Presentation is loading. Please wait.

Presentation is loading. Please wait.

ICE0534 – Web-based Software Development ICE1338 – Programming for WWW Lecture #8 Lecture #8 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information.

Similar presentations


Presentation on theme: "ICE0534 – Web-based Software Development ICE1338 – Programming for WWW Lecture #8 Lecture #8 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information."— Presentation transcript:

1 ICE0534 – Web-based Software Development ICE1338 – Programming for WWW Lecture #8 Lecture #8 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University (ICU) - Summer 2005 -

2 Summer 2005 2 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Announcements Reading Questions #4 is due by July 26 th Reading Questions #4 is due by July 26 th Programming Homework #4 is due by July 28 th Programming Homework #4 is due by July 28 th Please check the scores of your homework and individual presentation at the ‘Grades’ page in the class Web Please check the scores of your homework and individual presentation at the ‘Grades’ page in the class Web

3 Summer 2005 3 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Last Lecture XML processing XML processing Web Servers and Server-side Data Management Web Servers and Server-side Data Management CGI Programming CGI Programming Technology Reviews Technology Reviews PHP [u7: Jaeseok Jang] PHP [u7: Jaeseok Jang] Python [u8: Hyunjong Lee] Python [u8: Hyunjong Lee] Technology Surveys Technology Surveys Web Servers [g10: Sung Peng] Web Servers [g10: Sung Peng] WebDav (Web Distributed Authoring and Versioning) [g12: Shinyoung Ahn] WebDav (Web Distributed Authoring and Versioning) [g12: Shinyoung Ahn]

4 Summer 2005 4 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University This Lecture CGI Programming (cont.) CGI Programming (cont.) Perl Perl Database Access Through the Web Database Access Through the Web Technology Reviews Technology Reviews Apache Jakarta Tomcat [u10: Junho Suh] Apache Jakarta Tomcat [u10: Junho Suh] Technology Surveys Technology Surveys CGI programming languages [g11: Jaeha Song] CGI programming languages [g11: Jaeha Song] Web indexing and searching [g13: Seonah Lee] Web indexing and searching [g13: Seonah Lee]

5 Summer 2005 5 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI Architecture http://ironbark.bendigo.latrobe.edu.au/subjects/int32we/lectures/w08.d/Lect16.html

6 Summer 2005 6 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI Linkage The HTTP header needs only the content type, followed by a blank line: The HTTP header needs only the content type, followed by a blank line: print "Content-type: text/html \n\n"; A sample CGI program: A sample CGI program: #!/usr/local/bin/perl # reply.pl – a CGI program that returns a greeting to the user print "Content-type: text/html \n\n", " \n", " reply.pl example ", " \n", " \n", " Greetings from your Web server!", " \n \n"; AW lecture notes

7 Summer 2005 7 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University HTML Forms The most common way for a user to communicate information from a Web browser to the server The most common way for a user to communicate information from a Web browser to the server Provide tags to generate the commonly used objects, called widgets Provide tags to generate the commonly used objects, called widgets e.g., checkboxes, radio buttons, menus, submit & reset buttons, … Widgets are used to gather information from the user, in the form Widgets are used to gather information from the user, in the form Values of all widgets in a form are called form data Values of all widgets in a form are called form data When the user presses the Submit button, the form data is encoded in a query string, and sent to the server When the user presses the Submit button, the form data is encoded in a query string, and sent to the server

8 Summer 2005 8 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University HTML Form Example <P> First name: First name: Last name: Last name: email: email: Male Male Female Female </P></FORM>

9 Summer 2005 9 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University GET and POST GET (default method) GET (default method) The browser attaches the query string to the URL of the CGI program (after ‘?’) The browser attaches the query string to the URL of the CGI program (after ‘?’) e.g., http://vega.icu.ac.kr/directory/find.cgi?firstname=Ko&lastname=Gildong The server removes the query string from the URL and places it in the environmental variable QUERY_STRING The server removes the query string from the URL and places it in the environmental variable QUERY_STRING Disadvantages Disadvantages Some servers place a limit on the length of the URL string Some servers place a limit on the length of the URL string The query string is vulnerable to illegal access The query string is vulnerable to illegal access POST POST The query string is passes through standard input of the CGI program The query string is passes through standard input of the CGI program The length of the query string is padded through the environmental variable CONTENT_LENGTH The length of the query string is padded through the environmental variable CONTENT_LENGTH No length limitation for the query string No length limitation for the query string

10 Summer 2005 10 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Query String Format A query string includes names and values of widgets A query string includes names and values of widgets Widget values are always coded as strings Widget values are always coded as strings The form of a name/value pair in a query string is: name=value The form of a name/value pair in a query string is: name=value If the form has more than one widget, their values are separated with ampersands If the form has more than one widget, their values are separated with ampersands e.g., milk=2&payment=visa+card Each special character is coded as a percent sign and a two-character hexadecimal number (the ASCII code for the character) Each special character is coded as a percent sign and a two-character hexadecimal number (the ASCII code for the character) Hangul is encoded in this way Hangul is encoded in this way Some browsers code spaces as plus signs, rather than as %20 Some browsers code spaces as plus signs, rather than as %20 %2B for the plus symbol itself %2B for the plus symbol itself AW lecture notes

