Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."

Slides:



Advertisements
Similar presentations
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Advertisements

Welcome to Middleware Joseph Amrithraj
Mobile Application Development Keshav Bahadoor. Part 1 Cross Platform Web Applications.
What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.
Objectives In this session, you will learn to:
Technical Architectures
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
2/11/2004 Internet Services Overview February 11, 2004.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.
Computer Science 101 Web Access to Databases Overview of Web Access to Databases.
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
Client/Server Computing. Information processing is distributed among several workstations and servers on a network, with each function being assigned.
Web Application Architecture: multi-tier (2-tier, 3-tier) & mvc
Software development. Chapter 5 – Data management.
Cross Platform Mobile Backend with Mobile Services James
IOTA Improved Design and Implementation of a Modular and Extensible Website Framework Andrew Hamilton – TJHSST Computer Systems Lab Abstract.
CSCI 6962: Server-side Design and Programming Course Introduction and Overview.
Native Support for Web Services  Native Web services access  Enables cross platform interoperability  Reduces middle-tier dependency (no IIS)  Simplifies.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.
CIS 375—Web App Dev II Microsoft’s.NET. 2 Introduction to.NET Steve Ballmer (January 2000): Steve Ballmer "Delivering an Internet-based platform of Next.
Quality Attributes of Web Software Applications – Jeff Offutt By Julia Erdman SE 510 October 8, 2003.
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
(Building the Presentation Layer - KISS). Figuring out what to do! Every skill that we have was not learnt over night and certainly not without proper.
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
M1G Introduction to Database Development 6. Building Applications.
Part 1. Persistent Data Web applications remember your setting by means of a database linked to the site.
Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting.
DUE Introduction to the Android Platform Working Connections 2011.
Csi315csi315 Client/Server Models. Client/Server Environment LAN or WAN Server Data Berson, Fig 1.4, p.8 clients network.
Downloading and Installing Autodesk Revit 2016
(Building the Presentation Layer - KISS). Figuring out what to do! Every was not learnt over night and certainly not without proper help and support.
The Client/Server Database Environment Ployphan Sornsuwit KPRU Ref.
ASP.NET The Clock Project. The ASP.NET Clock Project The ASP.NET Clock Project is the topic of Chapter 23. By completing the clock project, you will learn.
We will cover in this lecture A first look at issues related to Security Maintenance Scalability Simple Three Tier Architecture Module Road Map Assignment.
SEARCH OPTIMIZER By JAGANI RAJ 7 th /I.T. Guided By: Mrs. Darshana H. Patel.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Case Study Dynamic Website - Three Tier Architecture
I4ma Server Overview. High Level Architecture Internet Mobile Device Web Browser I4ma Server SMS SMS Service.
Jim Janson. Agenda Evolution of software architectures 3-tier User interfaces Application servers Databases.
DataFlow Diagram – Level 0
Trunica Inc. 500 East Kennedy Blvd #300 Tampa, FL Cross Platform Mobile Apps With Cordova and Visual Studio 2015 © Copyright 2015.
Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.
Knut S-C Öjermark K enmark International Pleasanton Senior Center.
8 th Semester, Batch 2009 Department Of Computer Science SSUET.
Spaso Lazarević Microsoft MVP Nova banka ad Banja Luka Building business application using Visual Studio 2013 LightSwitch.
START Application Spencer Johnson Jonathan Barella Cohner Marker.
 Project Team: Suzana Vaserman David Fleish Moran Zafir Tzvika Stein  Academic adviser: Dr. Mayer Goldberg  Technical adviser: Mr. Guy Wiener.
E-commerce Architecture Ayşe Başar Bener. Client Server Architecture E-commerce is based on client/ server architecture –Client processes requesting service.
1. Begin Quick Start 2. Administration 3. Good to Know 4. Slightly Technical 5. User Experience 6. You are ready to go !
Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."
REDCap Mobile Application
DBMS and SQL.
Group 18: Chris Hood Brett Poche
Relational database and SQL MySQL LAMP SQL queries
Server Concepts Dr. Charles W. Kann.
Jon Galloway | Tech Evangelist Christopher Harrison | Head Geek
The Client/Server Database Environment
PHP / MySQL Introduction
Introduction to Databases Transparencies
Architecture.
Introduction of Week 11 Return assignment 9-1 Collect assignment 10-1
Internet Protocols IP: Internet Protocol
Architecture.
How to Download the Firefly Student App to your device
UFCEUS-20-2 Web Programming
Web Application Development Using PHP
Presentation transcript:

Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."

Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting

The DVD Swap Shop Written in VB.NET Suffers from much poor design Available for download from the module web site / blackboard We shall look at a quick demo of what the program does

Security Issues The standard login for the program is User Passwordpassword123 What happens if we use the following? User namehi' or '1'='1

SQL Injection Attacks SQL is a language designed for querying database It stands for Structured Query Language Most commonly abbreviated to SQL or Sequel (as in Sequel Server) We are going to use SQL later in this module and you will be learning it in a parallel module so it won’t do any harm to show you a little SQL now

Concatenation select * from Users where = '" + + "' and UserPassword = '“ + Password + "'" With the following account password123 This concatenates to … select * from Users where = and UserPassword = 'password123'

The Injection Attack select * from Users where = '" + + "' and UserPassword = '" + Password + "'" With the following “account” hi' or '1'='1 This concatenates to … select * from Users where = 'hi' or '1'='1' and UserPassword = 'hi' or '1'='1'

How it Works The single speech mark has terminated the string early Since 1 always equals 1 we return all of the records There are more than zero records so it logs the user in as the first account The first user on any system is often the administrator This is not a lesson on SQL injection attacks it does server to illustrate the vulnerabilities of poor architecture

Maintenance DVD Swap Shop built on Access Not the best choice for an internet application Change to another database e.g. SQL Server DVD.MDB becomes DVD.MDF

The Problem Web page 1 Database Name Web page 2 Database Name Web page 3 Database Name Web page 4 Database Name Data Connection Class Database 100 page site with ten references to the database per page = 1000 changes to the code!

Scalability How many of you have FaceBook or Twitter on your phone? How would we modify the DVD swap shop so there is a phone app that does the same? Re-design the pages However what do we do about the functionality?

Compare the Following Pages

Other Issues to Think About Dealing with International Markets Dealing with Different Computer Platforms

Dealing with International Markets

Amazon Search

Dealing with Different Computer Platforms Mobile Apps - Apple/Android/Windows PCs e.g. iOS / Windows/ Android Linux machines Servers running Apache / IIS What is the technology that makes it possible to support such a range of platforms?

Simple Three Layered Architecture Presentation (Interface) Data Layer Database Middle Tier Business Logic (Objects/Classes)

Benefits : Change Database Technology without Changing the Interface The interface has no knowledge of the structure of the database Middle tier handles communication of data Database technology may be changed with no impact on interface All functionality in the middle tier This means we may bolt on many different interfaces

Benefits : Attach Multiple Presentation Layers Presentation (Interface) Web browser Data Layer Database Middle Tier Business Logic (Objects/Classes) Presentation (Interface) Mobile phone app

Benefits : Code re-use and maintenance All important code is stored in the middle layer Any changes made here benefit all parts of the system using it Code only created once so easier to find an maintain

Overview of Finished Address Book

The Presentation Layer

The Middle Layer

The Data Layer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.