Template or SSI?

Not really. The difference is that DW templates compile the pages through the program (on your hard drive) and not through the server. The biggest problem with this is that the template functionality is only available within Dreamweaver - if you ever wanted to edit the site in another program that functionality wouldn't be available. I guess that's kind of obvious though. One benefit is that you don't need a server installed on your computer to preview the pages as they'll be seen on the web which could be an attractive factor.

I've only fiddled around a little with templates since I usually use SSI's as well. However, I did find that the templates did work a little better within DW - more seamless integration with the program. If you're sure that you'll only ever want to edit the site in DW it may not be a bad idea to try them.

Hope that helps!

Does one take up more space on the server?
Can you only edit the template in DW - or just the DW that it was created in?
Can the template be updated in something like notepad?

Thanks!

The files would take up more space on the server using DW templates since the pages are whole static html pages.

Thanks guys!
What babout the other two questions? Any ideas?

I'm not a DW users but I'd think any DW would do it, the versions could be an issue thou (older versions unable to edit later versions stuff, kinda like MS Word)

Quote: Originally posted by Brooke
Does one take up more space on the server?
Can you only edit the template in DW - or just the DW that it was created in?
Can the template be updated in something like notepad?

Thanks!

1. Templates would take up more space on the server, yes, since the include is stored within each individual page (as Suzanne said) whereas an SSI is one file called by the server to go into each individual page. However, this does mean that with SSI's the server has more work to do, and it could cause some speed issues (normally not significant IME).

2. I would be surprised if older versions of DW weren't able to edit the templates. You could probably use any DW that supports the template. AFAIK they haven't changed since v. 3 or so. (I think this is what you were asking ???). As long as the template file is accessable to the program where is should be any DW should be able to edit it.

3. You can edit in any text editor - it's just an html page with a DWT extension. Make sure to leave the comments that tell DW where the template starts and finishes. HOWEVER, since the work of including the template into the pages is done in DW, you will have to open your site in DW again and make sure the updated template is applied to all pages.

Sorry it took me so long to answer agian - I wanted to wait until I got home and had a DWT file to look at.

Oooooohhhh - I see. You are right. It has to be opened in DW again to make sure that the template is applied. I have found that out.

So is all of your best advice to stick with SSI's or DW or both?

It really depends on what you are doing...
Any web server can do static HTML, and you can preview HTML from your hard drive - without having a web server setup on your PC (although you could upload the files every time you need to preview).

IME when creating templates Dreamweaver will add comments to the HTML to define it's own custom "tags" for the template...This does make the file a little larger, and make it obvious that you use Dreamweaver. Whilst SSI are far more elegant from a programming point of view. Personally I find Dreamweaver templates to be a little too ad-hoc, and are not exactly a global standard for Web Design!

if you are working on a static website - go with templates. if you plan to use some scripts embedded in your pages - use SSI.

as far as website performance goes (how fast is it loaded) - it doesn't make much difference, unless you have hundreds or thousands of SSI includes per page.

Okay - that advice all sounds great. Thank you all!

Eh, I realise I am late to this thread, but SSIs do have some security concerns you should be aware of. A brief introductory discussion of these issues is covered HERE.

I prefer to have my header, footer, and whatever else templates be .js files for that reason. Course, the downside of that strategy is that some people turn scripting off in their browsers.

Well, that's sort of an extreme reaction -- the issue is that when you allow exec includes, there is a security hole, but you don't use exec to include static files, nor even SSI scripted files...

In order for SSI includes to be a risk, a number of things must hold true, including that the person wanting to take advantage knows how to get through -- because the documents are parsed on the server, this information should not be viewable through viewsource in the browser.

Regardless, .js files are worse. They are not only user concerns for being able to navigate the site, they will severely damage your search engine results, as they will not go traipsing through .js files.

SSI through Apache, using PHP, et cetera, do have issues, the largest of which is CPU usage, not security risk.

If you want to use templates and minimize CPU usage, you can use DW, or use an approximation by making your own PHP interface that will do the same job. Basically it will allow you to access php files on the server, but will save them as .html files so they appear to be static and will not be parsed when visited by spiders and users.

Suzanne,

The problem is people not realizing that, unless explicitly shut off, executables are allowed in SSIs and then having a form on the page. Good luck untainting a comments field -- if your the one writing the script rather than somebody using a canned script.

What you don't know will clobber you every time... the mere fact that this thread never discussed the security issues of SSIs is exactly why danger lies in their use.

Good point about search engines getting flummoxed by .js files though.

Well form security is a whole other issue, eh?

Nothing wrong with discussing potential security issues, but lets actually give people something they can use. If they are hosted, as most are, they will not be able to edit the file in the first place to determine the situation.

That's why templates are so useful, though they take up more space on the server and take more time to administer, they avoid most of the security issues that are inherent in using ANY server-side processing language.

Quote: Originally posted by Suzanne
Well form security is a whole other issue, eh?

Whoo-Hooo... a flame war over SSIs instead of Flash!

Well, I think security is an issue that ALWAYS needs to be considered and planned for. Yes, they may not be able to edit the server-side scripts (although every host I've ever used for a serious site has included it's own cgi-bin), but they still need to understand the issues involved with them.

The bidownside of SSIs is they can be instantly deadly from a security standpoint if they are coupled with forms. People need to know that when they are making decision as to whether to use them or not. At the very least, maybe they'll then have the sense to drop a .htaccess file shutting of SSI in a directory where they've isolated any pages with forms.

Anyhoo... don't really want to beat a dead horse. I just think known security concerns should always be aired to help decisions be fully informed.

lol, no flaming here. information is power.

That's very true Suzanne...I've never experienced any flaming on this forum.

Thanks for sharing that knowledge...Not being too experienced at SSI I could have made a big mistake! Any other pearls of server side scripting knowledge I should know about?

Shouldn't that be perls of server-side scripting? Nyuk, nyuk, nyuk.

...bleh, would somebody please slap me for actually typing in that lame joke.

*poke*

no slapping, but that was a bad one, lol...