ISAPI extensions allow you to access the operating system on your web server (including API calls) while still communicating with your web site through the response object. In this article Raj gives us a nice introduction to ISAPI and also shows us two examples that he's made with Delphi and Paradox. The examples implement a simple login system and utilize a database. Even if you don't know Deplhi then you'll still be able to pick up the basics of ISAPI in a flash!
An Introduction To ISAPI - ISAPI Database Example (Page 3 of 4 )
Before beginning our database application, we need a database to access. I've included a copy of the database I'll be using in this example with the source code for this article. If you like, you can create this database yourself or you can just follow along with this tutorial. The database is a Paradox 7 database named "users.db". It contains the following fields: "User", "Password", "Special Comments", and "Key". All four fields are strings. We must also create an "alias" in the BDE for this database. I named mine "ISAPI_Example". (NOTE: Delphi comes with a tool to assist in creating databases: Database Desktop. Within this application, itís very easy to create a database and then define the fields for that database).
Like in our previous example, we create our new project from File->New Project->Other...->ISAPI/NSAPI Dynamic Link Library. Our WebModule loads and we can begin altering the application. The simple ISAPI extension we'll make is one that, when called, provides a login form which submits to another action called "PostLogin". After submission, it checks the login information against the database, and if the data matches it outputs the "Special Comments" field for that user. On a successful login, the "key" field of the database will be edited to include a randomly generated number. Two cookies will then be set, one for the "username" value and the other for the "key" value.
This will allow the user to access other areas of the site without having to log back in every time. Our main login form will check for the cookies, and, if they exist and are correct, the user will then be directed to the post-login page. Another function, logoff, will delete the cookies.
Before defining our functions, we should create our TTable component - this will allow for our database access. We create an instance of this component in the WebModule. We then define the properties: Name = UsersDB, DatabaseName = Users (or whatever you named your alias), TableName = users.db, Active = false.
The following actions/functions will be included (as described above):
if UsersDB.fieldbyname('key').asstring = request.CookieFields.values['key'] then
response.sendredirect(request.ScriptName + '/main'); //This will override the content from response.content
UsersDB.Active := false; //Always be sure to stop the database to avoid errors/corruption.
The next step is to create the "Main" action. It'll first check the authentication based on the cookies and the "key" value in the database. Then, if the authentication passed, it will output the "Special Comments" field from the database and include a link to "Logoff". Here's our definition for the "Main" action:
This basically provides the entire application. The reason I've provided the source code rather than just outlining it is because you can follow along using the comments in the source code to help you understand what's going on at various points throughout our ISAPI application. To see a working version of this application, click here. You can login with tue username Guest and password Guest.