11 Summer 2005 11 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Decoding Query String 1.Read the query string from $ENV{QUERY_STRING} 2.If the $ENV{REQUEST_METHOD} is POST, determine the size of the request using $ENV{CONTENT_LENGTH} and read that amount of data from the standard input. Append this data to the data read from the query string, if present (this should be joined with "&") 3.Split the result on the " &" character, which separates name- value pairs 4.Split each name-value pair on the "=" character to get the name and value 5.Decode the URL-encoded characters in the name and value 6.Associate each name with its value(s); remember that each option name may have multiple values http://www.hk8.org/old_web/linux/cgi/ch04_03.htm

12 Summer 2005 12 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Query-string Decoding Example my %form_data; my $name_value; my @name_value_pairs = split /&/, $ENV{QUERY_STRING}; if ( $ENV{REQUEST_METHOD} eq 'POST' ) { my $query = ""; read( STDIN, $query, $ENV{CONTENT_LENGTH} ) == $ENV{CONTENT_LENGTH} or return undef; push @name_value_pairs, split /&/, $query; } foreach $name_value ( @name_value_pairs ) { my( $name, $value ) = split /=/, $name_value; $name =~ tr/+/ /; $name =~ s/%([\da-f][\da-f])/chr( hex($1) )/egi; $value = "" unless defined $value; $value =~ tr/+/ /; $value =~ s/%([\da-f][\da-f])/chr( hex($1) )/egi; $form_data{$name} = $value; }

13 Summer 2005 13 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI References W3C’s CGI Pages: http://www.w3.org/CGI/ W3C’s CGI Pages: http://www.w3.org/CGI/ http://www.w3.org/CGI/ CGI Made Really Easy: http://www.jmarshall.com/easy/cgi/ CGI Made Really Easy: http://www.jmarshall.com/easy/cgi/ http://www.jmarshall.com/easy/cgi/ A CGI Tutorial: http://tech.irt.org/articles/js171/ A CGI Tutorial: http://tech.irt.org/articles/js171/ http://tech.irt.org/articles/js171/ CGI Programming with Perl: http://www.hk8.org/old_web/linux/cgi/index.htm CGI Programming with Perl: http://www.hk8.org/old_web/linux/cgi/index.htm http://www.hk8.org/old_web/linux/cgi/index.htm

14 Summer 2005 14 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl Began in the late 1980s as a more powerful replacement for the capabilities of awk (text file processing) and sh (UNIX system administration) Began in the late 1980s as a more powerful replacement for the capabilities of awk (text file processing) and sh (UNIX system administration) Now includes sockets for communications and modules for OOP Now includes sockets for communications and modules for OOP Now the most commonly used language for CGI, in part because of its pattern matching capabilities Now the most commonly used language for CGI, in part because of its pattern matching capabilities Perl programs are usually processed the same way as many Java programs, compilation to an intermediate form, followed by interpretation Perl programs are usually processed the same way as many Java programs, compilation to an intermediate form, followed by interpretation AW lecture notes

15 Summer 2005 15 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl (cont.) Example program: Example program: print "Please input the circle’s radius: "; $radius = ; $area = 3.14159265 * $radius * $radius; print "The area is: $area \n"; Running a Perl program: Running a Perl program: perl prog1.pl Two useful flags: -c means compile only (for error checking) -w means produce warnings for suspicious stuff AW lecture notes

16 Summer 2005 16 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Pattern Matching in Perl The default string against which the pattern is matched is in $_ The default string against which the pattern is matched is in $_ Character and character-class patterns Character and character-class patterns Metacharacters: \ | ( ) [ ] { } ^ $ * + ?. Metacharacters: \ | ( ) [ ] { } ^ $ * + ?. A non-meta, or normal character matches itself A non-meta, or normal character matches itself if (/gold/) { print "There's gold in that thar string!! \n"; print "There's gold in that thar string!! \n";} Metacharacters can match themselves if they are backslashed Metacharacters can match themselves if they are backslashed The period matches any character except newline The period matches any character except newline /a.b/ matches "aab", "abb", "acb",... /a.b/ matches "aab", "abb", "acb",... AW lecture notes

17 Summer 2005 17 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Character Classes A character class is a string in brackets – e.g., [abc] means a | b | c A character class is a string in brackets – e.g., [abc] means a | b | c A dash can be used to specify a range of characters – e.g., [A-Za-z] A dash can be used to specify a range of characters – e.g., [A-Za-z] If a character class begins with a circumflex, it means the opposite – e.g., [^A-Z] matches any character except an uppercase letter If a character class begins with a circumflex, it means the opposite – e.g., [^A-Z] matches any character except an uppercase letter Predefined character classes: Predefined character classes: NameEquivalent PatternMatches \d[0-9]a digit \D[^0-9]not a digit \w[A-Za-z_0-9]a word character \W[^A-Za-z_0-9]not a word character \s[ \r\t\n\f]a whitespace character \S[^ \r\t\n\f]not a whitespace character AW lecture notes

