Developing Web Applications
Developing Web Applications |
|
The standard method of interacting with Web pages is the HTML form. Forms can contain any number of inputs, including text entry, command buttons, “radio” selection controls, and check boxes. Forms can be as simple as a single button, or they can contain a complex layout of client-side controls. A Web page might have several distinct form structures, each with its own processing logic to be performed when the form is submitted.
Suppose you want your users to log on to your Web application by providing a user name and password. To accomplish this task, you create a simple HTML page with two text fields and a Submit button in an HTML form.
The HTML for the form might look like the following example:
<FORM ACTION="./Logon.asp" METHOD="GET">
Your name: <INPUT TYPE="TEXT" NAME="User">
Your password: <INPUT TYPE="PASSWORD" NAME="Pwd">
<INPUT TYPE="SUBMIT" VALUE="Log On">
</FORM>
When this form is submitted, the values that the user enters are collected and sent to the server as a request. These values are passed as name/value pairs to the page referenced in the ACTION attribute of the <FORM> tag. They are appended to the requested URL after a question mark (?) and are separated by ampersands (&). If the user had entered “John Doe” as the user name, and “Amnesia” as the password, the following URL would be requested when the Submit button was clicked.
http://myServer/test/Logon.asp?User=John+Doe&Pwd=Amnesia
Any information appended to the URL like this is said to be URL encoded. URL encoding replaces reserved characters, like spaces and ampersands, with URL-neutral characters. The space in “John Doe” is replaced by a plus character (+). Pluses, equal signs, commas, percent symbols, and question marks also need to be encoded. These and other special characters can be represented in the format %hh, where hh is the hexadecimal value of the ASCII code for that character.
ASP provides a server-side method, Server.UrlEncode, to perform encoding (and decoding) for your parameterized URLs. Whenever you create hyperlinks that contain name/value pairs, you should always encode them to avoid invalid URL syntax. Unfortunately, you cannot use this ASP method on the client, since it is a method of a server-side object. You could write a client-side script function to do this, but it’s easier to let the form processing logic of the browser do it for you.
See the following: