M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005.

M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 2 Homework Project part 5  Topic: web interface + any remaining loose ends  Up now  Due: end of semester Will return proj3 today  Remind me!

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 3 Agenda Programming for SQL:  DB-conn from web scripting languages  DBI/DBDs in Perl, PHP Transactions Next: Security  Secrecy  Integrity  Availability  Web issues

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 4 Goals: after this week After Today:  Have all the tools for building a DB-backed website in Perl or PHP (but will it be secure?)

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 5 Review: PHP Program Client Server HTTP Request Data for program Generated HTML HTML Image from http://www.scit.wlv.ac.uk/~jphb/cp3024/

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 6 Form example On clicking Send, we go to the same page, but with “name=99&sumbit=OK” http://pages.stern.nyu.edu/~mjohnson/dbms/perl/input.cgi Enter a number: Enter a number:

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 7 Review: dynamic webpages First option: for each request: run program, produce whole page, send back  CGI & some host language, Java Servlets, etc. Second option: create html page with missing parts; for each response, fill in the wholes and send back  Embedded scripting  PHP and others  PHP = Personal Home Page or = PHP Hypertext Processor

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 8 hello.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/hello.php Q: What the difference between and \n? Hello from PHP Here is the PHP part: \n"; ?> That's it! Hello from PHP Here is the PHP part: \n"; ?> That's it!

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 9 hello2.php Script errors, w/ and w/o display_errors on:  http://pages.stern.nyu.edu/~mjohnson/dbms/perl/hello2.php http://pages.stern.nyu.edu/~mjohnson/dbms/perl/hello2.php  http://pages.stern.nyu.edu/~mjohnson/dbms/php/hello2.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/hello2.php Local dir must contain.htaccess:  Automatically load GET/POST params as vars  http://pages.stern.nyu.edu/~mjohnson/dbms/php/.htaccess http://pages.stern.nyu.edu/~mjohnson/dbms/php/.htaccess php_flag display_errors on php_flag register_globals on php_flag display_errors on php_flag register_globals on

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 10 More on PHP Somewhat C-like, somewhat Perl-like Case-sensitive Strings:  Concatenation op:.  Single, double quotes similar to Perl Comments:  # Unix shell-style  /* */ C-style  // C++-style Output:  echo(“hi there”);  print(“hi there”);  C’s printf

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 11 PHP vars Similar to those of Perl, except no “my”  http://pages.stern.nyu.edu/~mjohnson/dbms/php/math.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/math.php <? $num1 = 58; $num2 = 67; print "First number ". $num1. " "; print "Second number ". $num2. " "; $total = $num1 + $num2; print "The sum is ". $total. " "; ?> <? $num1 = 58; $num2 = 67; print "First number ". $num1. " "; print "Second number ". $num2. " "; $total = $num1 + $num2; print "The sum is ". $total. " "; ?>

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 12 Combining PHP and HTML http://pages.stern.nyu.edu/~mjohnson/dbms/php/combine.php <?php for($z=0;$z<=5;$z++) { ?> Iteration number <? } ?> <?php for($z=0;$z<=5;$z++) { ?> Iteration number <? } ?>

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 13 PHP info PHP does not have both string and number ops like Perl Number ops treat (number) strings as numbers, regular strings as strings  http://pages.stern.nyu.edu/~mjohnson/dbms/php/test.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/test.php Info function displays lots of server info:  http://pages.stern.nyu.edu/~mjohnson/dbms/php/info.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/info.php

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 14 PHP & MySQL PHP 5 has a DBI/JDBC-like interface Our version/setup uses a proprietary lib: 1. Open a connection and open our DB: 2. Run query: $db = mysql_connect("mysql2.stern.nyu.edu:3306", user, pass); mysql_select_db("test", $db); $db = mysql_connect("mysql2.stern.nyu.edu:3306", user, pass); mysql_select_db("test", $db); $result = mysql_query($query,$db);

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 15 PHP & MySQL 3. Extract next row of data from statement, if available:  What this means: myrow is an array that can then be accessed  Other options, but this should suffice In general, to scroll through results, do: $myrow = mysql_fetch_row($result) while ($myrow = mysql_fetch_row($result)) # print row’s data while ($myrow = mysql_fetch_row($result)) # print row’s data

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 16 Limit: PHP webpages that do something Semi-interesting Perl script:  http://pages.stern.nyu.edu/~mjohnson/dbms/php/lookup.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/lookup.php  Non-trivial but not huge: ~60 lines, but much of it’s plain html Works with two-column (a,b) table Takes input from user Returns rows whose a field contains value If no/empty input, returns all rows  Bad idea in general!