18 Summer 2005 18 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Pattern Quantifiers and Predefined Patterns Pattern Quantifiers Pattern Quantifiers pattern{n} means repeat the pattern n times – e.g., /a{5}bc{5}/ pattern{n} means repeat the pattern n times – e.g., /a{5}bc{5}/ pattern* means repeat the pattern zero or more times – e.g., /a*bc*/ pattern* means repeat the pattern zero or more times – e.g., /a*bc*/ pattern+ means repeat the pattern 1 or more times pattern+ means repeat the pattern 1 or more times pattern? means zero or one match – e.g., /\d*b?c+/ pattern? means zero or one match – e.g., /\d*b?c+/ Two more useful predefined patterns: Two more useful predefined patterns: \b - matches a word boundary \b - matches a word boundary \B - matches a non-word boundary \B - matches a non-word boundary e.g., /\bis\b/ - matches "what it is" and "that is it" /\Bis\B/ - matches "thistle" and "artist" /\Bis\B/ - matches "thistle" and "artist" /\bis\B/ - matches "istanbul" and "so--isn't that butter?" /\bis\B/ - matches "istanbul" and "so--isn't that butter?" /\Bis\b/ - matches "confutatis" and "metropolis near you" /\Bis\b/ - matches "confutatis" and "metropolis near you" AW lecture notes

19 Summer 2005 19 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Binding Operators, Anchors and Pattern Modifiers Binding Operators - to match against a string other than the string in $_ Binding Operators - to match against a string other than the string in $_ $str =~ /\w/; $str !~ /\w/; Anchors - match positions, not characters Anchors - match positions, not characters ^ in front of a pattern (not in a character class) means the pattern must match at the beginning ^ in front of a pattern (not in a character class) means the pattern must match at the beginning $ at the end of a pattern means the pattern must match at the end $ at the end of a pattern means the pattern must match at the end Pattern modifiers (after the pattern) Pattern modifiers (after the pattern) i makes letters in the pattern match either uppercase or lowercase i makes letters in the pattern match either uppercase or lowercase x allows whitespace in the pattern, including comments x allows whitespace in the pattern, including comments AW lecture notes

20 Summer 2005 20 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Remembering Patterns After the match, the implicit variables $1, $2, … have the parts of the string that matched the first, second, … parenthesized subpattern After the match, the implicit variables $1, $2, … have the parts of the string that matched the first, second, … parenthesized subpattern e.g., "John Fitzgerald Kennedy" =~ /(\w+) (\w+) (\w+)/;  Now, $1 has "John", $2 has "Fitzgerald", and  Now, $1 has "John", $2 has "Fitzgerald", and $3 has "Kennedy" $3 has "Kennedy" Parts that preceded, matched and followed Parts that preceded, matched and followed $` has the part of the string before the part that matched $` has the part of the string before the part that matched $& has the part of the string that matched $& has the part of the string that matched $’ has the part of the string after the part that matched $’ has the part of the string after the part that matched AW lecture notes

21 Summer 2005 21 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Substitutions Used to find and replace a substring Used to find and replace a substrings/Pattern/New_String/ e.g., $_ = "Darcy is her name, yes, it’s Darcy" s/Darcy/Darcie/; s/Darcy/Darcie/; Modifiers Modifiers The g modifier means find and replace all of them in the string The g modifier means find and replace all of them in the string The e modifier means the New_String must be interpreted as Perl code The e modifier means the New_String must be interpreted as Perl code e.g., Find a single hex character and replace it with its decimal value (unsigned char value) replace it with its decimal value (unsigned char value) s/%([\dA-Fa-f])/pack("C", hex($1))/e; s/%([\dA-Fa-f])/pack("C", hex($1))/e; The i modifier means case-insensitive matching The i modifier means case-insensitive matching AW lecture notes

22 Summer 2005 22 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Translate Operator Translates a character or character class into another character or character class Translates a character or character class into another character or character class e.g., tr/a-z/A-Z/; Transliterates all lowercase letters to upper Transliterates all lowercase letters to upper AW lecture notes

23 Summer 2005 23 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Query-string Decoding Example my %form_data; my $name_value; my @name_value_pairs = split /&/, $ENV{QUERY_STRING}; if ( $ENV{REQUEST_METHOD} eq 'POST' ) { my $query = ""; read( STDIN, $query, $ENV{CONTENT_LENGTH} ) == $ENV{CONTENT_LENGTH} or return undef; push @name_value_pairs, split /&/, $query; } foreach $name_value ( @name_value_pairs ) { my( $name, $value ) = split /=/, $name_value; $name =~ tr/+/ /; $name =~ s/%([\da-f][\da-f])/chr( hex($1) )/egi; $value = "" unless defined $value; $value =~ tr/+/ /; $value =~ s/%([\da-f][\da-f])/chr( hex($1) )/egi; $form_data{$name} = $value; }

24 Summer 2005 24 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI.pm Module A Perl module serves as a library A Perl module serves as a library The Perl use declaration is used to make a module available to a program The Perl use declaration is used to make a module available to a program To make only part of a module available, specify the part name after a colon To make only part of a module available, specify the part name after a colon e.g., use CGI ":standard"; Common CGI.pm Functions Common CGI.pm Functions “Shortcut” functions produce tags, using their parameters as attribute values “Shortcut” functions produce tags, using their parameters as attribute values e.g., h2("Very easy!"); produces Very easy! Very easy! In this example, the parameter to the function h2 is used as the content of the tag In this example, the parameter to the function h2 is used as the content of the tag AW lecture notes

