More with Three-Tiered Design
Last month, we began our investigation of three-tiered design for our web applications. By separating the database server from the web application itself by means of a “middleware” object layer, we simplify the logic in our web applications. Furthermore, by adding an abstraction layer between our web application layer and our database layer, we gain the ability to use the same middleware in non-web applications, as well as the possibility of changing the back end without telling the web application.
By the end of last month's column, we had implemented a simple middleware layer that could communicate with the People and Appointments tables we created in a PostgreSQL database. This month, we will briefly look at some web applications we can develop using these objects. You will see that at no time does our web layer directly access the relational database; the SQL is all contained within the objects.
In an ideal universe, we could create the web application layer using any language or technology we might want, communicating with the middleware layer using a universally agreed-to protocol. However, the world is not quite as advanced as we might like, and our choice of an object layer forces our hand when choosing a web application environment.
We created our objects in Perl, so we will need to use Perl to implement our web application. To avoid the overhead associated with CGI programs, and because we can get a great deal more power by tapping into the mod_perl module for Apache, we will use Mason, the Perl-based template and development application environment that we looked into last year. Each Mason component is compiled as necessary into a Perl subroutine, which is then compiled into Perl opcodes. These opcodes are then cached in the mod_perl module inside of Apache, where they can be executed at a much faster rate than would be possible using CGI.
Our first web application example will allow us to add a new person to our database. This will require two Mason components: an HTML form (which could equally well be a static form) and one which attempts to add a new person to the database. In order to accomplish this, we will use the middleware People object, which connects to the database for us and attempts to store a new row in the database. Simple versions of these two components are shown in Listings 1 and 2. These listings are too long to print here; they are available at ftp.linuxjournal.com/pub/lj/listings/issue82. The HTML form (add-person-form.html) submits its name-value pairs to add-person.html. The latter creates an instance, People, then invokes the new_person method to create a new person:
my $success = $people->new_person (first_name => $first_name, last_name => $last_name, country => $country, email => $email);
If $success is true, we know that a new person was added to the database with the arguments that we passed to $people->new_person. Otherwise, we know that the invocation has failed.
However, this is a very crude way of determining whether things have succeeded or failed; rather than present users with an all-or-nothing proposition, it would be nice to tell them what they did wrong so that they can fix the problem. If a hung database process produces the same error message as does an attempt to add a second person with the same e-mail address, it will be hard for anyone to solve the problem.
Thus, the solution is for our web application to check its inputs before passing them to the middleware layer. The more such checks we can insert into our code, and the more application-level error messages we can display, the better.
Our add-person.html component performs two basic checks that demonstrate this: It uses Mason's <%args> section to require that each of the potential arguments has been passed. An HTML form that tries to submit its values to add-person.html must provide each of the listed form elements, or Mason will refuse to honor the request and print a stack trace describing what went wrong. End users won't see this error if they make a mistake filling out the form, but you'll see it if you leave required <input> tags out.
Once our Mason component executes, we can thus be sure that we have at least received the appropriate name-value pairs. But do they contain legal values? In an “unless” statement at the top of add-person.html, we check that we received non-empty values for the four parameters that we will use in our invocation of $people->new_person. If any of them are missing, a message is displayed telling the user what is expected.
To be even safer, we also check that the e-mail address looks relatively valid. The regular expression in Listing 2 will not match all e-mail addresses, but it is good enough for the purposes of this simple example. Users who try to pass an invalid e-mail address are shown an error message that tells them what to change.
Once we can be sure that the values are relatively sane, we can then invoke $people->new_person. Notice how add-person.html manages to do all of this without ever talking directly to the database. DBI is obviously taking an active role in each invocation of $people->new_person, but that happens behind the scenes, and our Mason components don't need to concern themselves with it. This means that if the People object has been thoroughly debugged, there should not be any chance of encountering SQL errors.
|Red Hat Enterprise Linux 7.1 beta available on IBM Power Platform||Jan 23, 2015|
|Designing with Linux||Jan 22, 2015|
|Wondershaper—QOS in a Pinch||Jan 21, 2015|
|Ideal Backups with zbackup||Jan 19, 2015|
|Non-Linux FOSS: Animation Made Easy||Jan 14, 2015|
|Internet of Things Blows Away CES, and it May Be Hunting for YOU Next||Jan 12, 2015|
- Designing with Linux
- Wondershaper—QOS in a Pinch
- Red Hat Enterprise Linux 7.1 beta available on IBM Power Platform
- Internet of Things Blows Away CES, and it May Be Hunting for YOU Next
- Ideal Backups with zbackup
- Slow System? iotop Is Your Friend
- New Products
- Hats Off to Mozilla
- 2014 Book Roundup
- January 2015 Issue of Linux Journal: Security
Editorial Advisory Panel
Thank you to our 2014 Editorial Advisors!
- Jeff Parent
- Brad Baillio
- Nick Baronian
- Steve Case
- Chadalavada Kalyana
- Caleb Cullen
- Keir Davis
- Michael Eager
- Nick Faltys
- Dennis Frey
- Philip Jacob
- Jay Kruizenga
- Steve Marquez
- Dave McAllister
- Craig Oda
- Mike Roberts
- Chris Stark
- Patrick Swartz
- David Lynch
- Alicia Gibb
- Thomas Quinlan
- Carson McDonald
- Kristen Shoemaker
- Charnell Luchich
- James Walker
- Victor Gregorio
- Hari Boukis
- Brian Conner
- David Lane