Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP234 - perl Perl DBI Topics Database vs access methods DBMS and DBMS API's Relational database SEQUEL Perl DBI SQL.

Published byAnnice Barber Modified over 8 years ago

Similar presentations

Presentation on theme: "COMP234 - perl Perl DBI Topics Database vs access methods DBMS and DBMS API's Relational database SEQUEL Perl DBI SQL."— Presentation transcript:

1

2 COMP234 - perl Perl DBI

3 Topics Database vs access methods DBMS and DBMS API's Relational database SEQUEL Perl DBI SQL

4 Database vs Access Method Before database technology, systems relied on various OS supported access methods –Sequential –Indexed –Random (CHS, RR #) Programmers had to devise custom algorithms to locate data and maintain data structures on disk Database systems were devised to provide standardized ways to structure data for retrieval with libraries of standard support routines.

5 DBMS Data Base Management System Originally each DBMS supported its own particular abstract data structure on disk –Sequential –Hierarchical –CODASYL sets (Conference on Data Systems Languages, 1959) Each DBMS had its own proprietary API –Another mess

6 Relational Database By the 1970's interest became focused on relational databases and the other models faded "A Relational Model of Data for Large Shared Data Banks” E.F. Codd 1970 Relational model based on clean mathematical model Modern systems also have a common query language API

7 Relational Model Data stored in tables –Mathematically: “relations” Each row in a table is unique –Has unique attribute values Some subset of the columns forms a record key No repeating data –Repeating data is moved to a related table –With bigger key –i.e. Student and Student-Course

8 Related Tables

9 Relational API's Relational Calculus –Based on Predicate calculus –Complex logical formula used to describe data –Not a success Relational Algebra –Based on set theory –Relations are sets –Complex set theory formulas can describe data –Not as bad but...

10 SEQUEL A common compromise API was developed by IBM Originally called SEQUEL (Structured English Query Language) Later changed to SQL because of lawyers English like Describes sets of data Non-procedural –DBMS decides how to retrieve –Sometimes badly

11 The Back End SQL provides a way for programmers to describe the data they want to access The DBMS then has to retrieve the data Usually a client-server process Often some drivers are provided by the DBMS to connect the client to the DBMS SQL statements embedded or built in the client are transported to the DBMS through the client- server interface

12

13 Other Data Models CSV –Comma Separated Values –Basically text files Simple Flat File databases –Berkeley DB OODB –More complex Object Oriented Structures Perl DBI can handle CSV, Flat file and Relational All accessed through SQL

14 Perl DBI Connects perl to DBMS (or directly to data) Provides database independent interface –Different DBMS have different SQL –In DBI they are all the same (mostly) Provides database dependent back end to connect to DBMS DBI (database interface) is the independent part A library of DBD (database driver) modules provides the dependent parts

15 DBI Architecture

16 Use DBI DBI is an object oriented module use DBI; –At the start of your program –Loads DBI DBD modules usually get loaded automatically Three types of objects, called handles –Like file handles Created by class methods of DBI

17 DBI Handles Driver handles –We don't have to worry about these Database handles –Created when perl connects to a database through a DBMS –Child objects of a driver handle Statement handles –Created to execute an operation on a database –Child objects of a Database handle

18 Data Source Names To connect to a database you have to tell perl where it is and what kind it is Data source names accomplish this Example –dbi:mSQL:hostname:database:port_number Always start with dbi: Then the driver name (mSQL) and “:” Then driver specific information

19 Connecting Connect operation needs to know –Which database –A user ID to log in as –A password General syntax is: $dbh = DBI->connect( $data_source, $username, $password, \%attr ) \%attr is an optional hashref containing additional parameter values Returns an object reference –or undef

20 Disconnecting Simpler $dbh->disconnect() Returns True or False Optional but recommended –Automatic disconnect may lose data

21 SQL Statement Handles SQL statement execution starts with creation of a statement handle object Successful SQL statement compilation returns a statement handle Statement handle is then used to run the statement on the database, where results might be created Results are then fetched back to the perl program and stored in perl data structures –Sometimes a hash or an array Final stage deallocates the handle and associated results

22 Preparing a Statement Handle Prepare method sends your SQL statement to the DBMS where it is compiled and the results returned to DBI Statement handle used to run the compiled statement Example: my $sth = $dbh->prepare( "SELECT first-name FROM students" ); If database doesn't support compiled statements this stage might be delayed until just before statement is run

23 Running the SQL Statement $sth->execute() runs the statement Returns True or undef If the statement retrieved any data it retrieved can now be fetched using the same statement handle Some operations don't produce a result set These statements can be run directly, without creating a statement handle, since the handle won't be needed to fetch the results –You may wish to create a handle anyway

24 Stored Procedures: A Performance Issue Most SQL statements will contain some data as well as the SQL code SELECT first-name FROM students WHERE student_ID = “gkent” To run this once for each student ID you would also have to compile it, then fetch the results and deallocate the handle for every student ID Large database systems provide a way to re-use compiled statements by passing parameters to a stored procedure

25 Stored Procedures: A Security Issue The alternative to stored procedures is to combine the statement with any data it might need and send it as a SQL statement to be interpreted at run time Users can include malicious SQL code in the data and that will be executed by the SQL interpreter These SQL injection attacks are not possible with stored procedures

26 An SQL Injection Attack Changing the logic SELECT COUNT(ID) FROM users WHERE id='baker' AND password = 'secret' Enter "baker' --" for id and get : SELECT COUNT(ID) FROM users WHERE id='baker' -- 'AND password = 'input' –"--" makes the password check a comment –"/*" would do the same –"OR 1=1" appended to password makes the test always true