25 Summer 2005 25 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI.pm Module (cont.) Tags can have both content and attributes Tags can have both content and attributes Each attribute is passed as a name/value pair, just as in a hash literal Each attribute is passed as a name/value pair, just as in a hash literal Attribute names are passed with a preceding dash Attribute names are passed with a preceding dash e.g., textarea(-name => "Description", -rows => "2", -cols => "35"); Produces: Produces: Tags and their attributes are distributed over the parameters of the function Tags and their attributes are distributed over the parameters of the function e.g., ol(li({-type => "square"}, ["milk", "bread", "cheese"])); Output: Output: AW lecture notes

26 Summer 2005 26 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI.pm Module (cont.) Producing output for return to the user Producing output for return to the user A call to header() produces: A call to header() produces: Content-type: text/html;charset=ISO-8859-1 -- blank line – The start_html function is used to create the head of the return document, as well as the tag The start_html function is used to create the head of the return document, as well as the tag The parameter to start_html is used as the title of the document The parameter to start_html is used as the title of the document e.g., start_html("Bill’s Bags"); DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml11-transitional.dtd"> Bill’s Bags Bill’s Bags </head><body> The end_html function generates The end_html function generates AW lecture notes

27 Summer 2005 27 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University CGI.pm Module (cont.) The param function is given a widget’s name; it returns the widget’s value The param function is given a widget’s name; it returns the widget’s value If the query string has name=Abraham in it, param("name") will return "Abraham“ If the query string has name=Abraham in it, param("name") will return "Abraham“ e.g., my($age, $gender, $vote) = (param("age"), param("gender"), param("vote")); (param("age"), param("gender"), param("vote")); AW lecture notes

28 Summer 2005 28 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Cookies A session is the collection of all of the requests made by a particular browser from the time the browser is started until the user exits the browser A session is the collection of all of the requests made by a particular browser from the time the browser is started until the user exits the browser The HTTP protocol is stateless, but, there are several reasons why it is useful for the server to relate a request to a session The HTTP protocol is stateless, but, there are several reasons why it is useful for the server to relate a request to a session Shopping carts for many different simultaneous customers Shopping carts for many different simultaneous customers Customer profiling for advertising Customer profiling for advertising Customized interfaces for specific clients Customized interfaces for specific clients Approaches to storing client information: Approaches to storing client information: Store it on the server – too much to store! Store it on the server – too much to store! Store it on the client machine – this works Store it on the client machine – this works AW lecture notes

29 Summer 2005 29 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Cookies (cont.) A cookie is an object sent by the server to the client A cookie is an object sent by the server to the client Cookies are created by some software system on the server (maybe a CGI program) Cookies are created by some software system on the server (maybe a CGI program) At the time a cookie is created, it is given a lifetime At the time a cookie is created, it is given a lifetime Every time the browser sends a request to the server that created the cookie, while the cookie is still alive, the cookie is included Every time the browser sends a request to the server that created the cookie, while the cookie is still alive, the cookie is included A browser can be set to reject all cookies A browser can be set to reject all cookies AW lecture notes

30 Summer 2005 30 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Using CGI.pm for Cookies CGI.pm includes support for cookies CGI.pm includes support for cookies cookie(-name => a_name, -value => a_value, -expires => a_time); The time is a number followed by a unit code (d, s, m, h, M, y) The time is a number followed by a unit code (d, s, m, h, M, y) e.g., -expires => '+5d' Cookies must be placed in the HTTP header at the time the header is created Cookies must be placed in the HTTP header at the time the header is created e.g., header(-cookie => $my_cookie); To fetch the cookies from an HTTP request, call cookie with no parameters – A hash of all cookies is returned To fetch the cookies from an HTTP request, call cookie with no parameters – A hash of all cookies is returned To fetch the value of one particular cookie, send the cookie’s name to the cookie function, To fetch the value of one particular cookie, send the cookie’s name to the cookie function, e.g., $age = cookie(′age′); AW lecture notes

31 Summer 2005 31 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University A Cookie Example A cookie that tells the client the time of his or her last visit to this site A cookie that tells the client the time of his or her last visit to this site Use the Perl function, localtime, to get the parts of time Use the Perl function, localtime, to get the parts of time ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime; @day_stuff = ($sec, $min, $hour, $mday, $mon, $year); $day_cookie = cookie(-name => 'last_time', -value => \@day_stuff, -expires => '+5d'); -value => \@day_stuff, -expires => '+5d'); AW lecture notes

