Browsers read HTML and display a page. Browsers have the ability to read other languages, and the results are also displayed. Some languages allow small scripts of their commands to be inserted within HTML files so the browser gets both at once. These are called "Scripting" languages. Some examples are JavaScript, VBScript and others. The vast majority of browsers can read JavaScript without any additional installation.
Servers likewise have the ability to read other languages in addition to HTML. Some examples are PHP, ASP (Active Server Pages), JSP (Java Server Pages), ColdFusion and others, which are also scripting languages. These languages must be installed on each server.
The biggest distinction between scripting languages is where they operate. Client-side scripting is done on the viewer's computer. Server-side scripting is done on the server. JavaScript and VBScript are client-side; PHP and ASP are server-side.
It helps to know how to program in one or more of these languages, but you can use them even if you know no programming. Individual scripts that perform individual tasks are freely distributed on the internet. You can copy them directly into your HTML file, and you are good to go. For instance, try here and for some JavaScript scripts.
Scripts use <script></script> tags, or some derivation. A sample JavaScript script to set a message in the browser's Status Bar might look like so:
<!--
window.defaultStatus="This is a government site";
// -->
</script>
Like the Style tag, it is a good idea to place a HTML Comment tag around the script itself but within the start and end Script tags. The only difference between Style and Script tags in this regard is that the double-negative sign at the beginning of the end comment tag has another significance to most scripting languages, therefore you must insert script comment indicators (which for many languages are double hash marks: // ) before the end Comment tag, as shown above.
Recall that the Head section of HTML files house information the computer uses to prepare the display while the Body section houses what is displayed. Some scripts are split in two--part of the script goes in the Head section, and part of it goes in the Body section.
JavaScript is popular among many web designers for reasons that are too numerous to mention here. In response, browsers have included shortcuts for JavaScript scripts as attributes to some HTML tags. Event Handlers are attributes that can be attached to most HTML tags, and cause something to happen when the respective mouse/keyboard action occurs. The most common Event Handlers are: 'onclick', 'ondblclick', 'onkeydown', 'onkeypress', 'onkeyup', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover' and 'onmouseup'. For examples of these, see the link to 'Introduction' shown below.
A word of caution with scripts: copy exactly as you find the script! Do not add any spaces, or line breaks, or punctuation, or anything else. Scripting languages are not as forgiving as HTML. A common error is to copy a script, and since the script is one long line of commands and text that runs off the page, the unwary designer inserts a carriage return here and there so it is easier to read, then the script will not run.
Here are some sample scripts:- Moving Blocks
- Header Color Change
- Fade In!
- Click Me
- Count Days
- Form Links
- Find Coordinates
- Text Tricks
- Button Tricks
A CAVEAT: Hackers can use any one of a number of ways to insert destructive scripts into your pages when they are sent to clients. See this site for examples and more information. You, as the webmaster, can minimize this threat, but not eliminate it. The only way to eliminate the threat is for the client to disable scripting on their own browser. If this is done, none of your scripts (including your event handlers such as onclick) will work. Most clients prefer to have the advantages of scripting enabled, but given the current state of affairs, DoD clients may not be given a choice.
In that case, you may want to go to Plan B, and use Noscript tags. Similar to Noframe tags, anything between <noscript></noscript> is ignored by the browser if scripting is enabled. If scripting is disabled, the Noscript tags go to work.
Of course, there are other ways hackers can do damage, so eliminating scripts from your design will not eliminate your problems altogether.
- In this lesson, we learned about these HTML tags:
- <script> and </script>
- <noscript> and </noscript>
- and about these Event Handlers:
- onclick
- ondblclick
- onkeydown
- onkeypress
- onkeyup
- onmousedown
- onmousemove
- onmouseout
- onmouseover and
- onmouseup
