+4474648-84564 Unit 53 Web Server Scripting
· Aim and purpose
To enable understand and use web server scripting and investigate the common issues surrounding its use.
· Unit introduction
When designing and building websites, a key issue for developers is the amount of control they can exert over how tasks are carried out. Client-side scripting embedded in web pages can give additional functionality but, because the code is executed after the page has been loaded, there is little control and this approach can lead to hacking vulnerabilities and errors.
Web server scripting is code written ‘server-side’ and executed before the page is loaded. This means that complex tasks can be created and programming is generally more secure. The skills and knowledge developed in this unit are particularly valuable because security and reliability are common issues for businesses.
The types of operation that can be influenced include handling files on the server, security systems such as password protection, and accessing databases. Server scripting can be used, for example, to gather statistics about the website, including how many visitors have viewed each page. Data such as this can be used to generate revenue from people wishing to advertise on a popular website.
Another function that web server scripting can relate to is the use of environmental arguments. The user’s computer system is scanned to obtain their screen resolution, browser type and other information. Each web page in a website can be made several times to suit a variety of environments. The user is then automatically redirected to the page which best suits their environment. This facility can enhance user enjoyment but has ethical implications if used inappropriately.
Learners will understand the principles of server-side web scripting
and be able to create functionality using a web server script. Learners should
also understand the security and ethical issues surrounding this area of IT.
· Learning outcomes
On completion of this unit a learner should:
- Understand the principles of web server scripting
- Be able to use web server scripting
- Understand the issues affecting web server scripting.
Unit content
1 Understand the principles of web server scripting
Web server scripting languages: server-side versus client-side; web server scripting languages eg ASP, JSP, PHP, Cold Fusion, Perl, Ruby on Rails, Django
Functionality: functions eg shopping cart, reserve order, manage user profile, web content management, upload files, website analysis
Features: advantages eg interpreted scripts as alternative to compiled code, run as lower overhead code inside web server plugins, hide web server interface inside economical APIs; disadvantages eg increased complexity, reduced performance, code is interpreted not compiled
Accessibility: features eg alternative text, resizable fonts, support for screen readers, adjustable fonts.
2 Be able to use web server scripting
Programming: functionality eg file manipulation such as uploading, security features such as login systems and error logging, accessing databases, generating statistics, environmental arguments
Documentation: requirements specification; internally documented code
Testing and debugging: test plan structure eg test, date, expected result, actual result, corrective action; error messages; other eg specialist software debugging tools
3 Understand the issues affecting web server scripting
Security: specific problems eg coding vulnerabilities, bad scripting leaving backdoors, SSL, password liabilities
Ethical: issues eg scanning PCs without consent, faking statistics to
obtain advertising deals based on visitor numbers
Assessment and grading criteria
In order to pass this unit, the evidence that the learner presents for assessment needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria for a pass grade describe the level of achievement required to pass this unit.
| Assessment and grading criteria | |||
| To achieve a pass grade the | To achieve a merit grade | To achieve a distinction | |
| evidence must show that | the evidence must show | grade the evidence must | |
| the learner is able to: | that, in addition to the pass | show that, in addition to the | |
| criteria, the learner is able | pass and merit criteria, the | ||
| to: | learner is able to: | ||
| P1 explain the principles of web server scripting | M1 compare server-side and client-side scripting | D1 evaluate the combined use of client and web server scripting | |
| P2 use web server scripting to identify a user’s browser and screen resolution | |||
| P3 | upload files to a web server using web server scripting | M2 edit the content of a text file on a web server using web server scripting | |
| P4 | implement, test and | M3 create a multi-user, dynamic login system using web server scripting | |
| document a simple login | |||
| system using web server | |||
| scripting | |||
| P5 | implement, test and document a web content management system to meet a defined need | M4 implement an error log for a website using web server scripting. | D2 create a web application to generate website statistics using web server scripting |
| P6 | explain the issues surrounding web server scripting. | D3 recommend ways to improve web security when using web server scripting. |
Essential guidance for tutors
Delivery
Learning outcome 1 could define what web server scripting is and what languages are used, together with an appreciation of what can be carried out server side as opposed to client side. It is probably easiest to deliver this by whole-class teaching, possibly backed up with handouts and using some directed study to add interest.