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 17 lookup.php: port of lookup.cgi Two possible situations for running script: 1. Page opened for the first time 2. User entered parameter and pressed button Structure of file: 1. Print input box and button for next search  On button click, parameter is sent to this page’s url 2. (Try to) read input parameter 3. Open MySQL connection 4. Run query 5. Print results in a table 6. Disconnect from MySQL

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 18 Insert/delete Perl/PHP example Similar to search example NB: form has two buttons http://pages.stern.nyu.edu/~mjohnson/dbms/perl/update.cgi http://pages.stern.nyu.edu/~mjohnson/dbms/perl/updatecgi.txt http://pages.stern.nyu.edu/~mjohnson/dbms/php/update.php http://pages.stern.nyu.edu/~mjohnson/dbms/php/updatephp.txt

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 19 Master-detail Perl/PHP example Idea: display list of regions;  When region clicked on, display its countries Mechanism: pass GET param in link, not with a FORM http://pages.stern.nyu.edu/~mjohnson/dbms/php/cia.php?id= http://pages.stern.nyu.edu/~mjohnson/dbms/php/ciaphp.txt http://pages.stern.nyu.edu/~mjohnson/dbms/perl/cia.cgi http://pages.stern.nyu.edu/~mjohnson/dbms/perl/cia.pl

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 20 Tutorials on PHP Some material drawn from the following good tutorials: http://php.net PHP introduction and examples:  http://www.scit.wlv.ac.uk/~jphb/sst/php/ http://www.scit.wlv.ac.uk/~jphb/sst/php/ Interactive PHP with database access:  http://www.scit.wlv.ac.uk/~jphb/sst/php/gazdb.html http://www.scit.wlv.ac.uk/~jphb/sst/php/gazdb.html Longer PHP/MySQL Tutorial from webmonkey:  http://hotwired.lycos.com/webmonkey/99/21/index2a.html http://hotwired.lycos.com/webmonkey/99/21/index2a.html Nice insert/update/delete example from webmonkey:  http://hotwired.lycos.com/webmonkey/99/21/index3a.html http://hotwired.lycos.com/webmonkey/99/21/index3a.html MySQL/Perl/PHP page from U-Wash:  http://www.washington.edu/computing/web/publishing/mysql-script.html http://www.washington.edu/computing/web/publishing/mysql-script.html

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 21 Pros & cons PHP v. Perl v. Java servlets v. …:  http://www.developerspot.com/tutorials/php/server -side-scripting-language/ http://www.developerspot.com/tutorials/php/server -side-scripting-language/ PHP is fast Perl has JDBC-like DBI/DBD interface PHP is fast Perl is good for much more than web dev

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 22 Advice for use of novel languages 1. Rerun often  Don’t write the whole thing and then try to run 2. Use frequent prints to be sure of var vals (While debugging) 3. When stuck, picture continuum from your current program to some other program  other prog. works but doesn’t do what you want  change either/both, step by step, until they meet in the middle 4. Google is your friend Search for error messages, situations

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 23 That’s really all, folks! Q: Is this enough to get a job coding PHP? A: Again, probably not. But: most jobs are just programming-in-PHP or administering-Oracle  Being able to acquire new skills when needed is a good thing But: again pretty easy to produce a semi-interested site with a few copies of lookup.php and cia.php. Don’t like PHP either? Lots of other choices, but again, you’re strongly discouraged from using something else for your project unless you know what you’re doing.

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 24 New-old topic: Transactions So far, have simply issued commands  Ignored xacts Recall, though: an xact is an operation/set of ops executed atomically  In one instant ACID test:  Xacts are atomic  Each xact (not each statement) must leave the DB consistent

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 25 Default xact behavior An xact begins upon login By default, xact lasts until logoff  Except for DDL statements  They automatically commit Examples with two views of emp…

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 26 Direct xact instructions At any point, may explicitly COMMIT:  SQL> COMMIT;  Saves all statements entered up to now  Begins new xact Conversely, can ROLLBACK  SQL> ROLLBACK;  Cancels all statements entered since start of xact Example: delete from emp; or delete junk;

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 27 Direct xact instructions Remember, DDL statements are auto- committed  They cannot be rollbacked Examples: Q: Why doesn’t rollback “work”? drop table junk; rollback; drop table junk; rollback; truncate table junk; rollback; truncate table junk; rollback;

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 28 Savepoints Xacts are atomic Can rollback to beginning of current xact But might want to rollback only part way Make 10 changes, make one bad change Want to: roll back to before last change Don’t have Word-like multiple undo  But do have savepoints

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 29 Savepoints Create a savepoint: emp example: --changes SAVEPOINT sp1; --changes SAVEPOINT sp2; --changes SAVEPOINT sp3 --changes ROLLBACK TO sp2; ROLLBACK TO sp1; --changes SAVEPOINT sp1; --changes SAVEPOINT sp2; --changes SAVEPOINT sp3 --changes ROLLBACK TO sp2; ROLLBACK TO sp1; SAVEPOINT savept_name; Can skip savepoints But can ROLLBACK only backwards Can ROLLBACK only to last COMMIT

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 30 AUTOCOMMIT Finally, can turn AUTOCOMMIT on:  SQL> SET AUTOCOMMIT ON;  Can put this in your config file  Can specify through JDBC, etc. Then each statement is auto-committed as its own xact  Not just DDL statements

M.P. Johnson, DBMS, Stern/NYU, Spring 2005 31 For next time Read chapter 21  Lots of interesting security topics Start proj5!

M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005.

Similar presentations

Presentation on theme: "M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005.

Similar presentations

Presentation on theme: "M.P. Johnson, DBMS, Stern/NYU, Spring 20051 C20.0046: Database Management Systems Lecture #22 M.P. Johnson Stern School of Business, NYU Spring, 2005."— Presentation transcript:

Similar presentations

About project

Feedback