32 Summer 2005 32 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl References Textbook chapters 4 and 5 Textbook chapters 4 and 5 Perl.com: http://www.perl.com/ Perl.com: http://www.perl.com/ http://www.perl.com/ A Perl Tutorial: http://www.comp.leeds.ac.uk/Perl/start.html A Perl Tutorial: http://www.comp.leeds.ac.uk/Perl/start.html http://www.comp.leeds.ac.uk/Perl/start.html Perl Pattern Matching: http://www.sarand.com/td/ref_perl_pattern.html Perl Pattern Matching: http://www.sarand.com/td/ref_perl_pattern.html http://www.sarand.com/td/ref_perl_pattern.html Perl Functions: http://www.sunsite.ualberta.ca/Documentation/Misc/perl -5.6.1/pod/perlfunc.html Perl Functions: http://www.sunsite.ualberta.ca/Documentation/Misc/perl -5.6.1/pod/perlfunc.html http://www.sunsite.ualberta.ca/Documentation/Misc/perl -5.6.1/pod/perlfunc.html http://www.sunsite.ualberta.ca/Documentation/Misc/perl -5.6.1/pod/perlfunc.html Perl Modules: http://www.cpan.org/modules/ Perl Modules: http://www.cpan.org/modules/http://www.cpan.org/modules/

33 Summer 2005 33 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Database Access Through the Web

34 Summer 2005 34 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Web-based Information Architecture Source Wrapper Mediator Users, Applications Databases & Web Query QueryQueryQuery Result ResultResultResult Query Result

35 Summer 2005 35 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Relational Databases A database is a collection of data organized to allow relatively easy access for retrievals, additions, and deletions A database is a collection of data organized to allow relatively easy access for retrievals, additions, and deletions A relational database is a collection of tables of data, each of which has one special column that stores the primary keys of the table A relational database is a collection of tables of data, each of which has one special column that stores the primary keys of the table Rows are sometimes called entities Rows are sometimes called entities AW lecture notes http://coronet.iicm.edu/Dbase1/reldb_p.htm

36 Summer 2005 36 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University A Corvette

37 Summer 2005 37 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Relational DB Example Designing a relational database for used Corvettes that are for sale Designing a relational database for used Corvettes that are for sale The table could have information about various equipment the cars could have The table could have information about various equipment the cars could have Use a separate table for state names, with only references in the main table Use a separate table for state names, with only references in the main table Logical Model: Logical Model: AW lecture notes

38 Summer 2005 38 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Relational DB Example (cont.) The Corvettes table The States table The Equipment table The Corvettes- Equipment cross-reference table

39 Summer 2005 39 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University SQL (Structured Query Language) A standard language to create, query, and modify databases A standard language to create, query, and modify databases Supported by all major database vendors Supported by all major database vendors More like structured English than a programming language More like structured English than a programming language We cover only six basic commands: CREATE TABLE, SELECT, INSERT, UPDATE, DELETE, and DROP We cover only six basic commands: CREATE TABLE, SELECT, INSERT, UPDATE, DELETE, and DROP SQL reserved words are case insensitive SQL reserved words are case insensitive AW lecture notes

40 Summer 2005 40 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Table Creation The CREATE TABLE command: The CREATE TABLE command: CREATE TABLE table_name ( column_name1 data_type constraints, column_name1 data_type constraints, … column_namen data_type constraints) column_namen data_type constraints) There are many different data types (INTEGER, FLOAT, CHAR(length), …) There are many different data types (INTEGER, FLOAT, CHAR(length), …) There are several constraints possible, e.g., NOT NULL, PRIMARY KEY There are several constraints possible, e.g., NOT NULL, PRIMARY KEY e.g., CREATE TABLE States ( State_id INTEGER PRIMARY KEY NOT NULL, State_id INTEGER PRIMARY KEY NOT NULL, State CHAR(20)) State CHAR(20)) AW lecture notes

41 Summer 2005 41 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University SELECT & INSERT The SELECT Command – Used to specify queries The SELECT Command – Used to specify queries e.g., SELECT Body_style FROM Corvettes WHERE Year > 1994 WHERE Year > 1994 The INSERT Command: The INSERT Command: INSERT INTO table_name (col_name1, … col_namen) VALUES (value1, …, valuen) The correspondence between column names and values is positional The correspondence between column names and values is positional e.g., INSERT INTO Corvettes(Vette_id, Body_style, Miles, Year, State) VALUES (37, 'convertible', 25.5, 1986, 17) AW lecture notes

42 Summer 2005 42 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University UPDATE & DELETE The UPDATE Command – To change one or more values of a row in a table The UPDATE Command – To change one or more values of a row in a table UPDATE table_name SET col_name1 = value1,…, col_namen = valuen WHERE col_name = value The WHERE clause is the primary key of the row to be updated The WHERE clause is the primary key of the row to be updated e.g., UPDATE Corvettes SET Year = 1996 WHERE Vette_id = 17 WHERE Vette_id = 17 The DELETE Command The DELETE Command e.g., DELETE FROM Corvettes WHERE Vette_id = 27 e.g., DELETE FROM Corvettes WHERE Vette_id = 27 The WHERE clause could specify more than one row of the table The WHERE clause could specify more than one row of the table AW lecture notes

43 Summer 2005 43 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Delete Tables and Databases The DROP Command – To delete whose databases or complete tables The DROP Command – To delete whose databases or complete tables DROP (TABLE | DATABASE) [IF EXISTS] name DROP (TABLE | DATABASE) [IF EXISTS] name e.g., DROP TABLE IF EXISTS States e.g., DROP TABLE IF EXISTS States AW lecture notes

