event name, e.g. onClick, onSubmit, onLoad, onFocus. Event handlers specify what to do when a particular event occurs. Merely the occurance of an event has no meaning. With the help of event handlers we can detect events and trigger javascript code. For example, the following form has an onSubmit event handler that displays an alert message: <FORM NAME="formName" onSubmit="alert('Form submitted')"> <INPUT TYPE="SUBMIT"> </FORM> Events in javascript are handled by using various functions like :Event onblur onerror onfocus onload onreset onscroll onselect onsubmit Description An element loses focus An error occurs An element gains focus The document has completely loaded A form reset command is issued The document is scrolled The selection of element has changed A form submit command is issued A mouse button has been pressed The mouse has been moved The mouse pointer has left an element The mouse pointer has entered an element A mouse button has been released A mouse button has been clicked A mouse button has been double-clicked (clicked twice rapidly)

onmousedown onmousemove onmouseout onmouseover onmouseup onclick ondblclick

Q 17 b. What do you understand by javascript? What are the features of javascript? Ans 17 b. Javascript is a programming language that is used to make web pages interactive. It runs on your visitor's computer and so does not require constant downloads from your web site. It is primarily used for client side scripting. It is a object oriented scripting language that is dynamic, interpreted and weakly-typed. It was developed by Netscape. It can be used to make web pages more dynamic. It is the most popular scripting language on the internet and runs entirely inside the browser. It can be used to create menus, validate forms, swap images, or just about anything else you can think of to

do on a webpage. The features of javascript are as follows:1. Interpreted Language The syntax is completely interpreted by the browser just as it interprets html tags. 2. Platform independence / Architecture Neutral Javascript is completely independent of the hardware on which it works. It is a language understood by any javascript enabled browser. 3. Easy debugging and testing Since scripts are tested line by line, errors are listed as they are encountered. 4. Performance Javascript can be written such that html files are fairly compact and quite small. 5. Minimal syntax Easy to learn By learning just a few simple rules of syntax, complete applications can be built with javascript. 6. Event handling It supports event based programming. It provides event handlers for numerous events. 7. Quick development It doesn't require time consuming compilations so scripts can be developed in a short amount of time. 8. Embedded within HTML Javascript doesn't require any special or separate editor for programs to be written. HTML files with javscript embedded can be executed by any javascript enabled browser. Q18 a. What are custom tags in JSP? What are the components that make up a tag library in JSP? Ans 18 a. A custom tag is a user-defined JSP language element. When a JSP page containing a custom tag is translated into a servlet, the tag is converted to operations on an object called a tag handler. The Web container then invokes those operations when the JSP page's servlet is executed. They are defined in Tag of package javax.servlet.jsp.tagtext Custom tags have a rich set of features. They can 1. 2. 3. 4. Be customized via attributes passed from the calling page. Access all the objects available to JSP pages. Modify the response generated by the calling page. Communicate with each other. You can create and initialize a JavaBeans component, create a variable that refers to that bean in one tag, and then use the bean in another tag. 5. Be nested within one another, allowing for complex interactions within a JSP page. JSP technology provides a mechanism for encapsulating other types of dynamic functionality in custom tags. Custom tags are usually distributed in the form of a tag library, which defines a set of related custom tags and contains the objects that implement the tags. Some examples of tasks that can be performed by custom tags include operations on implicit objects, processing forms, accessing databases and other enterprise services such as e-mail and directories, and performing flow control. A tag library is a collection of custom tags. Q18 b. What are the different types of implicit objects used in jsp? Explain in brief. Ans 18 b.JSP provides certain implicit objects, based on the Servlet API. These objects are access using standard variables, and are automatically available for use in our JSP without writing any extra code. Since these objects are created automatically by the container and are accessed using standard variables; hence, they are called implicit

objects. The implicit objects available in a JSP page are: request, response page, session, application pageContext config out exception The request Object The request object has request scope, and is an instance of the javax.servlet.ServletRequest class. It encapsulates the request coming from the Client and being processed by the JSP. It is passed to the JSP by the container as a parameter of the _jspService( ) method. It has request scope. The response object The response object has page scope, and is an instance of javax.servlet.ServletResponse It encapsulates the response generated by the JSP to be send back to the client in response to the request. It is generated by the container and passed to the JSP as a parameter to the _jspService( ) method, where it is modified by the JSP. It is legal to set HTTP status code and headers in the JSP page once output has been send to the client, as JSP output streams are buffered by default. The pageContext objects The pageContext provides a single point of access to many of the page attribute and is convenient place to put shared data within the page. It is of type javax.servlet.jsp.pageContext and has page scope. The session object The session object represents the session created for the requesting client. Session are created automatically, and a new session is available even when there is no incoming session (unless, of course, you have used a session=false attribute in the page directive, in which case this variable will not be available). The session object is of type javax.servlet.http.HttpSession and has session scope. The application object The application object represents the servlet context, obtained from the servlet configuration object. It is of type javax.servlet.ServletContext and has application scope. The out object The out object is the object that writes into the output stream to the client. To make the response object useful, this is a buffered version of the javax.servlet.jsp.JspWriter.The buffer size can be adjusted by the

