The content of this document may be incorrect or outdated.
Print this article Edit this article
Using server-side includes
What Are Server-Side Includes?
Server-side includes allow you to create documents that include information that is re-generated each time the document is accessed. For example, today's date is .With server-side includes, you can:
-
Include a number of parameters in your document automatically, including:
- The file name of the current document.
- The URL of the current document.
- The last modification date and time of the current document.
- The current date and time.
- Include the last modification date and time of any arbitrary file on the system. This can be used to create advisories such as "Be sure to check the "late-breaking news" file... it was last updated on (last update)."
- Include the size of any arbitrary file on the system. This can be used to create advisories such as "Click here for a full-size image, but watch out, it's (size)."
- Include the text of another file, either from somewhere else on the system or from somewhere else in your Web server. For example, if you have some "boilerplate" that you want to appear at the top of every document, you can put that in one file and then include that file in all your other documents.
- Include the output from a CGI program. This differs from referencing a CGI program in an anchor (between <A> and </A>) in that a CGI program executed via a server-side include is executed automatically when the document is accessed, as opposed to being executed only when the reader clicks on the anchor.
- Execute any arbitrary system command. You cannot capture the output from one of these commands (to do that, you have to make a CGI script "wrapper" for the command), but there are a number of commands for which this is not necessary.
Server-Side Include Performance Issues
Before deciding to use server-side includes, you need to understand the performance issues involved in doing so. To summarize them in one short sentence, server-side includes make your documents load more slowly.Under the default Purdue ECN setup, server-side includes are turned off. When a browser such as Mosaic or lynx requests a document from the server, httpd (the server program) opens the file and sends the contents back to the browser. When it does this, httpd does not try to attach any meaning to the contents of the file. In fact, it doesn't even look at it to make sure it's what you say it is. For example, if you were to accidentally place an image into a file called foo.html, httpd not only would not care, it wouldn't even know. It just opens the file, reads a bunch of bytes, and sends them back to the browser.
Server-side includes though, as their name implies, require that the server (httpd) do something. That means that when server-side includes are turned on, and a browser requests a document, httpd has to not only read the bytes from that file, it has to look at them and try to understand them. It doesn't have to understand everything, but it does have to search the entire document for the special symbols that indicate a server-side include. And, when it finds a server-side include, it has to do whatever is required to process that include and capture any text that it generates.
All this searching of documents takes time. In fact, it takes enough time that people accessing your documents will probably notice it. Thus, you don't want to just turn on server-side includes everywhere; people will probably start complaining that your server is too slow. Instead, you will want to carefully evaluate which documents need server-side includes, and turn server-side includes on only in those areas. Leave them off everywhere else (that's why they're off by default in the Purdue ECN configuration).
Enabling Server-Side Includes
To enable server-side includes, you need to create a .htaccess file in one of your Web directories. In this file, you will place two directives: one to turn on server-side includes, and the other to tell httpd which files in that directory will contain server-side include directives.
The Options Line
To turn on server-side includes, you should place the following line in the
.htaccess file:
Options IncludesNote that the
Options line overrides any previously set
options (such as those set in the system-wide httpd configuration
file). So, if other options were turned on, this line just turned them off
again. The Purdue ECN httpd configuration file turns on two other
options:
FollowSymLinks- This option tells httpd that symbolic links should be followed when they are encountered. Unless you're using symbolic links in your Web directories, it doesn't really matter if you turn this on or not.
Indexes- This option tells httpd that if it is given a directory name as a URL to access, and there is no file called Index.html in that directory, it should generate a nifty little index of its own, with little icons that represent the different file types. If this option is turned off and httpd is given a directory URL to access, it will say that the URL cannot be accessed. If you want this behavior, you should turn this option on.
Options FollowSymLinks Indexes Includesin your .htaccess file instead of the line mentioned earlier.
