1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
7 --><title>Apache Tutorial: Introduction to Server Side Includes - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body id="manual-page"><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a></div><div id="page-content"><div id="preamble"><h1>Apache Tutorial: Introduction to Server Side Includes</h1>
8 <p>Server-side includes provide a means to add dynamic content to
9 existing HTML documents.</p>
10 </div><div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#related">Introduction</a></li><li><img alt="" src="../images/down.gif" /> <a href="#what">What are SSI?</a></li><li><img alt="" src="../images/down.gif" /> <a href="#configuring">Configuring your server to permit SSI</a></li><li><img alt="" src="../images/down.gif" /> <a href="#basic">Basic SSI directives</a></li><li><img alt="" src="../images/down.gif" /> <a href="#additionalexamples">Additional examples</a></li><li><img alt="" src="../images/down.gif" /> <a href="#config">What else can I config?</a></li><li><img alt="" src="../images/down.gif" /> <a href="#exec">Executing commands</a></li><li><img alt="" src="../images/down.gif" /> <a href="#advanced">Advanced SSI techniques</a></li><li><img alt="" src="../images/down.gif" /> <a href="#conclusion">Conclusion</a></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="related" id="related">Introduction</a></h2>
11 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_include.html">mod_include</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="../mod/mod_expires.html">mod_expires</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mod_include.html#xbithack">XBitHack</a></code></li><li><code class="directive"><a href="../mod/mod_mime.html#addtype">AddType</a></code></li><li><code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code></li><li><code class="directive"><a href="../mod/mod_setenvif.html#browsermatchnocase">BrowserMatchNoCase</a></code></li></ul></td></tr></table>
13 <p>This article deals with Server Side Includes, usually called
14 simply SSI. In this article, I'll talk about configuring your
15 server to permit SSI, and introduce some basic SSI techniques
16 for adding dynamic content to your existing HTML pages.</p>
18 <p>In the latter part of the article, we'll talk about some of
19 the somewhat more advanced things that can be done with SSI,
20 such as conditional statements in your SSI directives.</p>
22 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="what" id="what">What are SSI?</a></h2>
24 <p>SSI (Server Side Includes) are directives that are placed in
25 HTML pages, and evaluated on the server while the pages are
26 being served. They let you add dynamically generated content to
27 an existing HTML page, without having to serve the entire page
28 via a CGI program, or other dynamic technology.</p>
30 <p>The decision of when to use SSI, and when to have your page
31 entirely generated by some program, is usually a matter of how
32 much of the page is static, and how much needs to be
33 recalculated every time the page is served. SSI is a great way
34 to add small pieces of information, such as the current time.
35 But if a majority of your page is being generated at the time
36 that it is served, you need to look for some other
38 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="configuring" id="configuring">Configuring your server to permit SSI</a></h2>
41 <p>To permit SSI on your server, you must have the following
42 directive either in your <code>httpd.conf</code> file, or in a
43 <code>.htaccess</code> file:</p>
44 <div class="example"><p><code>
48 <p>This tells Apache that you want to permit files to be parsed
49 for SSI directives. Note that most configurations contain
50 multiple <code class="directive"><a href="../mod/core.html#options">Options</a></code> directives
51 that can override each other. You will probably need to apply the
52 <code>Options</code> to the specific directory where you want SSI
53 enabled in order to assure that it gets evaluated last.</p>
55 <p>Not just any file is parsed for SSI directives. You have to
56 tell Apache which files should be parsed. There are two ways to
57 do this. You can tell Apache to parse any file with a
58 particular file extension, such as <code>.shtml</code>, with
59 the following directives:</p>
60 <div class="example"><p><code>
61 AddType text/html .shtml<br />
62 AddOutputFilter INCLUDES .shtml
65 <p>One disadvantage to this approach is that if you wanted to
66 add SSI directives to an existing page, you would have to
67 change the name of that page, and all links to that page, in
68 order to give it a <code>.shtml</code> extension, so that those
69 directives would be executed.</p>
71 <p>The other method is to use the <code class="directive"><a href="../mod/mod_includes.html#xbithack">XBitHack</a></code> directive:</p>
