HTML pages are written as text files in the same way as VBScripts. HTML pages display information according to a series of tags, which you use to turn certain formatting on and off. The tags you normally use to construct a basic page look like this:
<HTML> <HEAD> <TITLE>Hello World Page</TITLE> </HEAD> <BODY> Hello World <P>Hello again </BODY> </HTML>
The <HTML> tag denotes it as an HTML document. The <HEAD> and </HEAD> pair denote everything within those tags as belonging to the header description part of the document. The <TITLE> tag denotes the start of the page title and </TITLE> turns it off again. The <BODY> tag denotes the main part of the page, which contains a simple text string, a newline or paragraph marker <P>, and then another line of text. This is the bare bones of writing HTML documents. You can create lists, set colors, make and populate tables, display images, and so on. However, you do not need to go into all of that to demonstrate incorporating ADSI VBScripts into HTML pages. You only need to be aware of the following major sets of tags: <FORM> . . . </FORM>, <OBJECT> . . . </OBJECT>, <% . . . %>, and <SCRIPT> . . . </SCRIPT>.
Two sorts of scripts can be created within ASPs: client-side scripts and server-side scripts. Client-side scripting is used to access all the objects in a web page (e.g., text, images, tags), browser objects (e.g., frames, windows), and local ActiveX components. Server-side scripting is used to create a web page dynamically via parameters, forms, and code that is then passed to a browser.
Because the two types of scripts are executed at different locations, each has a separate set of interfaces. You place your ADSI scripts in server-side scripting, not client-side scripting. We'll go through the major differences now so that you will be less likely to make annoying mistakes.
You can use the <SCRIPT> tags to add client-side VBScript code to an HTML page. Whenever the browser encounters the tags, the enclosed script is executed as if it were being issued from the client. You can use blocks of scripting in both the BODY and HEAD sections of an ASP if you want to. If you put your code in the HEAD section, it will be read and executed before any item in the BODY section is accessed. As an example, here is a procedure to display a line of text:
<SCRIPT LANGUAGE="VBScript"> Document.Write "This is a line of text<P>" </SCRIPT>
The LANGUAGE attribute indicates that this is VBScript rather than one of the other languages. As this is not running under the WSH, you do not have a VBS or JS extension to denote the language. The Document::Write method writes the line to the web page. It is only one of a number of properties and methods from interfaces available to you as an ASP developer. You also can use MsgBox and InputBox within client-side scripts.
The important thing about client-side scripts from this chapter's point of view is that ADSI functions and methods cannot be included in these scripts. This is an important limitation, one that we will show you how to get around later.
You also can use the SCRIPT tags to denote server-side scripting in ASPs. To distinguish server-side SCRIPT tags from client-side tags, you use the RUNAT attribute as follows:
<SCRIPT LANGUAGE="VBScript" RUNAT="SERVER"> Set objGroup = GetObject("LDAP://cn=Managers,ou=Sales," _ & "dc=mycorp,dc=com") Response.Write objGroup.Description </SCRIPT>
Server-side scripting can also go in either the BODY or HEAD sections. As you can see from the example, server-side scripting can include ADSI calls without any problem. The Response::Write method is used to write lines of text out to a page by code that is processed on the web server. You cannot use Document::Write in server-side scripts as the Document interface is unavailable to the server; it is available only to the browser.
There is also another and more common short form to denote server-side scripting, the <% . . .%> tags. Any code between this set of tags is automatically treated as server-side scripting code. Here is the previous example again, using these tags:
<% Set objGroup = GetObject("LDAP://cn=Managers,ou=Sales," _ & "dc=mycorp,dc=com") Response.Write objGroup.Description %>
Throughout the rest of the chapter, we will use the <%. . .%> tags to indicate server- side scripting and the SCRIPT tag to indicate client-side scripting. The <%. . .%> tags allow you to create quite complex scripts that switch back and forth between HTML on every line if you like. For example, here is a simple server-side script:
<% If myCondition = True Then Response.Write "The Condition is TRUE<P>" Else Response.Write "The Condition is FALSE<P>" End If %>
Here is the same script again using the <%. . .%> tags more heavily so that we can make use of HTML whenever we want to:
<% If myCondition = True Then %> The Condition is TRUE<P> <% Else %> The Condition is FALSE<P> <% End If %>
Setting the Default Language
If you choose to use the <%. . .%> tags, you can change the primary scripting language for a single page by adding a command line to the beginning of your ASP. The syntax for this command is the following if you are using JScript, VBScript, or any other language that supports Object.Method syntax:
<%@ LANGUAGE="VBSCRIPT" %> <%@ LANGUAGE="JSCRIPT" %>
You should make this line the first line of the ASP and make sure that you have a blank space between the @ character and the LANGUAGE keyword.
If you are writing ASPs using VBScript as your language, you can omit this line from all your ASPs, as VBScript is set as the default language anyway.
