Server side languages can be used to assist users with accessiblity needs such as text size, color, font and other visible and audible requirements. These can be done via storing a clients needs with their account keeping a website accessible no matter what machine they are using or if they request another page on the site, all requirements can be stored along side their details and then the pages they visit modified specifically for their needs.
PHP is a server-side language used for general-purpose programming however mainly focused on web development. PHP or Hypertext Preprocessor (Originally Personal Home Page) was created by Rasmus Lerdorf, however, is now solely developed by The PHP Development Team.
Active Server Pages was developed by Microsoft as their first server side scripting framework, it uses VBScript as its language and also runs with .NET extension in its 2nd form. ASP uses the .asp file type whereas ASP.NET uses .aspx file type. Because ASP was developed by Microsoft it is only compatible with Windows operating systems eliminating two thirds of the OS market (macOS and Linux). Because of this ASP is very rarely used unless for internal systems on Windows infrastructure.
JavaServer Pages was developed to dynamically generate HTML webpages from a XML datasource. JSP is very similar to PHP and ASP however uses the Java programming language. JSP was released in 1999 by Sun Microsystems.
Perl was developed by Larry Wall in 1987 as a Unix scripting language for general purpose use and focused on report processing. Perl is not a acronym however has been given a meaning by the community: “Practical Extraction and Reporting Language”.
Content Mangement System
A CMS is a computer application that allows for user collaboration on a centralised database of content, this data can be moified, generated and deleted allowing for the front end to be generated accordingly. The most well known CMS is WordPress which was orginally just a blog framework which has now evolved into a full CMS for any site. PHP is best suited when creating a CMS because it allowd for the use of either event driven, proccedure or object oriented programming meaning classes and funtions can be used to reduce the code base and modulise the system.
Storing User Statistics
Using server side scripting languages and database engine statistics can be generated automatically without vistor actions. Ad adgentcys use this technique to track clicks to then generate revenue for the webmaster and the adgency. Other statistics include page views, view time, vistor location. Google Analytics generates all this and more to help webmasters know their audience and adapt the content to suit.
Amazon is a great example for how shopping carts work, the items in the cart are stored alongside the clients details allowing for the carts contents to be avaliable on all devices and not just one which is the restriction of using client side solusions like cookies. The downside to server scripting carts is the page must reload when modifying the contents.
User Profile Management
Many sites allow for accounts to be created so users can interact with many components of the site. Because the users are being stored in a database this means that other details can be stored like theme, text color/size/style and many other personalisation features. Using server side scripting the page can be modified depending on the users settings.
Using clientside scripting allows for many web apps to function with interactive elements such as image and video editing, games and utilitys however lack the ability to contact server databases and server stored files without making additional requests after the page load. Serverside scripting allows for these such requests however all data must be added before the page is loaded (except for AJAX which is a mix between client and server scripting). Becuase of this blogs, wikis and news site are just a few of what can be made using server side scripting as they all have data stored on the server which is used to generate pages on request.
Both server side and client side languages have benefits depending on the use case they exist in. If the webpage uses mainly serverside scripting then the stress put on the client machine is minimal as all the computational efforts are done by the server and not the browser engine. However, this does cause there to be increased delay between the inital request and when the page is recieved. clientside scripting is quicker on load times however can mean that parts of the website load slower than others causing a building look to occur. A serverside page is sent as one so appers all at once with no delay between elements, similar to how a image loads pixel by pixel.
Using both server side and client side scripting can help add functionality to any website or app. Using PHP allows for permanant storing of data and details via a database engine like MySQL. Client side scripting doesn’t have the ability to access server side content however allows for intractivity on the page after the page load allowing for the creating and use of web apps like social media sites and utilities. The best situation for a website is to utilise both server and client side scripting languages to both allow for aditional functionality and support while allowing for interactivity. Sites such as Facebook use server side scripting to load and save posts and profile data so no matter where or what you are visiting the site on it looks identical with no data differences. Facebook also use client side scripting to allow for menus and additional content to be displayed and removed without forcing the page to refresh. AJAX is a new technology that allows for server requests to be made without the whole page refreshing as it utilises both scripting sides to work together however still requires a internet connection. This is why many web apps use purely client side scripts to function offline using service workers and other offline technologies baked into newer browsers. Many validation checks use both PHP and JS together to get the best of both worlds. JS allows for instant feedback on validity however can be disabled therefore allowing for bad data unless there is another wall of defence which is PHP doing the same checks server side, however using PHP alone would be a bad idea as well because it doesnt allow for instant feedback causing bad UX design to occur.
Expolitation can occur when servers are tasked with executing commands into a SQL database. Without correctly implemented safeguards to prevent malicious code execution. Within PHP their are mysql_ functions to remove tags, and ensure that input data is parsed as data and not as commands.
Cross Site Scripting
XSS is similar to SQL injection however instead of modifying server files it modifies client files which are served to the user. Examples of XSS can be un parsed GET varaibles allowing for any HTML/JS of being ran on a website or third-party scripts such as adverts adding malicilous code to a website unknowingly.
Backdoors can be implemented by developers allowing them forced entry into any website, this can be in the form of a god account in a CMS for a specific security hole they may leave one gaining access to a infrasructure first time.
Many sites are using https:// to serve users with the requested pages. This uses SSL to secure the data between the sender and the reciever. If incorrect encryption or none at all is used then this data can be compramised while in transit and data stolen such as usernames, passwords and sensitive user data.
Currently the most used database engine is MySQL. MySQL has many iterations to make it as secure and bug free as possible however there are still security holes in it and therefore it is possible for malicious users to gain access unless additional safeguards are put in place. If these are not put in place then arbitory code could be executed and data loss could occur.
Click fraud is a type of fraud that occurs on the Internet in pay-per-click advertising. This can be forged by either using bots (client PCs which are forced to click on adverts) or actual traffic to click on the ads and generating clicks for the site and forcing the advertisers to pay for each click. Using bots is against the terms of many ad agencys however its near imposible to track genuine users from clicking the ads if they were forced by the site, this can be fake close ad buttons or ad popups, sites using these tactics are however being detected by search engines now and results weakened.