BSc CSIT (TU) Science Web Technology (BSc CSIT, CSC318) Question Paper 2079 Nepal

HTTP Protocol

HTTP (HyperText Transfer Protocol) is an application-layer, request–response protocol used by the World Wide Web to transfer hypertext documents and other resources between a client (browser) and a web server. It runs on top of TCP (default port 80, or 443 for HTTPS) and is stateless — each request is independent and the server keeps no memory of previous requests (state is added via cookies/sessions).

Structure of an HTTP Request

An HTTP request has four parts:

1. Request line — METHOD Request-URI HTTP-Version
2. Header fields — name: value pairs giving metadata
3. Blank line — separates headers from body
4. Message body (optional) — data sent to the server (e.g. form data)

GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/html
Connection: keep-alive

Structure of an HTTP Response

1. Status line — HTTP-Version Status-Code Reason-Phrase
2. Header fields — metadata about the response
3. Blank line
4. Message body — the requested resource (HTML, image, JSON, etc.)

HTTP/1.1 200 OK
Date: Mon, 01 Jan 2024 12:00:00 GMT
Server: Apache/2.4
Content-Type: text/html; charset=UTF-8
Content-Length: 1024

<html>...</html>

Common HTTP Methods

Common Status Codes

DTD vs XSD

Both DTD (Document Type Definition) and XSD (XML Schema Definition) define the structure, content and legal elements of an XML document, but XSD is more powerful and modern.

Conclusion: XSD supersedes DTD because it is namespace-aware, data-type-aware and itself well-formed XML.

XSD Schema for a List of Books

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">

  <xs:element name="bookstore">
    <xs:complexType>
      <xs:sequence>
        <xs:element name="book" maxOccurs="unbounded">
          <xs:complexType>
            <xs:sequence>
              <xs:element name="title"  type="xs:string"/>
              <xs:element name="author" type="xs:string"/>
              <xs:element name="year"   type="xs:gYear"/>
              <xs:element name="price"  type="xs:decimal"/>
            </xs:sequence>
            <xs:attribute name="isbn" type="xs:string" use="required"/>
          </xs:complexType>
        </xs:element>
      </xs:sequence>
    </xs:complexType>
  </xs:element>

</xs:schema>

A valid XML instance:

<bookstore>
  <book isbn="978-1">
    <title>Web Technology</title>
    <author>R. Sharma</author>
    <year>2021</year>
    <price>450.00</price>
  </book>
</bookstore>

Cookies and Sessions in PHP

Cookies are small text files (key–value pairs) that the server asks the browser to store on the client machine. They are sent back with every subsequent request to the same domain, letting the server remember the client. In PHP a cookie is set with setcookie() and read from the $_COOKIE superglobal. They have limited size (~4 KB), can be tampered with, and can be disabled by the user.

Sessions store user data on the server; only a small session ID is kept on the client (usually as a cookie named PHPSESSID). Sessions are more secure for sensitive data (login state), are larger in capacity, and are accessed through the $_SESSION superglobal after calling session_start().

PHP Script Using Sessions to Manage Login State

login.php

<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $user = $_POST['username'];
    $pass = $_POST['password'];
    // (In practice, verify against a database with hashed passwords)
    if ($user === 'admin' && $pass === '1234') {
        $_SESSION['loggedin'] = true;
        $_SESSION['username'] = $user;
        header('Location: welcome.php');
        exit;
    } else {
        echo 'Invalid credentials';
    }
}
?>
<form method="post" action="login.php">
  Username: <input type="text" name="username"><br>
  Password: <input type="password" name="password"><br>
  <input type="submit" value="Login">
</form>

welcome.php

<?php
session_start();
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) {
    header('Location: login.php');
    exit;
}
echo 'Welcome, ' . htmlspecialchars($_SESSION['username']);
echo '<br><a href="logout.php">Logout</a>';
?>

logout.php

<?php
session_start();
session_unset();      // remove all session variables
session_destroy();    // destroy the session
header('Location: login.php');
?>