44 Summer 2005 44 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Joins A Join is an operation to build a temporary table by combining columns from different tables A Join is an operation to build a temporary table by combining columns from different tables e.g., Retrieve all cars that have CD players e.g., Retrieve all cars that have CD players SELECT Corvettes.Vette_id, Corvettes.Body_style, Corvettes.Miles, Corvettes.Year, Corvettes.State Corvettes.Miles, Corvettes.Year, Corvettes.State FROM Corvettes, Equipment FROM Corvettes, Equipment WHERE Corvettes.Vette_id = Corvettes_Equipment.Vette_id WHERE Corvettes.Vette_id = Corvettes_Equipment.Vette_id AND Corvettes_Equipment.Equip = Equipment.Equip_id AND Corvettes_Equipment.Equip = Equipment.Equip_id AND Equipment.Equip = 'CD' AND Equipment.Equip = 'CD' AW lecture notes

45 Summer 2005 45 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Architectures for Database Access Client-Server (two-tier) Architectures Client-Server (two-tier) Architectures Client tasks: Client tasks: Provide a way for users to submit queries Provide a way for users to submit queries Run applications that use the results of queries Run applications that use the results of queries Display results of queries Display results of queries Server tasks: Server tasks: Implement a data manipulation language, which can directly access and update the database Implement a data manipulation language, which can directly access and update the database Because the relative power of clients has grown considerably, we could shift processing to the client, but then maintaining data integrity is difficult Because the relative power of clients has grown considerably, we could shift processing to the client, but then maintaining data integrity is difficult Client DB Server AW lecture notes

46 Summer 2005 46 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Architectures for Database Access A Three-tier System A Three-tier System For Web-based database access, the middle tier can run applications For Web-based database access, the middle tier can run applications The middle tier provides Web-based access to a database The middle tier provides Web-based access to a database Client just gets results Client just gets results Client DB Server Middle Tier e.g., Web Browser e.g., Web Server & Server Applications (Cont.) AW lecture notes

47 Summer 2005 47 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Embedded SQL SQL commands are embedded in programs written in a host programming language, whose compiler is extended to accept some form of SQL commands SQL commands are embedded in programs written in a host programming language, whose compiler is extended to accept some form of SQL commands e.g., int a; e.g., int a; EXEC SQL SELECT gpa INTO :a FROM Student WHERE SID=2001234; printf("The GPA is %d\n", a); Advantage: One package has computational support of the programming language, as well as database access with SQL Advantage: One package has computational support of the programming language, as well as database access with SQL Disadvantage: Portability among database systems Disadvantage: Portability among database systems AW lecture notes

48 Summer 2005 48 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Database Access Mechanisms Microsoft Access Architecture Microsoft Access Architecture A tool to access any common database structure A tool to access any common database structure Provides an API for a set of objects and methods that are an interface to different databases Provides an API for a set of objects and methods that are an interface to different databases The Perl DBI/DBD Architecture The Perl DBI/DBD Architecture Database Interface (DBI) provides methods & attributes for generic SQL commands Database Interface (DBI) provides methods & attributes for generic SQL commands Database Driver (DBD) is an interface to a specific database system (MySQL, Oracle, etc.) Database Driver (DBD) is an interface to a specific database system (MySQL, Oracle, etc.) Convenient for Web access to databases, because the Perl program can be run as CGI on the Web server system Convenient for Web access to databases, because the Perl program can be run as CGI on the Web server system AW lecture notes

49 Summer 2005 49 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Database Access Mechanisms PHP & Database Access PHP & Database Access An API for each specific database system An API for each specific database system Also convenient for Web access to databases, because PHP is run on the Web server Also convenient for Web access to databases, because PHP is run on the Web server The Java JDBC Architecture The Java JDBC Architecture JDBC is a standard protocol that can be implemented as a driver for any database system JDBC is a standard protocol that can be implemented as a driver for any database system JDBC allows SQL to be embedded in Java applications, applets, and servlets JDBC allows SQL to be embedded in Java applications, applets, and servlets JDBC has the advantage of portability over embedded SQL JDBC has the advantage of portability over embedded SQL A JDBC application will work with any database system for which there is a JDBC driver A JDBC application will work with any database system for which there is a JDBC driver AW lecture notes

50 Summer 2005 50 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University The MySQL Database System A free, efficient, widely used SQL implementation A free, efficient, widely used SQL implementation Available from http://www.mysql.org Available from http://www.mysql.orghttp://www.mysql.org Logging on to MySQL (starting it): Logging on to MySQL (starting it): mysql [-h host] [-u username] [database name] [-p] The given database name becomes the focus of MySQL The given database name becomes the focus of MySQL Database focus can be changed by the use command: Database focus can be changed by the use command: e.g., use cars; e.g., use cars; AW lecture notes

51 Summer 2005 51 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University MySQL Commands To create a new database To create a new database e.g., CREATE DATABASE cars; To create a database table To create a database table e.g., CREATE TABLE Equipment (Equip_id INT UNSIGNED NOT NULL (Equip_id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, AUTO_INCREMENT PRIMARY KEY, Equip INT UNSIGNED); Equip INT UNSIGNED); To see the tables of a database: To see the tables of a database: SHOW TABLES; To see the description of a table (columns): To see the description of a table (columns): e.g., DESCRIBE Corvettes; AW lecture notes