72 <div class="example"><p><code>
76 <p><code class="directive"><a href="../mod/mod_includes.html#xbithack">XBitHack</a></code>
77 tells Apache to parse files for SSI
78 directives if they have the execute bit set. So, to add SSI
79 directives to an existing page, rather than having to change
80 the file name, you would just need to make the file executable
81 using <code>chmod</code>.</p>
82 <div class="example"><p><code>
83 chmod +x pagename.html
86 <p>A brief comment about what not to do. You'll occasionally
87 see people recommending that you just tell Apache to parse all
88 <code>.html</code> files for SSI, so that you don't have to
89 mess with <code>.shtml</code> file names. These folks have
90 perhaps not heard about <code class="directive"><a href="../mod/mod_includes.html#xbithack">XBitHack</a></code>. The thing to
91 keep in mind is that, by doing this, you're requiring that
92 Apache read through every single file that it sends out to
93 clients, even if they don't contain any SSI directives. This
94 can slow things down quite a bit, and is not a good idea.</p>
96 <p>Of course, on Windows, there is no such thing as an execute
97 bit to set, so that limits your options a little.</p>
99 <p>In its default configuration, Apache does not send the last
100 modified date or content length HTTP headers on SSI pages,
101 because these values are difficult to calculate for dynamic
102 content. This can prevent your document from being cached, and
103 result in slower perceived client performance. There are two
104 ways to solve this:</p>
107 <li>Use the <code>XBitHack Full</code> configuration. This
108 tells Apache to determine the last modified date by looking
109 only at the date of the originally requested file, ignoring
110 the modification date of any included files.</li>
112 <li>Use the directives provided by
113 <code class="module"><a href="../mod/mod_expires.html">mod_expires</a></code> to set an explicit expiration
114 time on your files, thereby letting browsers and proxies
115 know that it is acceptable to cache them.</li>
117 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="basic" id="basic">Basic SSI directives</a></h2>
119 <p>SSI directives have the following syntax:</p>
120 <div class="example"><p><code>
121 <!--#element attribute=value attribute=value ... -->
124 <p>It is formatted like an HTML comment, so if you don't have
125 SSI correctly enabled, the browser will ignore it, but it will
126 still be visible in the HTML source. If you have SSI correctly
127 configured, the directive will be replaced with its
130 <p>The element can be one of a number of things, and we'll talk
131 some more about most of these in the next installment of this
132 series. For now, here are some examples of what you can do with
135 <h3><a name="todaysdate" id="todaysdate">Today's date</a></h3>
137 <div class="example"><p><code>
138 <!--#echo var="DATE_LOCAL" -->
141 <p>The <code>echo</code> element just spits out the value of a
142 variable. There are a number of standard variables, which
143 include the whole set of environment variables that are
144 available to CGI programs. Also, you can define your own
145 variables with the <code>set</code> element.</p>
147 <p>If you don't like the format in which the date gets printed,
148 you can use the <code>config</code> element, with a
149 <code>timefmt</code> attribute, to modify that formatting.</p>
151 <div class="example"><p><code>
152 <!--#config timefmt="%A %B %d, %Y" --><br />
153 Today is <!--#echo var="DATE_LOCAL" -->
157 <h3><a name="lastmodified" id="lastmodified">Modification date of the file</a></h3>
159 <div class="example"><p><code>
160 This document last modified <!--#flastmod file="index.html" -->
163 <p>This element is also subject to <code>timefmt</code> format
167 <h3><a name="cgi" id="cgi">Including the results of a CGI program</a></h3>
169 <p>This is one of the more common uses of SSI - to output the
170 results of a CGI program, such as everybody's favorite, a ``hit
173 <div class="example"><p><code>
174 <!--#include virtual="/cgi-bin/counter.pl" -->
178 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="additionalexamples" id="additionalexamples">Additional examples</a></h2>
181 <p>Following are some specific examples of things you can do in
182 your HTML documents with SSI.</p>
184 <h3><a name="docmodified" id="docmodified">When was this document
187 <p>Earlier, we mentioned that you could use SSI to inform the
188 user when the document was most recently modified. However, the
189 actual method for doing that was left somewhat in question. The
190 following code, placed in your HTML document, will put such a
191 time stamp on your page. Of course, you will have to have SSI
192 correctly enabled, as discussed above.</p>
193 <div class="example"><p><code>
194 <!--#config timefmt="%A %B %d, %Y" --><br />