Structure of a URL

A URL (Uniform Resource Locator) is the address that uniquely identifies a resource on the web. Its general form is:

scheme://host:port/path?query#fragment

Example: https://www.example.com:443/products/item?id=10#reviews

• scheme — protocol used (http, https, ftp)
• host — domain name or IP of the server (www.example.com)
• port — TCP port (default 80 for HTTP, 443 for HTTPS)
• path — location of the resource on the server (/products/item)
• query string — parameters after ? (id=10)
• fragment — anchor within the page after # (reviews)

Role of DNS

The Domain Name System (DNS) is the distributed "phonebook" of the Internet that resolves human-readable domain names into machine IP addresses. When a user enters a URL:

1. The browser checks its cache, then asks a DNS resolver (usually the ISP).
2. The resolver queries the root server, then the TLD server (e.g. .com), then the authoritative name server for the domain.
3. The authoritative server returns the IP address (e.g. 93.184.216.34).
4. The browser then opens a TCP connection to that IP and sends the HTTP request.

Thus DNS lets users use easy names instead of remembering numeric IP addresses.

GET vs POST

Both GET and POST are HTTP methods used to submit HTML form data, set via the method attribute of <form>.

Summary: Use GET when retrieving data that can be bookmarked and is non-sensitive; use POST when sending large or sensitive data or modifying server state.

AJAX

AJAX (Asynchronous JavaScript And XML) is a web development technique that allows a web page to send and receive data from a server asynchronously, in the background, without reloading the whole page. It is not a single technology but a combination of HTML/CSS, the DOM, JavaScript, and the XMLHttpRequest object (or the modern fetch() API), with data usually exchanged as JSON or XML.

How AJAX Enables Asynchronous Communication

1. An event occurs in the browser (e.g. a button click).
2. JavaScript creates an XMLHttpRequest (or fetch) object and sends an HTTP request to the server in the background.
3. Because the call is asynchronous, the browser does not freeze — the user can keep interacting with the page while waiting.
4. The server processes the request and returns only the needed data (often JSON), not a whole new page.
5. A callback function fires when the response arrives, and JavaScript uses the DOM to update only the relevant part of the page.

const xhr = new XMLHttpRequest();
xhr.open('GET', 'data.php', true);   // true = asynchronous
xhr.onreadystatechange = function () {
  if (xhr.readyState === 4 && xhr.status === 200) {
    document.getElementById('result').innerHTML = xhr.responseText;
  }
};
xhr.send();

Benefits: faster, more responsive UIs, reduced bandwidth and server load, and a smoother user experience (e.g. live search, auto-complete, form validation).

Role of a Web Server

A web server is software (and the host machine) that stores website files and listens for HTTP/HTTPS requests from clients (browsers), then processes and responds with the requested resources (HTML pages, images, files) or with output generated by server-side programs. Examples: Apache, Nginx, IIS.

Key roles:

• Accept and parse incoming HTTP requests.
• Locate or generate the requested resource.
• Execute server-side scripts (PHP, Python, etc.) for dynamic content.
• Return an HTTP response with appropriate status code and content.
• Handle security (HTTPS), logging, and concurrent connections.

Static vs Dynamic Web Pages

JSON

JSON (JavaScript Object Notation) is a lightweight, text-based, language-independent data-interchange format. It represents data as key–value pairs (objects {}) and ordered lists (arrays []), and is easy for humans to read and for machines to parse. It is the most common format for web APIs.

{
  "name": "Ram",
  "age": 21,
  "courses": ["Web", "DBMS"],
  "active": true
}

JSON vs XML

Summary: JSON is lighter, faster and ideal for web APIs and JavaScript; XML is more verbose but richer (attributes, namespaces, schema/validation) and suited to document-centric data.

