Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

Published byWilfrid French Modified over 8 years ago

Similar presentations

Presentation on theme: "CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak."— Presentation transcript:

1 CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak

2 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL to Create and Drop a Database  Create examples:  Drop examples: 2 CREATE DATABASE school3; CREATE DATABASE IF NOT EXISTS school3; DROP DATABASE school3; DROP DATABASE IF EXISTS school3;

3 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak CREATE TABLE class ( code INT PRIMARY KEY, teacher_id INT NOT NULL, subject VARCHAR(32) NOT NULL, room INT NOT NULL ); SQL to Create a Table  First we create a new database and connect to it:  Create the Class table: 3 CREATE DATABASE school3; USE school3; CodeTeacher_idSubjectRoom 9087008Data structures114 9267003Java programming 101 9317051Compilers222 9517012Software engineering 210 9747012Operating systems 109

4 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 4 Database Record Insert, Update, and Delete  There are SQL statements to insert, update, and delete records. See the SQL tutorial. INSERT INTO teacher (id, last, first) VALUES (7088, 'Mak', 'Ron'), (7090, 'Wilson', 'Brian') UPDATE teacher SET first = 'Ronald' WHERE first = 'Ron' DELETE FROM teacher WHERE id = 7090 This can update multiple records!

5 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL to Add Rows  Add rows to the Class table: 5 CodeTeacher_idSubjectRoom 9087008Data structures114 9267003Java programming 101 9317051Compilers222 9517012Software engineering 210 9747012Operating systems 109 INSERT INTO class (code, teacher_id, subject, room) VALUES (908, 7008, 'Data structures', 114), (926, 7003, 'Java programming', 101), (931, 7051, 'Compilers', 222), (951, 7012, 'Software engineering', 210), (978, 7012, 'Operating systems', 109);

6 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql 6 DROP DATABASE IF EXISTS school3; CREATE DATABASE school3; USE school3; CREATE TABLE class ( codeINTPRIMARY KEY, teacher_id INT NOT NULL, subject VARCHAR(32)NOT NULL, room INT NOT NULL, ); INSERT INTO class (code, teacher_id, subject, room) VALUES(908, 7008, 'Data structures', 114), (926, 7003, 'Java programming', 101), (931, 7051, 'Compilers', 222), (951, 7012, 'Software engineering', 210), (978, 7012, 'Operating systems', 109);

7 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql, cont’d 7 CREATE TABLE contact_info ( idINTPRIMARY KEY, email_addressVARCHAR(32)NOT NULL ); INSERT INTO contact_info (id, email_address) VALUES(1, 'mjane@sjsu.edu'), (2, 'ksmith@sjsu.edu'), (3, 'jdoe@sjsu.edu'), (4, 'tnovak@sjsu.edu'), (5, 'lklein@sjsu.edu'), (6, 'trogers@sjsu.edu'), (7, 'athompson@sjsu.edu'), (8, 'jlane@sjsu.edu'), (9, 'mflynn@sjsu.edu');

8 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Script create_school.sql, cont’d 8 CREATE TABLE teacher ( idINTPRIMARY KEY, lastVARCHAR(32)NOT NULL, firstVARCHAR(32)NOT NULL, contact_idINTREFERENCES contact_info(id) ); INSERT INTO teacher (id, last, first, contact_id) VALUES(7003, 'Rogers','Tom',6), (7008, 'Thompson','Art',7), (7012, 'Lane','John’,8), (7051, 'Flynn','Mabel',9);  Use the MySQL source command: source create_school.sql

9 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 9 Entity-Relationship (ER) Diagrams  Data modeling diagrams are called Entity-Relationship (ER) diagrams. Very similar in concept to UML diagrams. There are several styles of ER diagrams.  One style is crow’s feet diagrams.

10 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 10 One-to-Many Relationship  One (each) teacher teaches 0, 1, or many classes. IdLastFirst 7003RogersTom 7008ThompsonArt 7012LaneJohn 7051FlynnMabel CodeTeacher_idSubjectRoom 9087008Data structures114 9267003Java programming101 9317051Compilers222 9517012Software engineering210 9747012Operating systems109 onezeroonemany Database cardinality is only 0, 1, or many (more than 1). TeacherClass minimum maximum

11 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 11 Many-to-Many Relationship IdLastFirst 1001DoeJohn 1005NovakTim 1009KleinLeslie 1014JaneMary 1021SmithKim CodeTeacher_idSubjectRoom 9087008Data structures114 9267003Java programming101 9317051Compilers222 9517012Software engineering210 9747012Operating systems109 KeyStudent_idClass_code 11001926 21001951 31001908 41005974 51005908 61014931 71021926 81021974 91021931 Student Class Student_Class  A student has 0, 1 or many classes.  A class has 1 or many students. Class Student Student-Class