Anyone who has developed ASPs before or who reads any ASP book will find out about embedding ActiveX controls into web pages. The OBJECT tag is used to add extra functionality to an HTML document by allowing the insertion of various ActiveX controls onto web pages. Included in these are items such as buttons you can press, drop-down list boxes from which you can select items, text entry and display fields, and so on. When you insert an object into your web page using the OBJECT tag, you can specify its initial contents, its position, its caption, its color, and so on. Most people who create web pages using ActiveX controls do not type all this data in by hand. Instead, developers normally use a tool to select from the available options when creating the tag.
If you want to buy a tool, you could use Microsoft FrontPage, which was designed for people who are not used to scripting and would prefer an Office-type interface. Alternatively, you could use Microsoft InterDev, which was designed to have the same interface as all of Microsoft's other development products, such as VB. Various other free web-development tools also exist that will insert these tags. Here is the clickable code for a command button in a web page:
<HTML> <HEAD> <TITLE>Simple Command Button</TITLE> </HEAD> <BODY> <OBJECT ID="CommandButton1" WIDTH=93 HEIGHT=33 CLASSID="CLSID:D7053240-CE69-11CD-A777-00DD01143C57"> <PARAM NAME="ForeColor" VALUE="2147483670"> <PARAM NAME="BackColor" VALUE="2147483668"> <PARAM NAME="VariousPropertyBits" VALUE="23"> <PARAM NAME="Caption" VALUE="Click me!"> <PARAM NAME="Size" VALUE="2469;882"> <PARAM NAME="MousePointer" VALUE="1"> <PARAM NAME="FontCharSet" VALUE="0"> <PARAM NAME="FontPitchAndFamily" VALUE="2"> <PARAM NAME="ParagraphAlign" VALUE="3"> <PARAM NAME="FontWeight" VALUE="0"> </OBJECT> </BODY> </HTML>
ActiveX controls are very useful, but they do have their limits with respect to ADSI. For example, the object specified in the preceding script is a client-side ActiveX control. If you wanted to attach an event to it, say a procedure that is executed when the button is pressed, you couldn't use ADSI code within that procedure. For example, while this looks like great code, it will not work:
<SCRIPT LANGUAGE="VBScript"> Sub CommandButton1_Click( ) Set objGroup = GetObject("LDAP://cn=Managers,ou=Sales," _ & "dc=mycorp,dc=com") Document.Write objGroup.Description </SCRIPT>
You can, however, easily populate list boxes and other controls with the results of ADSI calls. This is great for display purposes, but you can't manipulate the contents. Let's lay out an example to show you the problem.
Let's say that we have an ASP with two list box ActiveX controls. When the page is loaded, we can trigger the population of the first list box with all the users in Active Directory. We can do the same for the second list box with all the groups in Active Directory. We now can click and select values from each of the list boxes, although nothing happens when we do so. Now we need to add a command button ActiveX control to the ASP. We wish to attach an event to that button so that an ADSI call is made that attempts to add the user to the group and print out the result. Unfortunately, we can't do that, since the ActiveX control event procedure is client-side and ADSI code must be server-side.
While ActiveX controls may be very powerful, they can't incorporate ADSI directly from triggered events.
If ActiveX control events are not available, you can use HTML forms to create simple ASPs. Here is an example:
<FORM ACTION = "simple_form_demo.asp" METHOD = "POST"> <P>A simple input field: <INPUT NAME = "myfield1" SIZE = 48> <P>Here is a list of all the users in the default Users container: <SELECT NAME = "user"> <% Set objUsers = GetObject("LDAP://cn=Users,dc=mycorp,dc=com") For Each objObject in objUsers If objObject.Class = "user" Then %> <OPTION><% = objObject.Name %> <% End If Next %> </SELECT> <P><INPUT TYPE = SUBMIT> </FORM>
This form incorporates an alphanumeric input field, a list box populated by users from the default Users container and a button labeled Submit Query. The list box is populated via the OPTION tag between a <SELECT>. . .</SELECT> tag pair. Clever use of server-side scripts here between the SELECT tag pair means that you can populate the list box using ADSI calls.
More importantly, once the form is submitted, server-side scripts can retrieve the values typed into the input fields by passing the name of the form to the Request::Form method. If the previous form were submitted, you could retrieve the value selected in the list box by using the following code:
One important point needs noting here. It is possible to attach scripts to form-field events, such as clicking a button or tabbing out of a field. Unfortunately, as the form is client-side, the script attached to the event has to be client-side. That precludes the use of ADSI in these sorts of scripts. Here is an example:
<HTML> <HEAD> <TITLE>Display Description</TITLE> </HEAD> <BODY> <FORM NAME="Form1"> <INPUT TYPE="Button" NAME="Button1" VALUE="Click me for Description!"> <SCRIPT FOR="Button1" EVENT="onClick" LANGUAGE="VBScript"> MsgBox "Clicked!" </SCRIPT> </FORM> </BODY> </HTML>
Since the scripts are only client-side we will not be using these types of scripts within this chapter.