195 This file last modified <!--#flastmod file="ssi.shtml" -->
198 <p>Of course, you will need to replace the
199 <code>ssi.shtml</code> with the actual name of the file that
200 you're referring to. This can be inconvenient if you're just
201 looking for a generic piece of code that you can paste into any
202 file, so you probably want to use the
203 <code>LAST_MODIFIED</code> variable instead:</p>
204 <div class="example"><p><code>
205 <!--#config timefmt="%D" --><br />
206 This file last modified <!--#echo var="LAST_MODIFIED" -->
209 <p>For more details on the <code>timefmt</code> format, go to
210 your favorite search site and look for <code>strftime</code>. The
211 syntax is the same.</p>
214 <h3><a name="footer" id="footer">Including a standard footer</a></h3>
217 <p>If you are managing any site that is more than a few pages,
218 you may find that making changes to all those pages can be a
219 real pain, particularly if you are trying to maintain some kind
220 of standard look across all those pages.</p>
222 <p>Using an include file for a header and/or a footer can
223 reduce the burden of these updates. You just have to make one
224 footer file, and then include it into each page with the
225 <code>include</code> SSI command. The <code>include</code>
226 element can determine what file to include with either the
227 <code>file</code> attribute, or the <code>virtual</code>
228 attribute. The <code>file</code> attribute is a file path,
229 <em>relative to the current directory</em>. That means that it
230 cannot be an absolute file path (starting with /), nor can it
231 contain ../ as part of that path. The <code>virtual</code>
232 attribute is probably more useful, and should specify a URL
233 relative to the document being served. It can start with a /,
234 but must be on the same server as the file being served.</p>
235 <div class="example"><p><code>
236 <!--#include virtual="/footer.html" -->
239 <p>I'll frequently combine the last two things, putting a
240 <code>LAST_MODIFIED</code> directive inside a footer file to be
241 included. SSI directives can be contained in the included file,
242 and includes can be nested - that is, the included file can
243 include another file, and so on.</p>
246 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="config" id="config">What else can I config?</a></h2>
249 <p>In addition to being able to <code>config</code> the time
250 format, you can also <code>config</code> two other things.</p>
252 <p>Usually, when something goes wrong with your SSI directive,
253 you get the message</p>
254 <div class="example"><p><code>
255 [an error occurred while processing this directive]
258 <p>If you want to change that message to something else, you
259 can do so with the <code>errmsg</code> attribute to the
260 <code>config</code> element:</p>
261 <div class="example"><p><code>
262 <!--#config errmsg="[It appears that you don't know how to use SSI]" -->
265 <p>Hopefully, end users will never see this message, because
266 you will have resolved all the problems with your SSI
267 directives before your site goes live. (Right?)</p>
269 <p>And you can <code>config</code> the format in which file
270 sizes are returned with the <code>sizefmt</code> attribute. You
271 can specify <code>bytes</code> for a full count in bytes, or
272 <code>abbrev</code> for an abbreviated number in Kb or Mb, as
274 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="exec" id="exec">Executing commands</a></h2>
277 <p>I expect that I'll have an article some time in the coming
278 months about using SSI with small CGI programs. For now, here's
279 something else that you can do with the <code>exec</code>
280 element. You can actually have SSI execute a command using the
281 shell (<code>/bin/sh</code>, to be precise - or the DOS shell,
282 if you're on Win32). The following, for example, will give you
283 a directory listing.</p>
284 <div class="example"><p><code>
286 <!--#exec cmd="ls" --><br />
290 <p>or, on Windows</p>
291 <div class="example"><p><code>
293 <!--#exec cmd="dir" --><br />
297 <p>You might notice some strange formatting with this directive
298 on Windows, because the output from <code>dir</code> contains
299 the string ``<<code>dir</code>>'' in it, which confuses
302 <p>Note that this feature is exceedingly dangerous, as it will
303 execute whatever code happens to be embedded in the
304 <code>exec</code> tag. If you have any situation where users
305 can edit content on your web pages, such as with a
306 ``guestbook'', for example, make sure that you have this
307 feature disabled. You can allow SSI, but not the
308 <code>exec</code> feature, with the <code>IncludesNOEXEC</code>
309 argument to the <code>Options</code> directive.</p>
310 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="advanced" id="advanced">Advanced SSI techniques</a></h2>