The AddType Line
The second line you have to add to your .htaccess file tells
httpd what kinds of files should be examined to see if they
contain server-side includes. Obviously, things like images will not
contain them, so it would be a waste of time and effort for httpd
to try to find them there.
The line you use to tell httpd what files to examine looks like this:
AddType text/x-server-parsed-html .suffixwhere .suffix is the file name suffix that files with server-side includes will have. If you want to have more than one type of file (i.e., more than one file name suffix) scanned for server-side includes, just use multiple
AddType lines, one for each suffix.
When httpd accesses a file whose name ends in the suffix(es) you have chosen, it will examine the file to see if it contains server-side includes. If the file name does not end in the suffix(es) you have chosen, httpd will just send the file back to the browser without looking at its contents.
Choosing a Suffix
Recall from our discussion in the last section that examining files to see if they contain server-side includes can be a time-consuming process. If you only plan to use server-side includes in a few files, it may be wise to use a file name suffix other than .html. A convention that has been suggested by NCSA is to use the suffix .shtml for files that contain server-side includes, leaving the .html suffix for files that do not. To do this, you would use the line:AddType text/x-server-parsed-html .shtmlin your .htaccess file.
This has one disadvantage, however. The Purdue ECN httpd configuration says that the default file to access when a directory is given as a URL is called Index.html. So, personal home pages and departmental home pages all end in the suffix .html. If you rename them such that they end in .shtml, then httpd will no longer consider them the default page to access. If you plan to use server-side include files in your personal or departmental home page, you'll have to use this line in your .htaccess file:
AddType text/x-server-parsed-html .htmlThis will enable server-side include examinations on all files whose names end in .html.
Playing Tricks With .htaccess Files
In the last section, we explained that if you want to use server-side includes in personal or departmental home pages, you have to enable includes on all files whose names end in .html. However, if you only plan to use server-side includes in the homepage document itself, or perhaps only there and a couple of other documents, this can be a pretty expensive proposition -- every other HTML document will have to be examined as well (even though you know they don't contain server-side includes, httpd doesn't know that).There are two important features of .htaccess files, however, that can help us get around this problem:
- A .htaccess file applies to the directory it is contained in and all subdirectories of that directory that do not contain .htaccess files themselves.
- Options specified in a .htaccess file override any options that were specified in either the system-wide configuration file or a .htaccess file in a higher-level directory.
-
In the top-level directory (either /var/www/htdocs or
~/public-web), create a .htaccess file that turns server-side
includes on:
Options FollowSymLinks Indexes Includes
This will allow you to use server-side includes in the Index.html file.
AddType text/x-server-parsed-html .html - Keep only the Index.html file in the top-level directory. Put all other files in a subdirectory of the top-level directory.
-
In the subdirectory, create another .htaccess file, this time with
the lines:
Options FollowSymLinks Indexes Includes
The first line is simply a repeat of the
AddType text/x-server-parsed-html .shtml
AddType text/html .htmlOptionsline from the .htaccess file in the top-level directory. The second line tells httpd to look for server-side includes in files whose names end in .shtml. At this point, it will now look for server-side includes in both files whose names end in .shtml and files whose names in .html. The third line though, tells the server that files whose names end in .html should be treated as "regular" HTML files (i.e., without server-side includes). This in effect disables the previous setting from the top-level directory.
Options FollowSymLinks IndexesBy removing the word
AddType text/html .html
Includes from the Options
line, server-side includes have been turned off. However, it is
also necessary to tell httpd that .html files should now
be treated as "regular" HTML files, not HTML files that might contain
server-side includes. That's what the second line does. If you turn off
server-side includes but forget this second line, httpd will NOT turn off
the server-side includes. Your documents will still be treated as
containing server-side includes.
One other thing to remember about .htaccess files -- they apply to the directory they are in and all subdirectories of that directory. Thus, if you have a directory structure like this:
~/public-weband you place a .htaccess file in ~/public-web that turns server-side includes on, then they are on not only in the public-web directory, but also in xx, yy, zz, a, b, ..., l, m, ..., and w.
