Chapter 8. System Adminstration via ASP

In the first seven chapters, we built—from scratch—a fully functional, dynamic, database-driven Web site using Active Server Pages. However, we haven't even considered how we're going to maintain the underlying database.

Sure, we could just have our administrator enter the information directly into the database. Access isn't too tough to use, after all. But you'll rarely be running a really major site using Access. In most cases, you'll be dealing with a much more powerful database (such as SQL Server or Oracle) and you'll need some way to update it. That means building screens for your users (even in Access) and training them on a new environment. Why go through all of that hassle when you have perfectly good Web skills that you can use?

Besides, if you build a Web interface for your administration, you (or whoever is maintaining the site) can administer it from anywhere! This kind of thin client architecture is becoming more and more common as people realize how much easier training and maintenance are. After all, if you have 500 people using a traditional client application, that means that they have a program on their computer that they have to fire up to use it. What happens if you want to change that program? Are you going to install the new software 500 times? Wouldn't it be better if you could just change the site once and be done with it?

Of course, the thin client architecture isn't without its problems. Security is much more of an issue when your database is being accessed over the web, and security features, as well as those dealing with concurrency in the database, are not necessarily as well developed as those in a traditional client-server application. That's not to say they're not sufficient, but if you're dealing with sensitive information, you'll need to keep this in mind. As we build our administration pages, we'll look at some of the issues that need to be considered.

That's what we're going to do in this chapter. Information in the database needs to be added, removed, and edited. We'll look at ways to accomplish this in the browser without compromising security or usability.