Cookies

A cookie is a small piece of data (a name–value pair) that a web server sends to the browser, which the browser stores on the client machine and sends back with every subsequent request to the same domain. Cookies let an otherwise stateless HTTP connection "remember" the user — for sessions, preferences, shopping carts, and tracking. They are limited to about 4 KB and have attributes like expires, path, domain, Secure and HttpOnly.

Creating and Reading Cookies

Creating (PHP) — must be set before any HTML output:

<?php
// setcookie(name, value, expiry, path)
setcookie('username', 'Ram', time() + 3600, '/'); // expires in 1 hour
?>

Reading (PHP) — available on the next request via $_COOKIE:

<?php
if (isset($_COOKIE['username'])) {
    echo 'Welcome back, ' . htmlspecialchars($_COOKIE['username']);
}
?>

Creating / reading in JavaScript:

document.cookie = "username=Ram; max-age=3600; path=/";  // create
console.log(document.cookie);                            // read

When the cookie is set, the server sends a Set-Cookie response header; the browser then automatically includes a Cookie request header on later requests to that site.

Internet vs World Wide Web

In short: the Internet is the infrastructure; the Web is one application that runs over it.

Client–Server Architecture of the Web

The web follows a client–server model:

• The client (a web browser) sends an HTTP request for a resource (URL).
• The server (web server) receives the request, processes it (possibly running server-side scripts and querying a database), and returns an HTTP response containing the resource.
• The connection is stateless — each request is independent — and communication uses the request–response cycle over TCP/IP.

[Browser/Client] --- HTTP Request ---> [Web Server]
[Browser/Client] <-- HTTP Response --- [Web Server]

Many clients can simultaneously connect to one server, which centralizes resources and processing.

HTML Tables

HTML tables display data in rows and columns using these tags:

• <table> — the table container
• <tr> — a table row
• <th> — a header cell (bold, centred)
• <td> — a data cell
• <caption> — table title; <thead>, <tbody>, <tfoot> group sections
• Attributes: colspan, rowspan, border

<table border="1">
  <caption>Student Marks</caption>
  <tr><th>Name</th><th>Marks</th></tr>
  <tr><td>Ram</td><td>85</td></tr>
  <tr><td>Sita</td><td>90</td></tr>
</table>

HTML Forms

A form collects user input and submits it to a server. It is defined with <form action="url" method="get|post"> and contains form controls.

Common Form Elements

<form action="submit.php" method="post">
  Name:    <input type="text" name="name"><br>
  Password:<input type="password" name="pwd"><br>
  Gender:  <input type="radio" name="g" value="M"> Male
           <input type="radio" name="g" value="F"> Female<br>
  Hobbies: <input type="checkbox" name="h" value="music"> Music<br>
  Country: <select name="country">
             <option>Nepal</option><option>India</option>
           </select><br>
  About:   <textarea name="about"></textarea><br>
  <input type="submit" value="Send">
  <input type="reset"  value="Clear">
</form>

CSS Selectors

A CSS selector is a pattern used to target HTML elements so that styles can be applied to them. The main types are:

1. Universal Selector (*)

Selects all elements.

* { margin: 0; padding: 0; }

2. Element (Type) Selector

Selects all elements of a given tag.

p { color: blue; }

3. Class Selector (.)

Selects all elements with a given class attribute.

.note { background: yellow; }   /* <p class="note"> */

4. ID Selector (#)

Selects the single element with a given id (must be unique).

#header { height: 80px; }       /* <div id="header"> */

5. Group Selector (,)

Applies the same style to several selectors.

h1, h2, p { font-family: Arial; }

6. Descendant Selector (space)

Selects elements nested inside another element.

div p { color: green; }   /* every <p> inside a <div> */

7. Child Selector (>)

Selects direct children only.

ul > li { list-style: square; }

8. Attribute Selector

Selects elements by attribute/value.

input[type="text"] { border: 1px solid gray; }

9. Pseudo-class Selector

Selects elements in a special state.

a:hover { color: red; }

Specificity order (low → high): element < class/attribute/pseudo-class < ID < inline style.