This basic understanding will lead into the advantages of web server scripting. A useful method is for the class to put forward their ideas of advantages, possibly in small groups feeding back to the whole, and then for the tutor to lead a discussion on the items they put forward. The tutor can ensure that the final list covers the main elements (see the unit content learning outcome 1).
Having discussed the advantages it is essential that learners are aware of the disadvantages of web server scripting. This can be delivered in a similar way to the advantages, and there may be benefits from delivering the two elements together.
Having dealt with the background to the subject, delivery of the practical aspects is next. Learning outcome 2 involves using a scripting language and could be delivered by the tutor demonstrating a wide a variety of programming techniques followed by learner exercises to gain practise in using the techniques. It is beneficial for learners to see examples of good documentation including explanations of control structures within the code along with suitable test plans. Tutors should demonstrate the use of debugging tools and discuss list of potential error messages and their meanings.
Learning outcome 3 considers security issues and ethical issues. A good way of delivering material on security issues is to get the learners to discuss what they perceive to be issues in this area. The will no doubt have discussed security in other units and it is always good to extract what they already know and transfer that knowledge to a different situation. The tutor can ensure that sufficient real issues are discussed. Using small case studies to consider security issues is a useful way to illustrate the techniques used to recognise these issues.
Finally, learners will address ethical issues. It may be that they
will not understand what the term means and a brief introduction by the tutor
may be necessary. This could lead on to group discussion that feeds back their
thoughts to the whole class. The tutor can lead whole-class discussions. Using
case studies to identify ethical issues is a good way of reinforcing the
information.
Outline learning plan
The outline learning plan has been included in this unit as guidance and can be used in conjunction with the programme of suggested assignments.
The outline learning plan demonstrates one way in planning the delivery and assessment of this unit.
| Topic and suggested assignments/activities and/assessment |
| Introduction to the unit |
| Server scripting language: whole-class exercise – tutor presentation on web server scripting languages, followed by practical exercise for learnersindividual exercise – using tutor-provided materials, learners work to understand advantages of web server scriptingindividual exercise – using tutor-provided materials, learners work to understand advantages of web server scripting. |
| Assignment 1 – What is Web Server Scripting? |
| Using web server scripting: whole-class exercise – tutor demonstrates various aspects of programming, followed by class practicalindividual exercise – use a tutor-provided checklist of documentationwhole-class exercise – tutor presentation on testing, followed by creating a test plan after looking at examples. |
| Assignment 2 – Programming for the Web Server |
| whole-class exercise – tutor-led discussion on specific security problemswhole-class exercise – tutor-led discussion on examples and case studies of ethical issues. |
| Assignment 3 – Complete Programming Examples |
| Assignment 4 – Issues |
Assessment
It is suggested that this unit is assessed using four assignments as summarised in the
Programme of suggested assignments table.
In the suggested scenario the learners are working for a web development company where they get involved in all sorts of activities. The current activity is to produce materials that will be supplied pre-event to a group of applicants for positions within the company. The information in the materials will be used in the interviewing of the applicants.
Some of the evidence required to complete the assignments could be naturally occurring within their work for other units within the qualification, or for other courses they are undertaking, and tutors are encouraged to use such evidence.
All of the criteria associated with this assignment are to do with writing server side scripts. Note that formal design, documentation and testing are not required for these scripts, although at level 3 one should expect to see some evidence of functionality.
In all cases it is expected that the assessor will supply a statement of authenticity for the learner work.
To gain a pass for the unit, learners must successfully complete all of the pass criteria.
In order to gain a merit grading, learners must achieve all of the pass criteria, and all of the merit criteria.