52 Summer 2005 52 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Database Access with Perl/MySQL Needed: Needed: DBI – a standard object-oriented module DBI – a standard object-oriented module DBD – for the specific database system DBD – for the specific database system DBI Module DBI Module Interface is similar to Perl’s interface to external files – through a filehandle Interface is similar to Perl’s interface to external files – through a filehandle To provide access to DBI and create a DBI object: use DBI; To provide access to DBI and create a DBI object: use DBI; Access to the object is through the reference variable, DBI Access to the object is through the reference variable, DBI AW lecture notes

53 Summer 2005 53 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL (cont.) To connect to the database: To connect to the database: $dbh = DBI->connect( $dbh = DBI->connect( "DBI:driver_name:db_name "DBI:driver_name:db_name [, username] [, password]); [, username] [, password]); e.g., $dbh = DBI->connect("DBI:mysql:cars"); The connect method is usually used with die The connect method is usually used with die e.g., $dbh = DBI->connect("DBI:mysql:cars") or die("Could not connect!"); die("Could not connect!"); A Perl program can have connections to any number of databases A Perl program can have connections to any number of databases AW lecture notes

54 Summer 2005 54 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL (cont.) To create a query, we usually compile the SQL command first, then use it against the database To create a query, we usually compile the SQL command first, then use it against the database e.g., $sth = $dbh->prepare( "SELECT Vette_id, Body_style, Year, States.State "SELECT Vette_id, Body_style, Year, States.State FROM Corvettes, States FROM Corvettes, States WHERE Corvettes.State = States.State_id WHERE Corvettes.State = States.State_id AND States.State = 'California'"); AND States.State = 'California'"); To execute a compiled query, use execute, as in: To execute a compiled query, use execute, as in: e.g., $sth->execute() or die "Error –query: $dbh->errstr\n"; die "Error –query: $dbh->errstr\n"; AW lecture notes

55 Summer 2005 55 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL Example #!/usr/bin/perl -w use DBI; use CGI ":standard"; print header(); print start_html("CGI-Perl MySQL database access"); my $dbh = DBI->connect("DBI:mysql:cars", "root", ""); my $query = param("query"); print " The query is: ", $query, " "; my $sth = $dbh->prepare($query); $sth->execute or die "Error - unable to execute query: $dbh->errstr\n"; die "Error - unable to execute query: $dbh->errstr\n"; access_cars.pl

56 Summer 2005 56 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL (cont.) The $sth object keeps the result of a query The $sth object keeps the result of a query To display the results, we would like column names, which are stored in a hash To display the results, we would like column names, which are stored in a hash $col_names = $sth->{NAME}; $col_names = $sth->{NAME}; Rows of the result are available with the fetchrow_array method, which returns a reference to an array that has the next row of the result Rows of the result are available with the fetchrow_array method, which returns a reference to an array that has the next row of the result Returns false if there are no more rows Returns false if there are no more rows AW lecture notes

57 Summer 2005 57 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL (cont.) Putting query results in an HTML document can cause trouble (>,, <, “, and &) Avoid the problem by using the CGI function, escapeHTML Avoid the problem by using the CGI function, escapeHTML AW lecture notes

58 Summer 2005 58 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Perl/MySQL Example print " Query Results ", " "; my $col_names = $sth->{NAME}; foreach $field_name (@$col_names) { print " $field_name "; print " $field_name ";} print " "; while (@result_rows = $sth->fetchrow_array) { print " "; print " "; while ($#result_rows >= 0) { while ($#result_rows >= 0) { $field = shift @result_rows; $field = shift @result_rows; $field = escapeHTML($field); $field = escapeHTML($field); print " $field "; print " $field "; } print " "; print " ";} print " "; $sth->finish; $dbh->disconnect; print end_html(); access_cars.pl

59 Summer 2005 59 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University PHP/MySQL Example <html> Access the cars database with MySQL Access the cars database with MySQL <body><?php $db = mysql_connect("localhost", "root", ""); // Connect to MySQL if (!$db) { print "Error - Could not connect to MySQL"; exit; print "Error - Could not connect to MySQL"; exit;} $er = mysql_select_db("cars"); // Select the cars database if (!$er) { print "Error - Could not select the cars database"; exit; print "Error - Could not select the cars database"; exit;} trim($query); print " The query is: ". $query. " "; $result = mysql_query($query); // Execute the query if (!$result) { print "Error - the query could not be executed"; print "Error - the query could not be executed"; $error = mysql_error(); $error = mysql_error(); print " ". $error. " "; print " ". $error. " "; exit; exit;} access_cars.php

60 Summer 2005 60 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University PHP/MySQL Example print " Query Results "; print " "; $num_rows = mysql_num_rows($result); $row = mysql_fetch_array($result); $num_fields = sizeof($row); while ($next_element = each($row)) { // Produce the column labels $next_element = each($row); $next_element = each($row); $next_key = $next_element['key']; $next_key = $next_element['key']; print " ". $next_key. " "; print " ". $next_key. " ";} print " "; for ($row_num = 0; $row_num < $num_rows; $row_num++) { reset($row); reset($row); print " "; print " "; for ($field_num = 0; $field_num < $num_fields / 2; $field_num++) for ($field_num = 0; $field_num < $num_fields / 2; $field_num++) print " ". $row[$field_num]. " "; print " ". $row[$field_num]. " "; print " "; print " "; $row = mysql_fetch_array($result); $row = mysql_fetch_array($result);} print " "; ?></body></html> access_cars.php