12 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 12 Complete Entity Diagram code (PK) teacher_id (FK) subject room Class CodeTeacher_idSubjectRoom 9087008Data structures114 9267003Java programming101 9317051Compilers222 9517012Software engineering210 9747012Operating systems109 Class

13 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak 13 MySQL Workbench  Open-source version of some very expensive commercial database design and management tools (such as ERWin Data Modeler). Download from http://dev.mysql.com/downloads/http://dev.mysql.com/downloads/  Features Manage databases and database connections. Edit, execute, and save SQL scripts. Forward- and reverse-engineering.  Generate a crow’s feet ER diagram from an existing database.  Manually create an ER diagram.  Automatically generate a database from the diagram.

14 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Workbench: ER Diagrams  MySQL Workbench can generate a new ER diagram by “reverse engineering” an existing database.  Demo: Generate a new ER diagram. 14

15 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Workbench: ER Diagrams, cont’d  MySQL Workbench can generate a new database by “forward engineering” an ER diagram.  Demo: Generate a new database. 15

16 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak PHP query() vs. exec()  Use PDO::query() to execute an SQL SELECT statement. Returns a result set as a PDOStatement object. 16 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = $id"; $data = $con->query($query);

17 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak PHP query() vs. exec(), cont’d  Use PDO::exec() to execute an SQL INSERT, UPDATE, or DELETE statement. Returns the count of affected rows. 17 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "UPDATE teacher ". "SET first = 'Ronald' ". "WHERE first = 'Ron'"; $count = $con->exec($query);

18 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Table Join with PHP 18 $first = filter_input(INPUT_GET, "firstName"); $last = filter_input(INPUT_GET, "lastName"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT student.first, student.last, subject ". "FROM student, teacher, class, student_class ". "WHERE teacher.last = '$last' ". "AND teacher.first = '$first' ". "AND teacher_id = teacher.id ". "AND code = class_code ". "AND student.id = student_id ". "ORDER BY subject, student.last"; $data = $con->query($query); $data->setFetchMode(PDO::FETCH_ASSOC);

19 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack  A simple query with a teacher id: 19 $id = filter_input(INPUT_GET, "id"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = $id"; $data = $con->query($query); $data->setFetchMode(PDO::FETCH_ASSOC); $data contains a result set as a PDOStatement object.

20 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack, cont’d 20 IdLastFirst 7003RogersTom 7008ThompsonArt 7012LaneJohn 7051FlynnMabel

21 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak SQL Injection Attack, cont’d 21

22 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement 22 $id = filter_input(INPUT_GET, "id"); try { $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT * FROM teacher WHERE id = :id"; $ps = $con->prepare($query); $ps->execute(array(':id' => $id)); $data = $ps->fetchAll(PDO::FETCH_ASSOC); $data contains an array.

23 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement, cont’d 23

24 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Prepared Statement, cont’d  Never insert text from a user on the client side directly into an SQL query on the server side.  A prepared statement provides some defense against SQL injection attacks.  A prepared statement is parsed and compiled once. It can be reused. Performance improvement for queries made from inside PHP loops. 24

25 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Table Join with a Prepared Statement 25 $con = new PDO("mysql:host=localhost;dbname=school", "root", "sesame"); $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $query = "SELECT student.first, student.last, subject ". "FROM student, teacher, class, student_class ". "WHERE teacher.last = :last ". "AND teacher.first = :first ". "AND teacher_id = teacher.id ". "AND code = class_code ". "AND student.id = student_id ". "ORDER BY subject, student.last"; $ps = $con->prepare($query); $ps->execute(array(':first' => $first, ':last' => $last)); $data = $ps->fetchAll(PDO::FETCH_ASSOC);

26 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Parameter Binding  Instead of:  Use parameter binding: 26 $ps->execute(array(':first' => $first, ':last' => $last)); $data = $ps->fetchAll(PDO::FETCH_ASSOC); $ps->bindParam(':first', $first); $ps->bindParam(':last', $last); $ps->execute(); $data = $ps->fetchAll(PDO::FETCH_ASSOC);

27 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Assignment #3  Add more database tables to your application. The tables should be in 2 nd normal form.  Do joins.  Use PHP prepared statements.  Due Tuesday, Sept. 29. 27

28 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak MySQL Conditional Operators 28 PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN 978-0-321-78407-0