buffer attribute of the page directive. The config object The config is the ServletConfig for the JSP page and has page scope. It is of type javax.servlet.ServletConfig. The page object The page object is an instance of the pages implementation servlet class that is processing the current request. It is of type java.lang.Object, and has page scope. The page object can be thought of as a synonym to this within the page. Q 19 a. Explain the relationship between applet, servlet and JSP? Ans 19 a. There are three primary ways to create client interfaces to Java programs that are delivered over the Internet: applets, servlets, and Java Server Pages (JSP). Applets run within a client browser, while servlets and JSPs run on the Web server machine. Each method provides certain advantages and disadvantages in relation to the others. Applets are better suited for high functionality Intranet and Extranet applications, where download times are not a factor. Servlets and JSP pages are more appropriate for Internet and Extranet applications where the majority of the users may accessing the sight through a modem connection. Applets - Applets are small programs that are downloaded into a Java Enabled Web Browser. The downloaded applet has very limited access to the client machines file system and network capabilities. These limitations ensure that the applet cant perform any malicious activity on the client's machine, such as deleting files or installing viruses. By default, a downloaded applet cannot read or write files from the file system, and may use the network only to communicate back to the server of origin. They greatly enhance user interface available through a web browser. On the downside, they take a long time to download. Servlet - A servlet is a Java program that runs in conjunction with a Web Server. A servlet is executed in response to an HTTP request from a client browser. The servlet executes and then returns an HTML page back to the browser. Servlets handle multiple requests. Servlets do not run on the client, all execution takes place on the server. While, they provide the advantages of generating dynamic content, they do not levy the same download time requirement as applets. Since they deliver HTML pages to their clients, the user interface available through a servlet is limited by what the HTML specification supports. JSP - JSPs are text documents that describe how a server should handle specific requests. A JSP is run by a JSP Server, which interprets the JSP and performs the actions the page describes. Frequently, the JSP server compiles the JSP

into a servlet to enhance performance. The server would then periodically check the JSP for changes. The JSP specification is an extension of the servlet specification. JSPs have the same advantages and disadvantages as servlets when compared to applets. It is easy to develop and maintain when compared to servlets. Initial access is slower than servlets. Q 19 b. What is a scriplet? Show the use of jsp scriplets with the help of suitable examples. Ans 19 b. A scriptlet contains Java code that is executed every time a JSP is invoked. When a JSP is translated to a servlet, the scriptlet code goes into the service() method. A scriptlet is written between the <% and %> tags and is executed by the container at request processing time. It is a piece of java code embedded in jsp code. A scriptlet can contain any number of language statements, variable or method declarations, or expressions. According to Sun, you can do the following things with the help of scriplets:6. Declare variables or methods to use later in the file. 7. Use any of the JSP implicit objects or any object declared with a <jsp:useBean> tag. 8. Write any other statement that is valid in the page scripting language (if you use the Java programming language, the statements must conform to the Java Language Specification). Scriptlets are executed when the JSP engine processes the client request. If the scriptlet produces output, the output is stored in the out object, from which you can display it. Example <HTML> <BODY> <% // This scriptlet declares and initializes "date" System.out.println( "Evaluating date now" ); java.util.Date date = new java.util.Date(); %> Hello! The time is now <% // This scriptlet generates HTML output out.println( String.valueOf( date )); %> </BODY> </HTML> Q 19 c. With the help of an example, explain how jsp connects to a database.

Ans 19 c. <html> <head><title>Enter to database</title></head> <body> <table> <%@ page import="java.util.*" %> <%@ page import="javax.sql.*;" %> <% java.sql.Connection con; java.sql.Statement s; java.sql.ResultSet rs; java.sql.PreparedStatement pst; con=null; s=null; pst=null; rs=null; String url= "jdbc:jtds:sqlserver://localhost/yourdatabasename"; String id= "username"; String pass = "password"; try{ Class.forName("net.sourceforge.jtds.jdbc.Driver"); con = java.sql.DriverManager.getConnection(url, id, pass); } catch(ClassNotFoundException cnfex){ cnfex.printStackTrace(); } String sql = "select * from myTable"; try{ s = con.createStatement(); rs = s.executeQuery(sql); %> <% while( rs.next() ){ %><tr> <td><%= rs.getString("cust_id") %></td> <td><%= rs.getString("rdate") %></td> <td><%= rs.getString("email") %></td> </tr> <% } %> <% } catch(Exception e){e.printStackTrace();}

