CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

Slides:



Advertisements
Similar presentations
CS 185C/286: The History of Computing October 31 Class Meeting Department of Computer Science San Jose State University Fall 2011 Instructor: Ron Mak
Advertisements

Intermediate PHP & MySQL
CS 160: Software Engineering August 27 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)
CS 160: Software Engineering November 10 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
ASP.NET Programming with C# and SQL Server First Edition
PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.
Web Application Development. Define ER model in QSEE Generate SQL Create Database mySQL Write Script to use TableEditor class Process to create A simple.
 SQL stands for Structured Query Language.  SQL lets you access and manipulate databases.  SQL is an ANSI (American National Standards Institute) standard.
Web Application Development. Tools to create a simple web- editable database QSEE MySQL (or PHPMyAdmin) PHP TableEditor.
Creating Databases with MySQL Workbench Build the Forums database in Ullman’s Chapter 6.
CS 160: Software Engineering October 8 Class Meeting
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
CS 157B: Database Management Systems II January 30 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.
Chapter 7 Working with Databases and MySQL PHP Programming with MySQL 2 nd Edition.
CMPE 226 Database Systems September 16 Class Meeting Department of Computer Engineering San Jose State University Fall 2015 Instructor: Ron Mak
CS 174: Web Programming September 21 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
CS 157B: Database Management Systems II February 6 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.
PHP MySQL Introduction. MySQL is the most popular open-source database system. What is MySQL? MySQL is a database. The data in MySQL is stored in database.
Introduction to Internet Databases MySQL Database System Database Systems.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
Database: SQL and MySQL
PHP and MySQL CS How Web Site Architectures Work  User’s browser sends HTTP request.  The request may be a form where the action is to call PHP.
CS 157B: Database Management Systems II February 4 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting MySQL – Selecting Data.
CS 157B: Database Management Systems II January 28 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
CS 235: User Interface Design September 22 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
CS 160: Software Engineering October 1 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
CS 160: Software Engineering October 15 Class Meeting
CS 160: Software Engineering October 6 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
CS 174: Web Programming August 31 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
CS146 References: ORACLE 9i PROGRAMMING A Primer Rajshekhar Sunderraman
CS 174: Web Programming September 2 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting MySQL – Inserting Data.
Web Server Administration Chapter 7 Installing and Testing a Programming Environment.
CMPE 226 Database Systems September 23 Class Meeting Department of Computer Engineering San Jose State University Fall 2015 Instructor: Ron Mak
CMPE 226 Database Systems October 7 Class Meeting Department of Computer Engineering San Jose State University Fall 2015 Instructor: Ron Mak
CS 174: Web Programming September 28 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
Using SQL Connecting, Retrieving Data, Executing SQL Commands, … Svetlin Nakov Technical Trainer Software University
AL-MAAREFA COLLEGE FOR SCIENCE AND TECHNOLOGY INFO 232: DATABASE SYSTEMS CHAPTER 7 (Part II) INTRODUCTION TO STRUCTURED QUERY LANGUAGE (SQL) Instructor.
CS 174: Web Programming October 14 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
Task #1 Create a relational database on computers in computer classroom 308, using MySQL server and any client. Create the same database, using MS Access.
CHAPTER 10 PHP MySQL Database
CSC 2720 Building Web Applications Accessing MySQL from PHP.
Database: SQL, MySQL, LINQ and Java DB © by Pearson Education, Inc. All Rights Reserved.
Distribution of Marks For Second Semester Internal Sessional Evaluation External Evaluation Assignment /Project QuizzesClass Attendance Mid-Term Test Total.
CS 174: Web Programming November 2 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
Introduction to MySQL  Working with MySQL and MySQL Workbench.
Programming for the Web MySQL Command Line Using PHP with MySQL Dónal Mulligan BSc MA
CS 160 and CMPE/SE 131 Software Engineering March 10 Class Meeting Department of Computer Science Department of Computer Engineering San José State University.
 MySQL  DDL ◦ Create ◦ Alter  DML ◦ Insert ◦ Select ◦ Update ◦ Delete  DDL(again) ◦ Drop ◦ Truncate.
CS 160 and CMPE/SE 131 Software Engineering March 15 Class Meeting Department of Computer Science Department of Computer Engineering San José State University.
CS 157B: Database Management Systems II January 23 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
 MySQL is a database system used on the web  MySQL is a database system that runs on a server  MySQL is ideal for both small and large applications.
Web Systems & Technologies
CS320 Web and Internet Programming SQL and MySQL
CS 174: Server-Side Web Programming February 12 Class Meeting
ISC440: Web Programming 2 Server-side Scripting PHP 3
CS 174: Server-Side Web Programming February 14 Class Meeting
CMPE 226 Database Systems February 28 Class Meeting
CS 174: Server-Side Web Programming February 19 Class Meeting
CS3220 Web and Internet Programming SQL and MySQL
CMPE/SE 131 Software Engineering March 9 Class Meeting
MySQL Database System Installation Overview SQL summary
CS3220 Web and Internet Programming SQL and MySQL
MySQL Database System Installation Overview SQL summary
CMPE/SE 131 Software Engineering March 7 Class Meeting
Presentation transcript:

CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL to Create and Drop a Database  Create examples:  Drop examples: 2 CREATE DATABASE school3; CREATE DATABASE IF NOT EXISTS school3; DROP DATABASE school3; DROP DATABASE IF EXISTS school3;

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak CREATE TABLE class ( code INT PRIMARY KEY, teacher_id INT NOT NULL, subject VARCHAR(32) NOT NULL, room INT NOT NULL ); SQL to Create a Table  First we create a new database and connect to it:  Create the Class table: 3 CREATE DATABASE school3; USE school3; CodeTeacher_idSubjectRoom Data structures Java programming Compilers Software engineering Operating systems 109

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 4 Database Record Insert, Update, and Delete  There are SQL statements to insert, update, and delete records. See the SQL tutorial. INSERT INTO teacher (id, last, first) VALUES (7088, 'Mak', 'Ron'), (7090, 'Wilson', 'Brian') UPDATE teacher SET first = 'Ronald' WHERE first = 'Ron' DELETE FROM teacher WHERE id = 7090 This can update multiple records!

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL to Add Rows  Add rows to the Class table: 5 CodeTeacher_idSubjectRoom Data structures Java programming Compilers Software engineering Operating systems 109 INSERT INTO class (code, teacher_id, subject, room) VALUES (908, 7008, 'Data structures', 114), (926, 7003, 'Java programming', 101), (931, 7051, 'Compilers', 222), (951, 7012, 'Software engineering', 210), (978, 7012, 'Operating systems', 109);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql 6 DROP DATABASE IF EXISTS school3; CREATE DATABASE school3; USE school3; CREATE TABLE class ( codeINTPRIMARY KEY, teacher_id INT NOT NULL, subject VARCHAR(32)NOT NULL, room INT NOT NULL, ); INSERT INTO class (code, teacher_id, subject, room) VALUES(908, 7008, 'Data structures', 114), (926, 7003, 'Java programming', 101), (931, 7051, 'Compilers', 222), (951, 7012, 'Software engineering', 210), (978, 7012, 'Operating systems', 109);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql, cont’d 7 CREATE TABLE contact_info ( idINTPRIMARY KEY, _addressVARCHAR(32)NOT NULL ); INSERT INTO contact_info (id, _address) VALUES(1, (2, (3, (4, (5, (6, (7, (8, (9,

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql, cont’d 8 CREATE TABLE teacher ( idINTPRIMARY KEY, lastVARCHAR(32)NOT NULL, firstVARCHAR(32)NOT NULL, contact_idINTREFERENCES contact_info(id) ); INSERT INTO teacher (id, last, first, contact_id) VALUES(7003, 'Rogers','Tom',6), (7008, 'Thompson','Art',7), (7012, 'Lane','John’,8), (7051, 'Flynn','Mabel',9);  Use the MySQL source command: source create_school.sql

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 9 Entity-Relationship (ER) Diagrams  Data modeling diagrams are called Entity-Relationship (ER) diagrams. Very similar in concept to UML diagrams. There are several styles of ER diagrams.  One style is crow’s feet diagrams.

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 10 One-to-Many Relationship  One (each) teacher teaches 0, 1, or many classes. IdLastFirst 7003RogersTom 7008ThompsonArt 7012LaneJohn 7051FlynnMabel CodeTeacher_idSubjectRoom Data structures Java programming Compilers Software engineering Operating systems109 onezeroonemany Database cardinality is only 0, 1, or many (more than 1). TeacherClass minimum maximum

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 11 Many-to-Many Relationship IdLastFirst 1001DoeJohn 1005NovakTim 1009KleinLeslie 1014JaneMary 1021SmithKim CodeTeacher_idSubjectRoom Data structures Java programming Compilers Software engineering Operating systems109 KeyStudent_idClass_code Student Class Student_Class  A student has 0, 1 or many classes.  A class has 1 or many students. Class Student Student-Class

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 12 Complete Entity Diagram code (PK) teacher_id (FK) subject room Class CodeTeacher_idSubjectRoom Data structures Java programming Compilers Software engineering Operating systems109 Class

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 13 MySQL Workbench  Open-source version of some very expensive commercial database design and management tools (such as ERWin Data Modeler). Download from  Features Manage databases and database connections. Edit, execute, and save SQL scripts. Forward- and reverse-engineering.  Generate a crow’s feet ER diagram from an existing database.  Manually create an ER diagram.  Automatically generate a database from the diagram.

