Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCI 297 Scripting Languages

Published byBrooke Palmer Modified over 5 years ago

Similar presentations

Presentation on theme: "CSCI 297 Scripting Languages"— Presentation transcript:

1 CSCI 297 Scripting Languages
Misc Odds and Ends CSCI 297 Scripting Languages

2 Today Database Normalization Data Backups
Tracking the User with Cookies Short example of SQL Injection

3 Database Normalization
Goal = each piece of information exists only once in the database creates storage efficiency more efficient to update duplicates can create inaccuracies First Normal Form no repeating columns with same data types all columns contain single value primary key uniquely identifies each row Second Normal Form rows do not duplicate information Third Normal Form data not dependent on the primary key is moved to another table

4 Normalization Example
First Order no primary key First Order two columns w/ same data type Second Order two rows with same info Author1 Author2 Title ISBN Price CustName CustAddr MW Brown C. Hurd Good Night Moon 1234 12.99 Claire Dannelly 980 Eagle, Rock Hill… D. Pilkey Captain Underpants 6789 24.50 William Dannelly Bob Smith 123 Main… ISBN Author 1234 Marguerite Wise Brown Clement Hurd 6789 Dav Pilkey ISBN Title Price 1234 Good Night Moon 12.99 6789 Captain Underpants 24.50

5 Backing Up Data Full Database Back Up Full Database Restore
big pain two possible options from the command line: mysqldump --opt --all-database > all.sql mysqlhotcopy database /path/for/backup Full Database Restore it's a really long set of complicated steps If concerned about data corruption lock the table(s) copy the records to a copy of the table(s) unlock the table(s) Transactions - updates can be temporary

6 Cookies - setting in PHP
setcookie (name, value, expire, path, domain); name name of the cookie value example: "usrname" value the value of the cookie example = "Bob Smith" expire time of when the cookie expires if empty, then the cookie expires when the browser closes example : 24 hours from now = time()+24*60*60

7 Cookies - very simple example
Problem : Script to either display the user name that is stored in a cookie or save the user name into a cookie Possible Conditions while running the script: a cookie was already set isset ($_COOKIE[…]) the cookie is being set with form data isset ($_POST[…]) the cookie has not been set neither of the above is true

8 <?php // we have been here before and the cookie is set if (isset($_COOKIE["usrname"])) echo "Welcome " . $_COOKIE["usrname"] . "<P>"; // script is setting the cookie, expires in two minutes else if (isset($_POST['usrname'])) { setcookie ("usrname", $_POST['usrname'], time()+120); echo "Setting the cookie<P>"; } // first time visitor else echo "Welcome first time visitor<P>"; echo "<form action='cooktest1.php' method='Post'>"; echo "User Name: <input type='text' name='usrname'><br>"; echo "<input type=submit value='Save Name'<P>"; echo "</form>"; ?>

9 Cookies - common error The setcookie() function must appear before the <html> tag. This code is okay: else if (isset($_POST['usrname'])) { setcookie ("usrname", $_POST['usrname'], ... echo "The cookie is set.<P>"; } This code generates an error: echo "Setting the cookie...<P>";

10 SQL Injection Example $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT 'id' FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password';" $result = mysqli_query ($DBconn, $query); if (mysqli_num_rows($result) == 0) error : try again else user is okay

11 example continued… PHP String with SQL Command:
SELECT 'id' FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password'; What if the user enters: username ==> ' OR ''=' password ==> ' OR ''=' The resulting SQL Command: 'username' = '' OR ''='' AND 'password' = '' OR ''='';

Download ppt "CSCI 297 Scripting Languages"

Similar presentations

PHP SQL. Connection code:- mysql_connect(server, username, password); Connect to the Database Server with the authorised user and password. Eg $connect.

PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
PHP Hypertext Preprocessor Information Systems 337 Prof. Harry Plantinga.

PHP Hypertext Preprocessor Information Systems 337 Prof. Harry Plantinga.
Let’s try Oracle. Accessing Oracle The Oracle system, like the SQL Server system, is client / server. For SQL Server, –the client is the Query Analyser.

Let’s try Oracle. Accessing Oracle The Oracle system, like the SQL Server system, is client / server. For SQL Server, –the client is the Query Analyser.
Website Development Registering Users – Introducing Cookies.

Website Development Registering Users – Introducing Cookies.
Session Management A290/A590, Fall 2014 09/25/2014.

Session Management A290/A590, Fall /25/2014.
PHP and MySQL Code Reuse, OO, Error Handling and MySQL (Intro)

PHP and MySQL Code Reuse, OO, Error Handling and MySQL (Intro)
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io

Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.

Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.
Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.

Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.
Lecture 7 – Form processing (Part 2) SFDV3011 – Advanced Web Development 1.

Lecture 7 – Form processing (Part 2) SFDV3011 – Advanced Web Development 1.
INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.

INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
Create an online booking system (login/registration)

Create an online booking system (login/registration)
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.
PHP Tutorial - Anas Jaghoub Chapter 2 Control Structures.

PHP Tutorial - Anas Jaghoub Chapter 2 Control Structures.
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Working with MSSQL Server Code:G0-C# Version: 1.0 Author: Pham Trung Hai CTD.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Working with MSSQL Server Code:G0-C# Version: 1.0 Author: Pham Trung Hai CTD.
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.

_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.

Similar presentations

Ads by Google