Document object model Essay

DOM

The papers object theoretical account is a platform independent combination of JavaScript, X/HTML and CSS. It is used for updating and dynamically making content on web pages without the demand to review the page. It is besides used for inspiring objects and doing them available for the user to interact with. DOM is the replacement to DHTML, which has been used since the early web browsers like Internet adventurer 4, and Netscape 4. DOM is going more supported by web browser developers as an effort to make a standard theoretical account. The theoretical account is split into three parts: presentation of informations ( HTML ) , use of informations ( JavaScript ) and the styling of informations ( CSS )

Rather than utilizing in-line manners to dynamically update parts of the page the JavaScript can entree elements from the page and barter values, manipulate informations, delegate new categories and much more. This is of import for maintainability. Should the page of all time be redesigned, the interior decorator wo n’t hold to worry about altering any ( or much ) JavaScript. DOM can make many other things, like validate signifiers on the fly without holding to direct the information to server-side. This increases the serviceability of the site, and can greatly better the users ‘ experience

Some of the old drawbacks of DHTML can be handled better now. Less clip can be spent observing the users ‘ type of browser and composing different codification for each one. DOM does n’t blindly trust on the user holding JavaScript enabled any longer. The developer can now gracefully degrade by including normal content, like pilotage links etc. Because the JavaScript is non straight embedded in the HTML it can be used merely when available as a manner to increase serviceability

DOM is a nice manner to present some object orientated programming to net pages, as every page is read like a tree construction of objects, or more normally known as elements or “nodes” , and can be manipulated.

Client side scripting vs. Server side scripting

Client side and server side scripting differ in many ways and both have their ain advantages and disadvantages. There are many different ways to accomplish both, and the best attack would likely be to utilize them together

Server side scripting requires that the waiter will back up the linguistic communication chosen to compose the books. The most popular are PHP, ASP and JSP, with CGI books written in linguistic communications like Perl, Python and Ruby following. Puting up a waiter or inquiring a host to back up a linguistic communication is an advantage over client side scripting, as the developer has no control over what the users ‘ browser will back up

Another advantage is that server side scripting is more powerful in what it can make. It can interact with databases and it does n’t necessitate the excess work that JavaScript does to guarantee that it will work in all browsers

There are disadvantages excessively. One is that scripting becomes harder as more work is involved, normally affecting some sort of templet engine and doing the codification more secure through regular updates. Security can be increased by seting the books outside the web root directory, where merely the waiter may entree them when required

Client side scripting can be in the signifier of JavaScript, VBscript and other less common linguistic communications like Flex. Some advantages include the ability to lade dynamic content and update pages without the demand to review web pages. This decreases the set breadth and the needed processing power on the waiter and can greatly better public presentation for big sites. It can besides bring forth more attractive web pages

There are many disadvantages though. The biggest is that the client must hold the needed circuit board, although this can be handled easy by supplying alternate content in & lt ; noscript & gt ; tickets. Another manner to work around this is to utilize both server side and client side books. DOM could be used to direct signifier information to a PHP book which would return the consequences and the page could be dynamically updated. If JavaScript is non enabled by the client, the signifier could still be processed by the PHP book and a consequence would be returned by lading a new page

Another disadvantage is that client side scripting linguistic communications do non back up database interactivity on their ain because the beginning codification is viewable by anyone through the browser. This would non be suited on its ain for a database driven web site

Client side books besides increase lading clip, and a page with many separate books may take a long clip to lade. Server side scripting frequently does n’t hold this job as the codification is normally written by a professional coder who has entree to server resources like memcache.

Plugins

Other types of plugins are available, like media participants that support assorted different MIME types. Some of these are: Windows media participant, QuickTime, Divx participant and many more. Quite frequently some media types will work across several media participant plugins

Another popular browser plugin is Acrobat reader by Adobe. Plugins like this are great for developers in many ways. A book can be written that easy converts informations like XML, HTML and natural informations from a database into.pdf format. Acrobat, like many other plugins, besides works on many runing systems

Again though, this requires that the client has the plugin, which can impair usability if the client has to first download the plugin before they can utilize the web site. Plugins like Flash, Silverlight and Acrobat can take a long clip to download information. A suited hole for this job would be to supply informations in surrogate signifiers, like field HTML, for clients with dial-up or limited bandwidth connexions.