61 Summer 2005 61 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Database Access with JDBC/MySQL Approaches to using JDBC outside the Web Approaches to using JDBC outside the Web JDBC is a Java API for database access JDBC is a Java API for database access The API is defined in the java.sql package The API is defined in the java.sql package Can use a two-tier configuration Can use a two-tier configuration Disadvantage: Every client must have a driver for every database vendor Disadvantage: Every client must have a driver for every database vendor Can also use a three-tier configuration Can also use a three-tier configuration The application runs on the client side, the middle machine runs JDBC, and the third system runs the database system The application runs on the client side, the middle machine runs JDBC, and the third system runs the database system AW lecture notes

62 Summer 2005 62 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL Connecting the application to the driver Connecting the application to the driver The getConnection method of DriverManager, which select the correct driver from those that are registered The getConnection method of DriverManager, which select the correct driver from those that are registered The general form of a reference to a database for the connection operation is: The general form of a reference to a database for the connection operation is:jdbc:subprotocol_name:more_info The “subprotocol” specifies the driver (e.g., odbc, mysql) The “subprotocol” specifies the driver (e.g., odbc, mysql) The “more info” part depends on the specific database being used The “more info” part depends on the specific database being used e.g., For MySQL and the cars database, myCon = DriverManager.getConnection( myCon = DriverManager.getConnection( "jdbc:mysql://localhost/cars?user=root"); "jdbc:mysql://localhost/cars?user=root"); AW lecture notes

63 Summer 2005 63 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL SQL commands through JDBC SQL commands through JDBC Statement myStmt = myCon.createStatement(); SQL commands are String objects SQL commands are String objects e.g., final String sql_com = "UPDATE Corvettes " + "Year = 1991 WHERE Vette_id = 7"; "Year = 1991 WHERE Vette_id = 7"; The action commands are executed with the executeUpdate method of Statement The action commands are executed with the executeUpdate method of Statement e.g., myStmt.executeUpdate(sql_com); Returns the number of affected rows AW lecture notes

64 Summer 2005 64 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL A SELECT is executed by sending it as the actual parameter to the executeQuery method of Statement A SELECT is executed by sending it as the actual parameter to the executeQuery method of Statement The executeQuery method returns an object of class ResultSet The executeQuery method returns an object of class ResultSet Get rows from ResultSet with next iterator Get rows from ResultSet with next iterator e.g.,ResultSet result; final String sql_com = "SELECT * FROM Corvettes final String sql_com = "SELECT * FROM Corvettes WHERE Year <= 1990" WHERE Year <= 1990" result = myStmt.executeQuery(sql_com); while(result.next()) { String aCol = result.getString(2); String aCol = result.getString(2); String style = result.getString("Body_style"); } AW lecture notes

65 Summer 2005 65 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL Metadata Metadata - to get table and column names from a database Metadata - to get table and column names from a database Two kinds of metadata: Two kinds of metadata: Metadata that describes the database Metadata that describes the database DatabaseMetaData dbmd = myCon.getMetaData(); Metadata that describes a ResultSet object Metadata that describes a ResultSet object ResultSetMetaData resultMd = result.getMetaData(); AW lecture notes

66 Summer 2005 66 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL Database Metadata String tbl[] = { "TABLE" }; DatabaseMetaData dbmd = myCon.getMetaData(); result = dbmd.getTables(null, null, null, tbl); System.out.println("The tables in the database are: \n\n"); while (result.next()) { System.out.println(result.getString(3)); System.out.println(result.getString(3));} Output from this: Output from this: The tables in this database are: The tables in this database are: CORVETTES CORVETTES CORVETTES_EQUIPMENT CORVETTES_EQUIPMENT EQUIPMENT EQUIPMENT STATES STATES AW lecture notes

67 Summer 2005 67 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University JDBC/MySQL Result Metadata // Create an object for the metadata ResultSetMetaData resultMd = result.getMetaData(); // Loop to fetch and display the column names for (int i = 1; i" <= resultMd.getColumnCount(); i++) { String columnName = resultMd.getColumnLabel(i); String columnName = resultMd.getColumnLabel(i); System.out.print(columnName + "\t"); System.out.print(columnName + "\t");}System.out.println("\n"); Output: Output: Vette_id Body_style Miles Year State AW lecture notes

68 Summer 2005 68 ICE 0534/ICE1338 – WWW © In-Young Ko, Information and Communications University Web-based DB References Introduction to Relational Database Design: http://www.edm2.com/0612/msql7.html Introduction to Relational Database Design: http://www.edm2.com/0612/msql7.html http://www.edm2.com/0612/msql7.html XML representation of a relational database: http://www.w3.org/XML/RDB.html XML representation of a relational database: http://www.w3.org/XML/RDB.html http://www.w3.org/XML/RDB.html


Download ppt "ICE0534 – Web-based Software Development ICE1338 – Programming for WWW Lecture #8 Lecture #8 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information."

Similar presentations


Ads by Google