A Gentle Introduction to JavaScript

By Dori Smith

Welcome to my new Macworld.com JavaScript column! I'll be writing an introductory-level monthly piece, with the goal of teaching JavaScript to those of you who've worked with HTML before and are now thinking about taking that next step forward. To start with, I'll cover what JavaScript is (and isn't).

What is JavaScript?

JavaScript is what's known as a scripting language, which means that it is (in general) easier to learn than a full-blown programming language such as C++ or Java. You don't need any special tools, programs, or compilers to write JavaScript; whatever you're currently using to write HTML should work just fine. Personally, I prefer to use Bare Bones Software's BBEdit, but WYSIWYG tools such as Adobe GoLive and Macromedia Dreamweaver work fine, too. Some people are happy coding their pages with SimpleText, but that's a little too minimalist for my taste. If you don't have any of these (except SimpleText, of course), check out the freeware BBEdit Lite.

JavaScript can be used to make your web pages interactive and dynamic. A static HTML page without any JavaScript just sits there — if a visitor returns to your site next week, it'll look exactly the same as it did today. With JavaScript, you can display different images, give feedback on forms, control the user's browser, and manage framed sites. Overall, you use JavaScript to give the user feedback: the feeling that your site is responsive to their actions.

The most common use of JavaScript is the ubiquitous image rollover. It's gotten to the point on the web where if you don't use JavaScript to change your clickable buttons, some users won't click on them, as they won't realize that they have that option. Image rollovers have become a de facto web user interface standard, so you should use them if you want to give your visitors the experience they expect.

Other feats you can do with images include slide shows, displaying random graphics, and making images move around the browser window. With JavaScript and forms, you can validate that the information has been entered correctly, cross-check fields against each other, and use one field to set another. With JavaScript and frames, you can force your site either into or out of a frame set, as well as to use information in one frame to change the display of another. You can also change your page based on the date, time, browser, available plug-ins, and/or platform of your site's visitors.

JavaScript is sometimes also referred to as JScript or ECMAScript. These aren't exactly the same languages as JavaScript, but the name JavaScript is often used to include them, too.

JScript: After Netscape came out with JavaScript, fans of the language wanted to know when Microsoft was going to come out with a comparable language in Internet Explorer. They first said that couldn't, as JavaScript was owned by Netscape, but they finally produced their own version called JScript. JavaScript and JScript are very similar, but they have definite differences that can create traps for the incautious.

ECMAScript: Due to the differences between JavaScript and JScript, Netscape was urged to turn JavaScript over to a standards body, to create a standardized version of the language. There are a number of well-known standards bodies, but Netscape instead went with ECMA, the European Computer Manufacturer's Association. The scripting language that resulted is known as ECMAScript or ECMA-262, as it was the 262nd standard produced by the group. And now, both companies argue over which has better ECMAScript compliance.

What isn't JavaScript?

There are a number of common misconceptions about JavaScript. Let's clear them up now.

JavaScript isn't Java. At one time, Netscape added a little scripting language to Navigator 2, which they called LiveScript. They had high hopes for this language, but hardly anyone paid any attention to it — most of the mindshare was being given to a new language called Java, which had been recently released by Sun Microsystems. At that point, if you believed some of the press reports, Java was going to cure cancer, feed the hungry, and bring about world peace. How could a new little scripting language compete against that? The marketing department at Netscape decided that it was better to switch than fight, and (with permission from Sun) changed the name of LiveScript to JavaScript. After that, getting attention became much easier. Unfortunately, this led to the common side effect that many people think that they're the same language, or that JavaScript is a "light" version of Java, or that Sun invented JavaScript. None of these stories are true, and the only thing that the two have in common are the first four letters.

JavaScript isn't a security risk. This myth started due to a number of horror stories that tried to convince everyone that they should turn JavaScript off because otherwise, bad, bad things could happen to you. The stories just aren't true. There are no verified reports of anyone, ever, using JavaScript by itself in a way that creates a security hole on a live site. And in every case where someone has written an exploit using JavaScript combined with a server-side program, the hack could have been done just as well without JavaScript. So go ahead and turn JavaScript on; it won't bite.

JavaScript can't do everything. While I wish that JavaScript could, it can't. JavaScript can't read from or write to your hard drive, and JavaScript can't send email. JavaScript also can't get rid of the need for server-side programs; for instance, you can't use it to keep track of visit counters or store form info in a database.

With this as background, you'll be ready to start coding in the next column.