The engine does not parse these script blocks separately, making both script blocks have syntax errors. So we get the following conclusion: not all non-server script code will be sent to the client. It is possible that this non-server script code is limited by the script block. The server won't worry about the execution of client scripts, but different client scripts can be output through the server scripts.
4. The final engine generates a text stream, or the script execution result. It can be considered as a string, that is, the Code sent to the webpage of the client browser. The client browser displays the page. The source code (source file) of the page does not contain the script on the server, but contains the execution result of the script on the server (this is obvious ).
<%... %> And <script runat = "server">... </Script>
All scripts on the server are processed and executed at the same time. They are executed as a whole.
<%... %> And <script language = "... ">... </Script>
The former is a server-side script, and the latter is a client-side script. The former is executed first, and the latter is executed.
In fact, they may be executed at the same time, but the space is different: the former is executed on the server, and the latter is executed in the client browser. The former must be performed logically ahead of the latter. At the same time, we also draw a conclusion: in the execution of the same page, the client script cannot be fed back to the server-side script, that is, the client browses your message book and submits a new message or the value obtained by any client script cannot be processed in the same server response.
Call Components
Note that both the server-side script and client-side script are scripts. Naturally, you can create xmlhttp components and ADODB. Connection components, but they are not stored anywhere.
Xmlhttp is created in the server script if it is used to capture web pages (such as collection) on the server, and if it is used for ajax refreshing on the client side and accessing the server page on the background, then it runs on the client and is created on the client.
ADODB. the Connection component is used to access the database. Generally, it is created on the server. After all, the asp program on the server is running the database data. However, if your database is actually connected on the client, then it is undoubtedly created in the client script.
In short, conflicting things and every aspect have their own characteristics. Different things have different contradictions; the same things have different contradictions in different processes and stages of development; different contradictions in the same thing and different aspects of the same contradiction have their own particularity (you can skip it if you cannot understand it ......). This principle requires us to adhere to the specific analysis principles of specific problems. Under the guidance of the principle of universality of contradictions, we should analyze the particularity of contradictions and find the correct method to solve the contradictions. We are opposed to adopting the same method to solve conflicts between different things. This is the truth about "one key opens one lock, and what song to sing.
The Server-side VBScript creates an object using the Server. CreateObject (className) method, and the client-side VBScript creates an object using the CreateObject (className) method.
Typical errorsCopy codeThe Code is as follows: <%
Function TSize (B)
'This is my custom function
TSize = "China"
End function
%>
<A href = "javascript: <% TSize ('variable') %>"> click here to use my defined function </a>
Error analysis:
Obfuscated the differences between server scripts and client scripts. During actual execution, we will find that the client does not receive any Code such as TSize, because TSize is a server-side program and is processed by the engine (note that the engine processes functions, it is purely called for the server script and will not be sent back to the client). It will disappear and cannot work on the client. This means that client scripts cannot directly call the functions of server scripts.
In fact, this program has a syntax error. When the engine processes this content, it first finds the content between <% and %>, that is, <% TSize ('variable ') %>, obviously, this section does not comply with the syntax rules of VBScript. Well, if you change it to <% = TSize ("variable") %> there is no syntax error in the script on the server side, then the TSize function can return "China" normally ", therefore, the href attribute received by the client is written as follows: "javascript: China", which cannot be executed.
Impact of server scripts on client scripts
As mentioned above, server scripts are logically executed in advance of client scripts, so such code is feasible:Copy codeThe Code is as follows: <%
Dim I
For I = 1 to 5
Response. Write "<script type =" "text/javascript" "> "_
& "Alert ('Hello World! "& I &" ') </script>"
Next
%>
How to execute Response. Redirect and javascript
Note that the following code is incorrectly written:Copy codeThe Code is as follows: <%
Response. Redirect "index. asp"
Response. Write "<script type =" "text/javascript" "> "_
& "Alert ('wrong password! ') </Script>"
%>
This is a common error. The author often thinks that writing code in this way will enable the client to pop up the "Password error" prompt and then switch to the index. asp, in fact, this cannot happen, even if the two lines of code are exchanged in order, it is impossible to achieve this effect.
The reason is related to how the server processes two lines of code. These two lines of code cannot work at the same time.
Response. Write sends a piece of text to the client. The content of this text can be a script, so the client browser can execute this script after receiving it. Note that it can only be executed after receiving it.
Response. Redirect sends an HTTP header to the client (what is the HTTP header information? For example, if an HTTP header is written to the Cookies on the client, the HTTP header is sent back to the client browser before the HTTP subject, this is why an error occurs when we modify Cookies after the Server Buffer is disabled, because the subject has already started to transmit and HTTP header information cannot be sent .), The content of the Information tells the client browser to jump to the page for browsing. Note that this Redirect Information takes effect immediately. That is to say, this Redirect Information is exclusive. When the buffer is opened, no matter whether the Response is used. write writes to the buffer. Once Response is called. redirect will clear the buffer and send this header command to the client browser. If we dynamically track the execution of the program, we will also find that the Response is called. after Redirect, the program stops running, so note that the server program is calling Response. before Redirect, close the data connection and perform other operations.
So how should we modify the above example? If you do not want to modify the index. asp to add the script prompt, you can only put the redirection command in the client script for execution, as shown in the following code:Copy codeThe Code is as follows: <%
Response. Write "<script type =" "text/javascript" "> "_
& "Alert ('! '); Location. href = 'index. asp' </script>"
%>
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