____________|___________
/ | \
xx yy zz
/ \ / \ / \
/ \ / \ / \
a b c d e f
/ \ / \ / \ / \ / \ / \
l m n o p q r s t u v w
If you place another .htaccess file in xx that turns server-side includes back off, then they are also off in a, b, l, m, n, and o.
This has another ramification -- if you only need server-side includes in a few files, and you don't need them in your homepage, you might consider just turning them on in one subdirectory. For example, if you place a .htaccess file in the d directory that turns server-side includes on, then they will be on only for files in d, r, and s. They'll still be off in all the other directories, and you won't have to worry about the performance problems.
Format of Server-Side Includes
Server-side includes are specially-formatted HTML comment lines. The fact that they are comments means that they will simply be ignored by programs that don't understand server-side includes. In particular, if you use Mosaic or lynx to preview your HTML files directly (by using a URL that starts with "file:" instead of a URL
that starts with "http:"), the server-side includes will
not appear.
The specific format of a server side include is:
<!--#command tag="value" tag="value" ... -->The available commands are:
config- Tells httpd how to process other server-side include lines. There are three legal tags:
errmsg- Controls what message is sent back to the client (browser) if an error occurs while parsing the document (i.e., if you screwed up one of the server-side include lines).
timefmt-
Controls the format of the date/time strings printed by the
echoandflastmodcommands. You use the same symbols as are used with the strftime function:%a abbreviated weekday name
For example, if you want to print the date as mm/dd/yy and leave out the time, you would say:
%A full weekday name
%b abbreviated month name
%B full month name
%c appropriate date and time representation
%C date and time representation as produced by date(1)
%d day of month ( 01 - 31 )
%D date as %m/%d/%y
%e day of month ( 1 - 31; single digits are preceded by a space)
%h abbreviated month name.
%H hour ( 00 - 23 )
%I hour ( 01 - 12 )
%j day number of year ( 001 - 366 )
%k hour ( 0 - 23; single digits are preceded by a blank)
%l hour ( 1 - 12; single digits are preceded by a blank)
%m month number ( 01 - 12 )
%M minute ( 00 - 59 )
%n same as \n
%p AM or PM
%r time as %I:%M:%S [AM|PM]
%R time as %H:%M
%S seconds ( 00 - 61 ), allows for leap seconds
%t insert a tab
%T time as %H:%M:%S
%U week number of year ( 00 - 53 ), Sunday is the first day of week 1
%w weekday number ( 0 - 6 ), Sunday = 0
%W week number of year ( 00 - 53 ), Monday is the first day of week 1
%x appropriate date representation
%X appropriate time representation
%y year within century ( 00 - 99 )
%Y year as ccyy ( for example 1986)
%Z time zone name or no characters if no time zone exists<!--#config timefmt="%m/%d/%y" -->
sizefmt-
Controls the format of the size strings printed by the
fsizecommand. Legal values arebytes, for a number formatted like 1,234,567, andabbrev, for a number abbreviated to kilobytes or megabytes as appropriate. include-
Include the named file. The file must contain HTML; you cannot include an
image or other type of file. The file can be identified with one of two
tags:
virtual-
Gives a "virtual path" to a document on the server. This path name should
be the same thing you would use in a URL for the file, but leave off the
"
http:" and the host name. file- Gives a path name relative to the current directory. You cannot use ".." in this path name, nor can you use absolute path names. This means you can only include files at the current directory level or below.
includecommand. echo-
Prints the value of one of a special set of variables. There is only one
tag,
var, which gives the name of the variable you want to print. You can print any of the variables that are defined for CGI scripts (the ones that are available in the server). You can also print the following variables: DOCUMENT_NAME- The current document file name.
DOCUMENT_URI- The virtual path to this document (e.g., /~user/foo/bar.shtml).
QUERY_STRING_UNESCAPED- The unescaped version of any search query the client sent, with all shell special characters escaped with a backslash (`\').