29 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak LIKE and NOT LIKE  String comparisons using wildcard characters: _ matches any single character % matches any zero or more characters 29 mysql> select * from people; +-----+---------+---------+--------+--------+ | id | first | last | gender | salary | +-----+---------+---------+--------+--------+ | 101 | Charles | Jones | M | 100000 | | 103 | Mary | Adams | F | 150000 | | 105 | Susan | Miller | F | 50000 | | 110 | Roger | Brown | M | 75000 | | 112 | Leslie | Adamson | F | 105000 | +-----+---------+---------+--------+--------+ 5 rows in set (0.00 sec) mysql> select * from people -> where last like 'Adam%'; +-----+--------+---------+--------+--------+ | id | first | last | gender | salary | +-----+--------+---------+--------+--------+ | 103 | Mary | Adams | F | 150000 | | 112 | Leslie | Adamson | F | 105000 | +-----+--------+---------+--------+--------+ 2 rows in set (0.02 sec)

30 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak LIKE and NOT LIKE, cont’d 30 SELECT first_name, last_name FROM users WHERE email NOT LIKE '%@authors.com'; PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN 978-0-321-78407-0

31 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Sorting Query Results  Sort ascending ( ASC ) or descending ( DESC ). ASC is the default. 31 SELECT first_name, last_name FROM users ORDER BY last_name ASC, first_name ASC; PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN 978-0-321-78407-0

32 Computer Science Dept. Fall 2015: September 23 CS 174: Web Programming © R. Mak Limiting Query Results  Also: Return n records starting with the i th record. Does not improve the query execution speed, since MySQL still has to match all the records. Reduces the number of returned records. Useful for “paging” the results. 32 SELECT first_name, last_name FROM users ORDER BY registration_date DESC LIMIT 5; LIMIT i, n PHP and MySQL for Dynamic Web Sites, 4 th ed. by Larry Ullman Peachpit Press, 2012 ISBN 978-0-321-78407-0

Download ppt "CS 174: Web Programming September 23 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak."

Similar presentations

CS 185C/286: The History of Computing October 31 Class Meeting Department of Computer Science San Jose State University Fall 2011 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CS 185C/286: The History of Computing October 31 Class Meeting Department of Computer Science San Jose State University Fall 2011 Instructor: Ron Mak
Intermediate PHP & MySQL

Intermediate PHP & MySQL
CS 160: Software Engineering August 27 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CS 160: Software Engineering August 27 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)

1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)
CS 160: Software Engineering November 10 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CS 160: Software Engineering November 10 Class Meeting Department of Computer Science San Jose State University Fall 2014 Instructor: Ron Mak
ASP.NET Programming with C# and SQL Server First Edition

ASP.NET Programming with C# and SQL Server First Edition
PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.

PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.
Web Application Development. Define ER model in QSEE Generate SQL Create Database mySQL Write Script to use TableEditor class Process to create A simple.

Web Application Development. Define ER model in QSEE Generate SQL Create Database mySQL Write Script to use TableEditor class Process to create A simple.
 SQL stands for Structured Query Language.  SQL lets you access and manipulate databases.  SQL is an ANSI (American National Standards Institute) standard.

 SQL stands for Structured Query Language.  SQL lets you access and manipulate databases.  SQL is an ANSI (American National Standards Institute) standard.
Web Application Development. Tools to create a simple web- editable database QSEE MySQL (or PHPMyAdmin) PHP TableEditor.

Web Application Development. Tools to create a simple web- editable database QSEE MySQL (or PHPMyAdmin) PHP TableEditor.
Creating Databases with MySQL Workbench Build the Forums database in Ullman’s Chapter 6.

Creating Databases with MySQL Workbench Build the Forums database in Ullman’s Chapter 6.
CS 160: Software Engineering October 8 Class Meeting

CS 160: Software Engineering October 8 Class Meeting
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN 6710 - Section A – TR 9:30-10:45 CRN 10570 – Section B – TR 5:30-6:45.

Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
CS 157B: Database Management Systems II January 30 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.

CS 157B: Database Management Systems II January 30 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.

INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.
Chapter 7 Working with Databases and MySQL PHP Programming with MySQL 2 nd Edition.

Chapter 7 Working with Databases and MySQL PHP Programming with MySQL 2 nd Edition.
CMPE 226 Database Systems September 16 Class Meeting Department of Computer Engineering San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CMPE 226 Database Systems September 16 Class Meeting Department of Computer Engineering San Jose State University Fall 2015 Instructor: Ron Mak
CS 174: Web Programming September 21 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

CS 174: Web Programming September 21 Class Meeting Department of Computer Science San Jose State University Fall 2015 Instructor: Ron Mak
CS 157B: Database Management Systems II February 6 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.

CS 157B: Database Management Systems II February 6 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron Mak.
15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.

15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.

Similar presentations

Ads by Google