313 <p>In addition to spitting out content, Apache SSI gives you
314 the option of setting variables, and using those variables in
315 comparisons and conditionals.</p>
317 <h3><a name="caveat" id="caveat">Caveat</a></h3>
319 <p>Most of the features discussed in this article are only
320 available to you if you are running Apache 1.2 or later. Of
321 course, if you are not running Apache 1.2 or later, you need to
322 upgrade immediately, if not sooner. Go on. Do it now. We'll
326 <h3><a name="variables" id="variables">Setting variables</a></h3>
328 <p>Using the <code>set</code> directive, you can set variables
329 for later use. We'll need this later in the discussion, so
330 we'll talk about it here. The syntax of this is as follows:</p>
331 <div class="example"><p><code>
332 <!--#set var="name" value="Rich" -->
335 <p>In addition to merely setting values literally like that,
336 you can use any other variable, including, for example,
337 environment variables, or some of the variables we discussed in
338 the last article (like <code>LAST_MODIFIED</code>, for example)
339 to give values to your variables. You will specify that
340 something is a variable, rather than a literal string, by using
341 the dollar sign ($) before the name of the variable.</p>
342 <div class="example"><p><code>
343 <!--#set var="modified" value="$LAST_MODIFIED" -->
346 <p>To put a literal dollar sign into the value of your
347 variable, you need to escape the dollar sign with a
349 <div class="example"><p><code>
350 <!--#set var="cost" value="\$100" -->
353 <p>Finally, if you want to put a variable in the midst of a
354 longer string, and there's a chance that the name of the
355 variable will run up against some other characters, and thus be
356 confused with those characters, you can place the name of the
357 variable in braces, to remove this confusion. (It's hard to
358 come up with a really good example of this, but hopefully
359 you'll get the point.)</p>
360 <div class="example"><p><code>
361 <!--#set var="date" value="${DATE_LOCAL}_${DATE_GMT}" -->
365 <h3><a name="conditional" id="conditional">Conditional expressions</a></h3>
368 <p>Now that we have variables, and are able to set and compare
369 their values, we can use them to express conditionals. This
370 lets SSI be a tiny programming language of sorts.
371 <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> provides an <code>if</code>,
372 <code>elif</code>, <code>else</code>, <code>endif</code>
373 structure for building conditional statements. This allows you
374 to effectively generate multiple logical pages out of one
377 <p>The structure of this conditional construct is:</p>
378 <div class="example"><p><code>
379 <!--#if expr="test_condition" --><br />
380 <!--#elif expr="test_condition" --><br />
381 <!--#else --><br />
385 <p>A <em>test_condition</em> can be any sort of logical
386 comparison - either comparing values to one another, or testing
387 the ``truth'' of a particular value. (A given string is true if
388 it is nonempty.) For a full list of the comparison operators
389 available to you, see the <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
390 documentation. Here are some examples of how one might use this
393 <p>In your configuration file, you could put the following
395 <div class="example"><p><code>
396 BrowserMatchNoCase macintosh Mac<br />
397 BrowserMatchNoCase MSIE InternetExplorer
400 <p>This will set environment variables ``Mac'' and
401 ``InternetExplorer'' to true, if the client is running Internet
402 Explorer on a Macintosh.</p>
404 <p>Then, in your SSI-enabled document, you might do the
406 <div class="example"><p><code>
407 <!--#if expr="${Mac} && ${InternetExplorer}" --><br />
408 Apologetic text goes here<br />
409 <!--#else --><br />
410 Cool JavaScript code goes here<br />
414 <p>Not that I have anything against IE on Macs - I just
415 struggled for a few hours last week trying to get some
416 JavaScript working on IE on a Mac, when it was working
417 everywhere else. The above was the interim workaround.</p>
419 <p>Any other variable (either ones that you define, or normal
420 environment variables) can be used in conditional statements.
421 With Apache's ability to set environment variables with the
422 <code>SetEnvIf</code> directives, and other related directives,
423 this functionality can let you do some pretty involved dynamic
424 stuff without ever resorting to CGI.</p>
426 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="conclusion" id="conclusion">Conclusion</a></h2>
428 <p>SSI is certainly not a replacement for CGI, or other
429 technologies used for generating dynamic web pages. But it is a
430 great way to add small amounts of dynamic content to pages,
431 without doing a lot of extra work.</p>
432 </div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>