DATE_LOCAL-
The current date and time in the local time zone. This is printed according
to the
timefmtparameter of theconfigcommand. DATE_GMT-
The current date and time in Coordinated Universal Time (UTC), also called
Greenwich Mean Time (GMT). This is printed according to the
timefmtparameter of theconfigcommand. LAST_MODIFIED-
The last modification date/time of the current document. This is printed
according to the
timefmtparameter of theconfigcommand. fsize-
Prints the size of the specified file. The valid tags are the same as those
for the
includecommand. The format of this string is subject to thesizefmtparameter of theconfigcommand. flastmod-
Prints the last modification date/time of the specified file. The valid tags
are the same as those for the
includecommand. This is printed according to thetimefmtparameter of theconfigcommand. exec-
Execute a given shell command or CGI script. There are two legal tags:
cmd-
Execute the given string using /bin/sh. All of the variables defined
for the
echocommand will be defined in the environment. You can not capture the output of this command and include it in the document. cgi- Execute the given CGI script (which should be specified as a virtual path) and include any output from it here. The script must output HTML; it can not output images and the like. The server will interpret any URL Location: headers and translate them into HTML anchors. This is not supported on ECN web servers.
CGIs in Anchors -vs- CGIs in Server-Side Includes
There is a difference between CGI programs called through HTML anchors and CGI programs called via theexec server-side include command.
When a CGI program is called through an HTML anchor, it is not executed until the user actually clicks on the anchor. If the user ignores the anchor, the program never gets executed. For programs that produce output the user may or may not be interested in, this is quite adequate. And it's more efficient, since the program is only executed when needed.
When a CGI program is called through a server-side include though, it is
executed every time a document is accessed. The user running the
browser has no choice in the matter; httpd executes the program
and includes the output before it's sent back to the user. In fact, the
user won't even know a program was executed. This is useful in some
situations, but is much less efficient, since the program is executed
regardless of whether anyone is going to look at its output. For this
reason, the exec server-side include should be used only
sparingly, if at all.
Here is an HTML document that demonstrates the difference:
<HTML><HEAD>To access this document and see the difference, click here.
<TITLE>Finger Test<TITLE>
</HEAD><BODY>
Here is Debby's finger information
called via an HTML anchor:<BR>
<A HREF="/~debweb/finger.cgi">click here</A>
<P>
Here is Debby's finger information
called via a server-side include:<BR>
<!--#exec cgi="finger.cgi" -->
<P>
</BODY></HTML>
Sample Server-Side Includes
~/public-web/.htaccess
Options Includes
AddType text/x-server-parsed-html .html
foo.html
<html><head>
<title>Foo</title>
</head><body>
Today's date is: <!--#echo var="DATE_LOCAL" -->
<p>
</body></html>
bar.html
<html><head>
<title>Bar</title>
</head><body>
--
--
--
This document was last modified on
<!--#echo var="LAST_MODIFIED" -->
<p>
</body></html>
Config, Fsize and Flastmod Examples
<!--#flastmod virtual="this_page_doesn't_exist.html" --><br>
<!--#config errmsg="Whoops" -->
<!--#config timefmt="%m/%d/%y" -->
<!--#config sizefmt="bytes" -->
<!--#echo var="DATE_LOCAL" -->
<!--#flastmod virtual="How_do_I_use_server-side_includes.wshtml" --><br>
<!--#flastmod virtual="this_page_doesn't_exist.html" --><br>
<!--#config errmsg="" -->
<!--#flastmod virtual="this_page_doesn't_exist.html" --><br>
<!--#fsize virtual="How_do_I_use_server-side_includes.wshtml" --><br>
<!--#config sizefmt="abbrev" -->
<!--#fsize virtual="How_do_I_use_server-side_includes.wshtml" --><br>
Last Modified:
Dec 19, 2016 11:12 am US/Eastern
Created:
Mar 21, 2007 12:10 pm GMT-4
by
admin
JumpURL: