Presentation is loading. Please wait.

Presentation is loading. Please wait.

DATABASES.

Published byRonald Barton Modified over 8 years ago

Similar presentations

Presentation on theme: "DATABASES."— Presentation transcript:

1 http://www.flickr.com/photos/torkildr/3462607995/ DATABASES

2 Overview of databases Database = structured storage for your data Each database can have several tables sidcidgrade 9319050003614.0 9319050003623.0 9319050013614.0 9319050013624.0 9319050014963.0 9319050023612.0 sidonidname 931905000cjonesC. Jones 931905001amorgan2A. Morgan 931905002rholdtR. Holdt cidprofcredcaptitle 361cscaffid470SE I 362agroce470SE II 496cscaffid470Mobile/Cloud Courses Students Grades

3 Setting up a database Simple approach: Get an ENGR database Go to http://onid.oregonstate.edu, log in, click Web Database on the left. It give you the sample PHP code to use as well as database names and passwords.

4 Database table overview: primary keys cidprofcredcaptitle 361cscaffid470SE I 362agroce470SE II 496cscaffid470Mobile/Cloud Usually, your table will have a "primary key" – a column that is unique for each row. Usually, you will use an integer as your primary key. It is also possible to have a "composite key" – two or more columns that as a combination are unique for each row.

5 Other columns in the table cidprofcredcaptitle 361cscaffid470SE I 362agroce470SE II 496cscaffid470Mobile/Cloud Other columns in the table can be strings (aka "varchars"), ints, etc. The data types supported vary by database. MySQL supports these… http://dev.mysql.com/doc/refman/5.0/en/data-type-overview.html http://dev.mysql.com/doc/refman/5.0/en/data-type-overview.html

6 Foreign keys cidprofcredcaptitle 361cscaffid470SE I 362agroce470SE II 496cscaffid470Mobile/Cloud Sometimes, a non-primary column in one table references the primary key in another table. This is called a "foreign key constraint." sidcidgrade 9319050003614.0 9319050003623.0 9319050013614.0 9319050013624.0 9319050014963.0 9319050023612.0

7 Example Connection <?php $mysqli = new mysqli("oniddb.cws.oregonstate.edu","scaffidc-db","mYRBEDC15SlLJXmv","scaffidc-db"); mysqli_close($mysqli); ?> Current ONID Database Settings Hostnameoniddb.cws.oregonstate.edu Database Namescaffidc-db Usernamescaffidc-db PasswordmYRBEDC15SlLJXmv

8 Queries mysqli object has a query() method Use with caution, does nothing to protect against injection Generally you will just provide a query as a single argument to this function

9 Queries Continued Return values: – FALSE on failure – For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries returns a mysqli_result object – For other successful queries returns TRUE

10 Let’s create some tables! <?php $mysqli = new mysqli("oniddb.cws.oregonstate.edu","scaffidc-db","mYRBEDC15SlLJXmv","scaffidc-db"); $mysqli->query("drop table grades"); $mysqli->query("drop table students"); $mysqli->query("drop table courses"); /* watch out for, and remove, extra carriage returns below */ if (!$mysqli->query("create table courses(cid integer, prof varchar(64), cred integer, cap integer, title varchar(200), primary key(cid))") || !$mysqli->query("create table students(sid integer, onid varchar(32), name varchar(200), primary key(sid))") || !$mysqli->query("create table grades(cid integer, sid integer, grade decimal(3,2), primary key(sid,cid), foreign key(sid) references students, foreign key(cid) references courses)") ) { printf("Cannot create table(s).\n"); } $mysqli->close(); ?>

11 Let’s insert some rows! … /* watch out for, and remove, extra carriage returns below */ $mysqli->query("insert into courses(cid,prof,cred,cap,title) values(361,'cscaffid',4,70,'SE I')"); $mysqli->query("insert into courses(cid,prof,cred,cap,title) values(362,'agroce',4,70,'SE II')"); $mysqli->query("insert into courses(cid,prof,cred,cap,title) values(496,'cscaffid',4,70,'Mobile/Cloud')"); $mysqli->query("insert into students(sid,onid,name) values(931905000,'cjones','C. Jones')"); $mysqli->query("insert into students(sid,onid,name) values(931905001,'amorgan2','A. Morgan')"); $mysqli->query("insert into students(sid,onid,name) values(931905000,'rholdt','R. Holdt')"); … /* watch out for, and remove, extra carriage returns above */

12 Reading all the rows from a table … /* watch out for, and remove, extra carriage returns below */ echo " "; if ($result = $mysqli->query("select cid,prof,cred,cap,title from courses")) { while($obj = $result->fetch_object()){ echo " "; echo " ".htmlspecialchars($obj->cid)." "; echo " ".htmlspecialchars($obj->title)." "; echo " ".htmlspecialchars($obj->prof)." "; echo " ".htmlspecialchars($obj->cred)." "; echo " ".htmlspecialchars($obj->cap)." "; echo " "; } $result->close(); } echo " "; …

13 Updating one row in the table … $mysqli->query("update courses set cap=80 where cid = 362"); echo " "; if ($result = $mysqli->query("select cid,prof,cred,cap,title from courses where cid >= 300 and cid <= 400")) { while($obj = $result->fetch_object()){ echo " "; echo " ".htmlspecialchars($obj->cid)." "; echo " ".htmlspecialchars($obj->title)." "; echo " ".htmlspecialchars($obj->prof)." "; echo " ".htmlspecialchars($obj->cred)." "; echo " ".htmlspecialchars($obj->cap)." "; echo " "; } $result->close(); } echo " "; …

14 Deleting one row in the table … $mysqli->query("delete from courses where cid = 362"); echo " "; if ($result = $mysqli->query("select cid,prof,cred,cap,title from courses where cid >= 300 and cid <= 400")) { while($obj = $result->fetch_object()){ echo " "; echo " ".htmlspecialchars($obj->cid)." "; echo " ".htmlspecialchars($obj->title)." "; echo " ".htmlspecialchars($obj->prof)." "; echo " ".htmlspecialchars($obj->cred)." "; echo " ".htmlspecialchars($obj->cap)." "; echo " "; } $result->close(); } echo " "; …

15 Deleting data when you have foreign keys Table X references table Y, delete rows from Y before rows from X. (e.g., delete Grades before Courses.) cidprofcredcaptitle 361cscaffid470SE I 362agroce470SE II 496cscaffid470Mobile/Cloud 494cscaffid420Web dev sidcidgrade 9319050003614.0 9319050003623.0 9319050013614.0 9319050013624.0 9319050014963.0 9319050023612.0 Courses Grades

16 A brief word about security DO NOT trust the data from the server – One of your co-workers might have allowed users to put evil data into the database! – You can remove special characters with htmlspecialchars() DO NOT trust the data from the browser – JS and jQuery form validation can be bypassed! – Used prepared statements if you need to use data from the browser in your SQL statements Bonus: Potential for performance improvement if you need to repeatedly execute an SQL statement.

17 Inserting with a prepared statement /* Imagine, for a moment, that we are working with data from the browser */ if ($stmt = $mysqli->prepare("insert into courses(cid,prof,cred,cap,title) values(?,?,?,?,?)")) { for ($i = 100; $i < 300; $i++) { $cid = $i; $prof = "Professor X$i"; $cred = 3; $cap = ($cid < 200 ? 150 : 50); $title = "CS Course $i"; /* for five params, pass five character types to bind_param with five values */ $stmt->bind_param("isiis", $cid, $prof, $cred, $cap, $title); $stmt->execute(); } $stmt->close(); } else { printf("Error: %s\n", $mysqli->error); }

18 Types of prepared statement params iinteger ddouble sstring bblob

19 Querying with a prepared statement echo " "; $stmt = $mysqli->prepare("select cid,prof,cred,cap,title from courses where cid >= ? and cid < ?"); $cidmin = 165; $cidmax = 170; $stmt->bind_param("ii",$cidmin,$cidmax); if ($stmt->execute()) { $stmt->bind_result($cid, $prof, $cred, $cap, $title); while($stmt->fetch()){ echo " "; echo " ".htmlspecialchars($cid)." "; echo " ".htmlspecialchars($title)." "; echo " ".htmlspecialchars($prof)." "; echo " ".htmlspecialchars($cred)." "; echo " ".htmlspecialchars($cap)." "; echo " "; } $stmt->close(); }

20 Walk through another site skeleton Browse at http://web.engr.oregonstate.edu/~scaffidc/courses/cs290/skeleton2/ Download at http://web.engr.oregonstate.edu/~scaffidc/courses/cs290/lectures/site_skeleton2.zip Good points: Demonstrates PHP-db integration Bad points: No input validation or data-editing; same page title on every page

21 We’re just scratching the surface… Other features supported by databases – Auto-assigned keys (covered later in this course) – Indexes (covered later in this course) – Transactions – Aggregates, grouping, sorting – Views and synthetic/computed columns – Triggers and stored procedures – Import, export, and backup – Replication For details, take the database courses – And/or cover these in your How-To?

22 Activity Spend the rest of class working on homework http://web.engr.oregonstate.edu/~scaffidc/courses/cs290/homework.shtml

Download ppt "DATABASES."

Similar presentations

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizards Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizards Guide to PHP by David Lash.
PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.

PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.
Housing and Dining Online by Andrew Gorges. Outline  Overview of PHP  Overview of MySQL  Using PHP  Using MySQL  PHP and MySQL together  Production.

Housing and Dining Online by Andrew Gorges. Outline  Overview of PHP  Overview of MySQL  Using PHP  Using MySQL  PHP and MySQL together  Production.
1 Relational Model. 2 Relational Database: Definitions  Relational database: a set of relations  Relation: made up of 2 parts: – Instance : a table,

1 Relational Model. 2 Relational Database: Definitions  Relational database: a set of relations  Relation: made up of 2 parts: – Instance : a table,
CSC 2720 Building Web Applications Database and SQL.

CSC 2720 Building Web Applications Database and SQL.
Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.

Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.
Integrating Databases into the Web with PHP/MySQL CS 4000.

Integrating Databases into the Web with PHP/MySQL CS 4000.
Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.

Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.
Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –

Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io

Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Session 5: Working with MySQL iNET Academy Open Source Web Development.

Session 5: Working with MySQL iNET Academy Open Source Web Development.
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.
Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.

Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.
Web Application Development. Define ER model in QSEE Generate SQL Create Database mySQL Write Script to use TableEditor class Process to create A simple.

Web Application Development. Define ER model in QSEE Generate SQL Create Database mySQL Write Script to use TableEditor class Process to create A simple.
Web Application Development. Tools to create a simple web- editable database QSEE MySQL (or PHPMyAdmin) PHP TableEditor.

Web Application Development. Tools to create a simple web- editable database QSEE MySQL (or PHPMyAdmin) PHP TableEditor.
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
Introduction to SQL Steve Perry

Introduction to SQL Steve Perry
PHP meets MySQL.

PHP meets MySQL.
Web Server Administration Chapter 7 Installing and Testing a Programming Environment.

Web Server Administration Chapter 7 Installing and Testing a Programming Environment.

Similar presentations

Ads by Google