In Web development some code you write is for the server and some is for the browser.
- the user requests a Web page from the server
- the server finds the page in it's storage and sends it to the user over the Internet
- the browser reads through the HTML and any CSS displaying it for the user
- when the browser comes across script tags it:
- runs the code and does what it was told to do
So client-side scripting is used to make Web pages change after they arrive at the browser. As the code only runs in the browser it cannot do anything to the server or to any other computer. It is useful for making pages a bit more interesting and user-friendly. It can also provide useful gadgets such as calculators, clocks etc. and for games and animations.
Client-side scripts rely on the user's computer. If that computer is slow they may run slowly. They may not run at all if the browser does not understand the scripting language. As they have to run on the user's system the code which makes up the script is there in the HTML for the user to look at (and copy or change if they want to) so there is no security.
The order of execution of code is similar for server-side scripting but the code is executed earlier int he process:
- the user requests the Web page from the server
- the server sees from the file extension (.php for us but it could be other server-side languages such as .asp or .pl) and it realises there may be some code to run
- it looks through the HTML and CSS code and when it sees a <?php ?> tag it knows there is some PHP to run so it:
- interprets the script
- runs it (probably outputting new HTML and CSS into the file)
- the page in its final form is sent to the user including the HTML and CSS generated by PHP
Note that the PHP code is never sent to the browser. It has been run on the server and only the results (HTML and CSS) go to the user. This means the user cannot see or copy the PHP code. It also means that PHP can do things on the server but cannot do things once the page has left the server. PHP cannot affect the user's computer.
Server-side scripting tends to be used for logging in and allowing users to have individual accounts or for providing data from databases. It allows a level of privacy, personalisation and provision of information that is very powerful. E-commerce, MMORPGs and social networking sites all rely heavily on server-side scripting.
PHP and ASP.net are two of the main technologies for server-side scripting. There are others.
Using them together
Server-side scripting will create the page. It can change the page depending on many things including the user logged in, the contents of a database or just time and date.
Client-side scripting allows the page to change after it first appears in the browser.
Together they can provide a page unique to a user and then allow that user to interact with the page.
- the browser sends an HTTP request to the server
- the server reads the page and runs any PHP in it