"> [HTML]

SHTML

Server-side operations are supported by some web servers. Because they are executed on the server they are not part of the http protocol and a server can, in principle, implement any server-side operations that its author(s) care to provide.

Efficiency

Server-side operations place an extra load on the server because it must read and parse the source file and perform the operations rather than simply copying the source file to the output. This is one reason why they might be disabled.

Security

Server side includes, for example, could cause security loop-holes if not implemented carefully: User A on a system might `include' user B's file in a page but B might not want that file to escape to the whole world wide web. For this reason there are often restrictions on what files can be included, e.g. must be in a sub-directory of the page doing the including; the virtual attribute is more versatile and can refer to any(?) source that the server can also deliver by http.

The possibility of running operating system commands or computer programs is even more hazardous as the server runs as a particular "user" and such commands might damage the server's files. Such options are therefore severely restricted.

Syntax

The syntax of (standard) server side operations is that they are given inside HTML comments: <!-- ... -->. If the operations are disabled on the server, the raw HTML will be sent to the client (browser) and, being a comment, any such operation will be ignored by the client. Also, if browsing local files and not going through the web-server then obviously an operation cannot be acted upon by the server and will have no effect.

Echo, Dates etc.

<!--#echo var="..."--> can be used to print the value of certain variables in the HTML page.

Effect raw SHTML
The date is: . The date is: <!--#echo var="DATE_LOCAL"-->.
GMT: GMT: <!--#echo var="DATE_GMT"-->
DOCUMENT_NAME: DOCUMENT_NAME: <!--#echo var="DOCUMENT_NAME"-->
SERVER_NAME = SERVER_NAME = <!--#echo var="SERVER_NAME"-->
(A CGI Environment Variable)
DOCUMENT_URI: DOCUMENT_URI: <!--#echo var="DOCUMENT_URI"-->
Together the last two give the URL:
LAST_MODIFIED: LAST_MODIFIED: <!--#echo var="LAST_MODIFIED"-->
And now some CGI Environment Variables:
SERVER_SOFTWARE = SERVER_SOFTWARE = <!--#echo var="SERVER_SOFTWARE"-->
GATEWAY_INTERFACE = GATEWAY_INTERFACE = <!--#echo var="GATEWAY_INTERFACE"-->
SERVER_PROTOCOL = SERVER_PROTOCOL = <!--#echo var="SERVER_PROTOCOL"-->
SERVER_PORT = SERVER_PORT = <!--#echo var="SERVER_PORT"-->
REQUEST_METHOD = REQUEST_METHOD = <!--#echo var="REQUEST_METHOD"-->
PATH_INFO = PATH_INFO = <!--#echo var="PATH_INFO"-->
PATH_TRANSLATED = PATH_TRANSLATED = <!--#echo var="PATH_TRANSLATED"-->
SCRIPT_NAME = SCRIPT_NAME = <!--#echo var="SCRIPT_NAME"-->
QUERY_STRING = QUERY_STRING = <!--#echo var="QUERY_STRING"-->
REMOTE_HOST = REMOTE_HOST = <!--#echo var="REMOTE_HOST"-->
REMOTE_ADDR = REMOTE_ADDR = <!--#echo var="REMOTE_ADDR"-->
AUTH_TYPE = AUTH_TYPE = <!--#echo var="AUTH_TYPE"-->
REMOTE_USER = REMOTE_USER = <!--#echo var="REMOTE_USER"-->
REMOTE_IDENT = REMOTE_IDENT = <!--#echo var="REMOTE_IDENT"-->
CONTENT_TYPE = CONTENT_TYPE = <!--#echo var="CONTENT_TYPE"-->
CONTENT_LENGTH = CONTENT_LENGTH = <!--#echo var="CONTENT_LENGTH"--> < /TD>
HTTP_REFERER = HTTP_REFERER = <!--#echo var="HTTP_REFERER"-->

Include

The following text (see box) comes from another file and is incorporated into this page by the use of the `#include' server-side (shtml) tag, <!--#include file="...."-->

this <!--#include virtual="...."--> has the same effect:

and is more versatile.

The above included text comes from [this file (click)].

And here is a [.shtml] file included:
Do the #echos refer to the includer (this) or to the [included] file-name?-)

The source of this page is [here], actually a symbolic-link to the shtml source of this page.

Also see [JavaScript/Navigator/].

Copyright © L.Allison Department of Computer Science, Monash University, Australia 3168 / 1997