finally{ if(rs!=null) rs.close(); if(s!=null) s.close(); if(con!=null) con.close(); } %> </body> </html> Code explanation - The objects of type Connection, ResultSet and Statement are associated with the Java sql. "con" is a Connection type object variable that will hold Connection type object. "rs" is a ResultSet type object variable that will hold a result set returned by a databasequery. "s" is a object variable of Statement .Statement Class methods allow to execute any query. Connection to database: The first task of this programmer is to load database driver. This is achieved using the single line of code : Class.forName("net.sourceforge.jtds.jdbc.Driver"); The next task is to make a connection. This is done using: con = java.sql.DriverManager.getConnection(url, id, pass); The driver manager class returns the connection object. Executing Query or Accessing data from database: This is done using : s = con.createStatement(); rs = s.executeQuery(sql); Next use the executeQuery() method to execute an sql statement which returns a single resultset object. Next we simply read the values from the resultset using while(rs.next()). After printing the result we close the connection at the end. 21. Write short of the following:a.) E-mail:- Electronic mail, commonly called email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. An email message consists of three components, the message envelope, the message header, and the message body. The message header contains control information, including, minimally, an originator's email address and one or more recipient addresses. Usually descriptive information is also added, such as a subject header field and a message submission date/time stamp. E-mail is sent using the SMTP protocol and can be recieved by POP or IMAP protocols. These days almost all email providers provide the ability to use HTML along with plain text for the body of the emails. b.) Web Browsers:- A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier (URI) and may be a web page, image, video, or other piece of content. Although browsers are primarily intended to access the World Wide Web, they can also be used to access information provided by Web servers in private networks or files in file resources to file systems systems. A Web browser is a software program that interprets the coding language of the World Wide Web in graphic form, displaying the translation rather than the coding. This allows anyone to browse the Web by simple point and click navigation, bypassing the need to know commands used in software languages. Mosaic was the first successfull graphical web browser. It enables computers users to locate and access web pages. Browsers translates the basic HTML

(Hypertext Mark Up Language) code that allows us to see images, text videos and listen to audios on websites, along with hyperlinks that let us travel to different web pages. The browser gets in contact with the web server and requests for information. The browser receives the information and displays it on the computer. Example Mozilla Firefox, Internet Explorer, Opera, Lynx, etc. c.) Search Engine:- A web search engine is designed to search for information on the World Wide Web. The search results are usually presented in a list of results and are commonly called hits. The information may consist of web pages, images, information and other types of files. It as an application that searches for, and retrieves, data based on some criteria, especially one that searches the Internet for documents containing specified words. A search engine is a set of programs which are used to search for information within a specific realm and collate that information in a database. There are three aspects to a search engine: crawling, indexing, and searching. When a search engine crawls, it looks for new content which was not present during the last crawl, including updates to files and web pages. Then, the programs index the information, pulling out specific keywords to categorize it. On the Internet, for example, indexing relies heavily on keywords in web pages, and meta tags which provide information about the page. Once the information has been indexed, information about how to access it is stored in a database. d.) Telnet:- Telnet is a protocol that allows you to connect to remote computers (called hosts) over a TCP/IP network (such as the Internet). You use software called a telnet client on your computer to make a connection to a telnet server (i.e., the remote host). Once your telnet client establishes a connection to the remote host, your client becomes a virtual terminal, allowing you to communicate with the remote host from your computer. In most cases, you'll need to log into the remote host, which requires that you have an account on that system. Telnet has evolved into a new modern version of remote control called 'SSH'. It is a network protocol that allows a user on one computer to log on to another computer that is part of the same network. e.) Gopher:- The Gopher protocol is a TCP/IP Application layer protocol designed for distributing, searching, and retrieving documents over the Internet. Software using this protocol was a predecessor of (and later, an alternative to) the World Wide Web. It is a distributed information system similar to the World-Wide Web, but less versitile and generally used only for text files. Gopher is also the name of a gopher client program available on most UNIX-based systems. It is a menu-based system used fororganizing and retrieving files and programs on the Internet. Gopher allows access to files found on FTP servers, as well as to files normally accessed through Telnet. e.) Web Security:- Web security comprises of all the dangers of putting up a Web page on the internet. It is a major problem in today's world with new viruses being released everyday. Viruses and malware find the web to be a thriving ground for their propagation. Unsuspecting users may be caught off-guard and have their security comprimised leading to loss of data or even theft like credit card theft. Throughout the history of the internet it has been seen that the viruses which spread most use the e-mail services provided by the web to propagate. Hackers can use it to get access to your system and steal or damage your data. From invasions of privacy to actual hackers cracking web security is a very important aspect. The steps that users can take to improve their web security is awareness (hackers thrive on ignorance of the users), use of a firewall and other internet security packages, encryption, etc.