Here are **in-depth notes** based on **Module 32: Web Applications** from the *Database Management Systems* course (IIT Madras B.Sc. program):

---

## ✅ Module 32: Web Applications – In-depth Notes

---

### 📌 **1. Application Architecture Recap**

* Modern applications often follow a **three-tier architecture**:

  * **Presentation Layer (Frontend)** – User interface (HTML, CSS, JS)
  * **Business Logic Layer** – Processes user inputs, applies rules
  * **Data Access Layer** – Interacts with databases (SQL/NoSQL)

---

### 🌐 **2. Web Fundamentals**

#### 🌍 World Wide Web (WWW)

* **Distributed information system** based on **hypertext**
* Core document format: **HTML (HyperText Markup Language)** – a W3C standard
* Hypertext: Text with **links** to other documents or sections

#### 🔗 URL (Uniform Resource Locator)

* Identifies and locates documents globally
* Structure of URL:

  ```
  protocol://host/path?query_parameters
  ```

  * **Protocol**: `http`, `https`, `file`, etc.
  * **Host**: domain or IP address
  * **Path**: file location on the host
  * **Query Parameters** (optional): data passed to the server (`?key=value`)

#### 📌 Related Terminologies:

| Term    | Meaning                                                        |
| ------- | -------------------------------------------------------------- |
| **URL** | Uniform Resource Locator (address)                             |
| **URI** | Uniform Resource Identifier (general term, includes URL & URN) |
| **URN** | Uniform Resource Name (unique name, not necessarily locatable) |

---

### 🧱 **3. HTML Basics**

* **HTML documents** use **tags** to define elements
* Tags are enclosed in angle brackets `<tag>`, closing tag `</tag>`
* Example: Table structure

```html
<table border="1">
  <tr>
    <th>ID</th><th>Name</th><th>Department</th>
  </tr>
  <tr>
    <td>00128</td><td>Zhang</td><td>Comp Sci</td>
  </tr>
</table>
```

#### 🔘 Forms in HTML

* Collects data from the user

```html
<form action="personQuery" method="get">
  Search for:
  <select>
    <option>Student</option>
    <option>Instructor</option>
  </select><br/>
  Name: <input type="text" name="name" size="20"/>
  <input type="submit" value="Submit"/>
</form>
```

---

### 📡 **4. HTTP and Sessions**

#### ⚙️ HTTP (HyperText Transfer Protocol)

* **Connectionless** protocol: no persistent connection between client and server
* Each request/response is independent
* Suitable for static pages, **but problematic for secure, continuous sessions** like banking

#### 🍪 Cookies and Sessions

* **Cookie**: Small encrypted text file sent by the server to the client to identify a session
* Stored in the browser and sent back with each request
* Helps **maintain session** without re-authentication
* **Session timeout**: Automatically ends after a period of inactivity for security

---

### 🧭 **5. Web Architecture Summary**

```
[Client (Browser)] ⇄ HTTP ⇄ [Web Server] ⇄ [Database/File System]
                      ↑ HTML                ↑ SQL/file read
                      ↓ Response            ↓ Result
```

* Web Server receives HTTP request → Processes/queries backend → Sends HTML response
* **Frontend**: HTML + CSS + JavaScript
* **Backend**: Server-side languages, e.g., Java (Servlets), Python, PHP

---

### 🧑‍💻 **6. Scripting in Web Applications**

#### ✍️ Script:

* A **small program**, interpreted instead of compiled
* Runs **within another application** (browser/server)
* Easier to write and execute for small dynamic tasks

#### 🎭 Client-side Scripting:

* Runs **in the browser**
* Handles quick validations, UI interactions (e.g., form validation)
* Example: **JavaScript** validation for a form

```js
function validate() {
  let credits = document.getElementById("credits").value;
  if (isNaN(credits) || credits <= 0 || credits > 16) {
    alert("Credits must be a number between 1 and 16");
    return false;
  }
  return true;
}
```

#### 🔐 Security for Client-side Scripts:

* Limited access to system

  * Cannot read/write local files
  * Cannot access external apps
* Prevents malicious behavior from embedded scripts

---

### 🖥️ **7. Server-side Scripting**

* Runs **on the web server**
* Processes user input, interacts with database, generates dynamic HTML

#### 🔄 Popular Technologies:

| Technology                  | Description                                         |
| --------------------------- | --------------------------------------------------- |
| **JSP (Java Server Pages)** | HTML + embedded Java                                |
| **Servlets**                | Java-based server programs                          |
| **PHP**                     | Server-side scripting language                      |
| **ASP**                     | Microsoft's legacy tech                             |
| **Python (Flask, Django)**  | General-purpose language used for backend scripting |

---

### 📦 **8. Servlets**

#### 🧩 Servlet:

* A **small service** that responds to a request
* Multi-threaded: multiple clients can run the same servlet simultaneously
* Typically processes input, performs logic, and generates HTML

#### 🧭 Servlet Flow:

1. Request comes to server
2. Servlet processes input
3. Queries DB (if needed)
4. Generates HTML response
5. Sends back to client

#### 🗂️ Example Flow:

```java
String name = request.getParameter("name");
ResultSet rs = statement.executeQuery("SELECT * FROM Student WHERE name='" + name + "'");
while (rs.next()) {
  out.println("<tr><td>" + rs.getString("id") + "</td></tr>");
}
```

---

### 🆚 **9. JSP vs Servlets**

| Feature      | JSP                                | Servlet                   |
| ------------ | ---------------------------------- | ------------------------- |
| Syntax       | Looks like HTML with embedded Java | Pure Java                 |
| Ease of HTML | Easier                             | Harder (print statements) |
| Use case     | Dynamic web pages                  | Backend logic             |
| Compiled to  | Servlet                            | Java bytecode             |

---

### 📝 **10. Summary: Key Concepts**

* **Web application = Client + Server + DB**
* HTML is used for static page structure
* HTTP is connectionless, sessions maintained using cookies
* **Client-side scripting** (JavaScript): Lightweight validation/UI logic
* **Server-side scripting** (Servlet, JSP, PHP): Data access, page generation
* **Servlets** are mini-services for request handling
* **JSP** allows mixing HTML and Java for easier dynamic page creation
* **Security is critical** especially on client side

---

### 🎯 Learning Outcomes Recap:

* Understand basic **web architecture and components**
* Learn how **HTML and HTTP** work
* Understand **scripting (client/server)** in web applications
* Learn about **servlets and JSP** as backend technologies

---