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Workbench: ER Diagrams  MySQL Workbench can generate a new ER diagram by “reverse engineering” an existing database.  Demo: Generate a new ER diagram. 14

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Workbench: ER Diagrams, cont’d  MySQL Workbench can generate a new database by “forward engineering” an ER diagram.  Demo: Generate a new database. 15

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak PHP query() vs. exec()  Use PDO::query() to execute an SQL SELECT statement. Returns a result set as a PDOStatement object. 16 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = $id"; $data = $con->query($query);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak PHP query() vs. exec(), cont’d  Use PDO::exec() to execute an SQL INSERT, UPDATE, or DELETE statement. Returns the count of affected rows. 17 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "UPDATE teacher ". "SET first = 'Ronald' ". "WHERE first = 'Ron'"; $count = $con->exec($query);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Table Join with PHP 18 $first = filter_input(INPUT_GET, "firstName"); $last = filter_input(INPUT_GET, "lastName"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT student.first, student.last, subject ". "FROM student, teacher, class, student_class ". "WHERE teacher.last = '$last' ". "AND teacher.first = '$first' ". "AND teacher_id = teacher.id ". "AND code = class_code ". "AND student.id = student_id ". "ORDER BY subject, student.last"; $data = $con->query($query); $data->setFetchMode(PDO::FETCH_ASSOC);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack  A simple query with a teacher id: 19 $id = filter_input(INPUT_GET, "id"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = $id"; $data = $con->query($query); $data->setFetchMode(PDO::FETCH_ASSOC); $data contains a result set as a PDOStatement object.

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack, cont’d 20 IdLastFirst 7003RogersTom 7008ThompsonArt 7012LaneJohn 7051FlynnMabel

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack, cont’d 21

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement 22 $id = filter_input(INPUT_GET, "id"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = :id"; $ps = $con->prepare($query); $ps->execute(array(':id' => $id)); $data = $ps->fetchAll(PDO::FETCH_ASSOC); $data contains an array.

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement, cont’d 23

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement, cont’d  Never insert text from a user on the client side directly into an SQL query on the server side.  A prepared statement provides some defense against SQL injection attacks.  A prepared statement is parsed and compiled once. It can be reused. Performance improvement for queries made from inside PHP loops. 24

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Table Join with a Prepared Statement 25 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT student.first, student.last, subject ". "FROM student, teacher, class, student_class ". "WHERE teacher.last = :last ". "AND teacher.first = :first ". "AND teacher_id = teacher.id ". "AND code = class_code ". "AND student.id = student_id ". "ORDER BY subject, student.last"; $ps = $con->prepare($query); $ps->execute(array(':first' => $first, ':last' => $last)); $data = $ps->fetchAll(PDO::FETCH_ASSOC);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Parameter Binding  Instead of:  Use parameter binding: 26 $ps->execute(array(':first' => $first, ':last' => $last)); $data = $ps->fetchAll(PDO::FETCH_ASSOC); $ps->bindParam(':first', $first); $ps->bindParam(':last', $last); $ps->execute(); $data = $ps->fetchAll(PDO::FETCH_ASSOC);

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Assignment #3  Add more database tables to your application. The tables should be in 2 nd normal form.  Do joins.  Use PHP prepared statements.  Due Tuesday, Sept

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Conditional Operators 28 PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak LIKE and NOT LIKE  String comparisons using wildcard characters: _ matches any single character % matches any zero or more characters 29 mysql> select * from people; | id | first | last | gender | salary | | 101 | Charles | Jones | M | | | 103 | Mary | Adams | F | | | 105 | Susan | Miller | F | | | 110 | Roger | Brown | M | | | 112 | Leslie | Adamson | F | | rows in set (0.00 sec) mysql> select * from people -> where last like 'Adam%'; | id | first | last | gender | salary | | 103 | Mary | Adams | F | | | 112 | Leslie | Adamson | F | | rows in set (0.02 sec)

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak LIKE and NOT LIKE, cont’d 30 SELECT first_name, last_name FROM users WHERE NOT LIKE PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Sorting Query Results  Sort ascending ( ASC ) or descending ( DESC ). ASC is the default. 31 SELECT first_name, last_name FROM users ORDER BY last_name ASC, first_name ASC; PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN

Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Limiting Query Results  Also: Return n records starting with the i th record. Does not improve the query execution speed, since MySQL still has to match all the records. Reduces the number of returned records. Useful for “paging” the results. 32 SELECT first_name, last_name FROM users ORDER BY registration_date DESC LIMIT 5; LIMIT i, n PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.