In order to gain a distinction grading, learners must achieve all of the pass criteria, all the merit criteria and all of the distinction criteria.
Assignment 1 – What is Web Server Scripting?
P1 is about the principles of web server scripting. The learner will explain the principles incorporating the four areas covered in the content.
Criterion M1 asks for a comparison of server side with client side scripting. This should be about functionality, comparing what can be done with each, the benefit of one over the other and the disadvantages of one over another. Each statement made should be supported with an example.
Criterion D1 asks the learner to evaluate the use of client side scripting and server side scripting together. This should be done by the use of examples. These examples must reflect something where both client side and server side scripting are used together; there is no restriction on what can be used.
Assignment 2 – Programming for the Web Server
P2 and P3 require the learner to create and implement scripts in a language of their choice.
P2 requires the learner to create a script to identify the user’s browser and screen resolution. A copy of the server side script together with the outcome of action (browser and resolution) is the desired evidence for this criterion.
For criterion P3 the learner must create a script to upload a file, for example a text file to the server. Evidence should show the before and after absence and presence of the file together with a copy of the script.
For M2 the script allows editing the content of a text file on the
server. This can be the text file loaded for P3 or a different text file.
Editing can be anything that demonstrably changes the contents of the file. The
change should form part of the evidence together with a copy of the script.
Assignment 3 – Complete Programming Examples
P4 and P5 require the learner to create and implement scripts in a language of their choice. For criterion P4 learners are implementing, testing and documenting a simple login system.
Copies of the documented code, statement of need, test plan and results together with any other relevant documentation are the evidence required for this criterion. A similar approach can be used for P5.
M3 involves creating a multi-user dynamic login system, which could be developed from the simple concept undertaken for criterion P4.
For M4 learners are to implement, test and document an error log for a website. Copies of the documented code, statement of need, test plan, test results and any associated document or screen print will form evidence for this criterion.
The script for D2 generates website statistics. Evidence should be a copy of the statistics together with a copy of the script.
Assignment 4 – Issues
Evidence for P6 requires the learner to explain security and ethical issue that might arise from the use of web server scripting. This evidence could be presented in an information leaflet, but any form of descriptive evidence would be appropriate.
D3 is an
extension of P6
Programme of suggested assignments
The table below shows a programme of suggested assignments that cover the pass, merit and distinction criteria in the assessment and grading grid. This is for guidance and it is recommended that centres either write their own assignments or adapt any Edexcel assignments to meet local needs and resources.
| Criteria covered | Assignment title | Scenario | Assessment method |
| P1, M1, D1 | What is Web Server Scripting? | Your manager has asked you to produce the pre-event material for the applicants of a staff recruitment programme. | Web pages. Annotated prints of the web pages. |
| P2, P3, M2 | Programming for the Web Server | You are to create the scripts the applicants will require for their interview. | Copies of code. Annotated prints. Screen grabs. Statement of authenticity. |
| P4, P5, M3, M4, D2 | Complete Programming Examples | Using web server scripting you are to prepare copies of documentation and testing of scripts for a simple login system and an error log, plus an example of a multi-user system which uses scripts. | Copies of the documentation. Test plan and test results. Copies of scripts. Any additional documentation. Statements of authenticity and functionality. |
| P6, D3 | Issues | You are to produce an information leaflet for the applicants outlining the security and ethical issues surrounding web server scripting. | Information leaflet. |
Links to National Occupational Standards, other BTEC units, other BTEC qualifications and other relevant units and qualifications
This unit forms part of the BTEC in IT sector suite. This unit has particular links with the following unit titles in the IT suite:
| Level 1 | Level 2 | Level 3 |
| Unit 17: Website Development | Unit 20: Client Side Customisation of Web Pages | Web Server Scripting |
| Unit 34: Website Production | Unit 28: Website Production and Management | Web Applications Development |
Essential resources
This unit maps to some of the underpinning knowledge from the following areas of competence in the Level 3 National Occupational Standards for IT (ProCom):
- 6.2 IT Security Management.