Implanting books

JavaScript can be embedded in a few ways. The most common manner for big books is to set them in their ain file which has a.js extension. The file is so included utilizing normal book tickets, but with an excess statement “src” which points to the external file. Including books in the & lt ; caput & gt ; subdivision of the papers means that the book is loaded when the web page tonss, and can be used immediately

The most popular method for implanting smaller books is to type the codification straight in the & lt ; caput & gt ; subdivision, inside & lt ; book & gt ; tickets. This besides pre-loads the book doing it accessible immediately

JavaScript can besides be embedded within the organic structure of the page, which can be utile if the codification may non be needed at all. It will merely lade when prompted by user input.

Differences between linguistic communications

PHP is a powerful linguistic communication and so is JavaScript. Both can accomplish some similar consequences, and at the same clip hold differences and similarities. Here are some of them:

PHP can entree many unfastened beginning libraries, like the GD image library and Zend optimiser and has many, including these, already available after installing. Excess libraries can be activated by merely redacting the php.ini file. PHP besides includes many maps similar to the C linguistic communication. Where as many JavaScript maps will be new to even an experient coder. JavaScript does non hold libraries, but there are many free books and models available. JavaScript can be harder to larn because the sentence structure is less clear and many developers optimise their codification by utilizing short variable names and packing codification into merely a few lines. PHP is easier to larn, and this is made easier with all the available libraries that do a batch of the work for you

Development can be easier with JavaScript because all you need to prove it is a browser and a text editor. PHP requires a waiter or a practical waiter environment like XAMPP

Type checking in JavaScript is rigorous and mistakes can rapidly be identified and corrected. PHP is more indulgent and can take some clip before the mistake is found and fixed, this can do unusual behavior in computations. Variables in JavaScript must be parsed to another format before they can be used, whereas PHP allows some variables to be used in multiple formats

Mistake managing in PHP is more intuitive, as it will give an account and give waies to where the mistake occurred. JavaScript does non supply any information about mistakes, which could be a job when users report an mistake and ca n’t supply inside informations. This job could be solved by utilizing a browser plugin that debugs JavaScript though

In general, the two linguistic communications ca n’t truly be compared reasonably as they were designed for different intents. The best thing to make is to utilize both and use one when it is most suited.

Security issues

Both engineerings have security issues, and have to be handled with attention. Some of the most common security issues are SQL injection, cross site scripting and security holes within the books that allow entree to the waiter

When programming any linguistic communication for the web, we need to do certain to ne’er swear user input. Everything should be validated and escaped, as SQL injection and cross site scripting rely on come ining codification to the application that can recover inside informations or grant entree to private countries. This is most of import to sites that store sensitive information about the user, like bank history inside informations. Badly coded CGI books may besides uncover information about the web waiter that an interloper could utilize to their advantage. Scripts that read and write files on the system should be exhaustively tested for security issues

Knowing when to code information is besides of great importance. Any sensitive information should be encrypted for theodolite as it could be intercepted by a 3rd party, frequently known as a “middle adult male attack”

File permissions besides play a big function in security. Generally, books should non be writable, and are frequently better placed outside of the web root directory

Not merely do server side books affect security, client side books need to be safe for the user. We need to do certain that the book wo n’t do the clients browser to crash, or do any alterations to their computing machine. Search engines like Google now flag sites as potentially unsafe if they try to alter the computing machine in any manner. This could look really bad for your site! Normally a warning is sent to the webmaster and there is a opportunity to repair the job before the site is banned and removed from the database

Other things like Sessionss and cookies must be handled carefully every bit good. Cookies should non incorporate any login information unless it is good encrypted. Third parties or the client themselves could easy modify the information. Sessions and cookies should hold a default expiry clip so that person utilizing a public computing machine need n’t worry if they forget to log out of a site.