27 Binding Parameters Placeholders can take the place of literal values in the source code for a stored procedure The procedure can then be run once for each of a long list of values, without recompiling each time In perl you can create the statement handle with a place holder Then, for each actual value to be inserted –Bind the value to the statement –Execute the statement with the bound value SQL contained in the bound value will not be interpreted

28 Binding Example $sth = $dbh->prepare( "SELECT first-name FROM students WHERE Student_id = ?" ); The following two statements could be run in a loop where $ID takes on a list of different values: $sth->bind_param( 1, $ID ); $sth->execute( ); Each time this runs, $ID is inserted in place of the “?” in the statement

29 Bind without BIND The two statements $sth->bind_param( 1, $ID ); $sth->execute( ); Can be combined like this $sth->execute( $ID );

30 CRUD Basic data operations –Create –Retrieve –Update –Delete We will start with create

31 Creating a Row Adding a row to a database table is accomplished with the SQL INSERT statement INSERT INTO table_name (column1, column2,..., columnN) VALUES (value1, value2,..., valueN) (columns) can be omitted if every field gets a value INSERT INTO students (Student_ID, First_Name, Last_Name) VALUES ('gkent', 'Graham','Kent')

32 INSERT and the DBI Insert doesn't return a result set Don't need statement handle to retrieve values so we could run it directly –$dbh->do( “INSERT INTO students (Student_ID, First_Name Last_Name) VALUES ('gkent', 'Graham','Kent') “) But: often this sort of statement would run over and over in a loop with names and ID in variables More efficient in that case to prepare and execute

33 INSERT with execute $sth = $dbh->prepare( “INSERT INTO students (Student_ID, First_Name, Last_Name) VALUES (?, ?,?) “) Then this can be run in a loop that provides values for Student_ID First_Name and Last_Name like this $sth->execute( $ID, $FirstName, $LastName) This way the statement only needs to be compiled once

34 Return value from execute Execute statement will return false if an error occurred Otherwise it returns the number of rows affected by the statement If the statement successfully affects no rows the return value will be “0 but true” or 0E0 Both of these are True, but evaluate to zero

35 Creating a table CREATE TABLE statement creates a new table in a database dbh->do(“ CREATE TABLE Students ( Student_ID VARCHAR(15) PRIMARY KEY, First_Name VARCHAR(35), Last_Name VARCHAR(35)) “ ) Syntax and data types may vary depending on the DBMS

36 Creating a Database Usually accomplished with DBMS utilities We will be using SQLite which contains the database in a single disk file that can reside on your USB key DBI data source names reference the file No need for login information Database can be created “on the fly”

37 Creating an SQLite Database my $dbpath = 'E:/Documents/DBlab/Mydb.db' my $dbh = DBI->connect( "dbi:SQLite:dbname=$dbpath","",""); If file doesn't exist it is created If file name is ":memory:" a temporary db in memory is created If file name is omitted a temporary db on disk is created

38 Error Handling Most DBI calls will return undef if an error occurs Error handling can be accomplished with “or die” just like in perl open statements –or die "Can't connect to the database: $DBI::errstr\n" $DBI::errstr contains description of the error DBI also allows for automatic error handling

39 Automatic Error Handling Automatic error handling can produce a warning message and continue Also useful is to produce a message and die –Like in the die statement Two attributes turn this behavior on and off PrintError attribute causes warning message RaiseError prints message and then dies Default is PrintError on and RaiseError off

40 Using Automatic Error Handling Error handling can be set at different levels but most useful is to set it in the connect method $dbh = DBI->connect( "dbi:SQLite:dbname=$dbpath",,,{ PrintError => 0, ### Don't report errors via warn( ) RaiseError => 1 ### Do report errors via die( ) } );

41 Today's Lab Revisiting lab4 Read the log, but put data in an sqlite database instead of a hash Output will be obtained later using ad hoc queries Reference to sqlite syntax –http://www.sqlite.org/lang.htmlhttp://www.sqlite.org/lang.html

Download ppt "COMP234 - perl Perl DBI Topics Database vs access methods DBMS and DBMS API's Relational database SEQUEL Perl DBI SQL."

Similar presentations

Connecting to Databases. relational databases tables and relations accessed using SQL database -specific functionality –transaction processing commit.

Connecting to Databases. relational databases tables and relations accessed using SQL database -specific functionality –transaction processing commit.
Programming MySQL, Perl COEN 351. Reading List Paul DuBois: MySQL and Perl for the Web, New Riders, 2002 Jacqueline D. Hamilton: CGI Programming 101,

Programming MySQL, Perl COEN 351. Reading List Paul DuBois: MySQL and Perl for the Web, New Riders, 2002 Jacqueline D. Hamilton: CGI Programming 101,
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 13 Introduction to SQL Programming Techniques.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 13 Introduction to SQL Programming Techniques.
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 14 Web Database Programming Using PHP.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 14 Web Database Programming Using PHP.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu 15 708 33 Ostrava-Poruba.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Chapter 4B: More Advanced PL/SQL Programming

Chapter 4B: More Advanced PL/SQL Programming
Concepts of Database Management Sixth Edition

Concepts of Database Management Sixth Edition
A Guide to SQL, Seventh Edition. Objectives Embed SQL commands in PL/SQL programs Retrieve single rows using embedded SQL Update a table using embedded.

A Guide to SQL, Seventh Edition. Objectives Embed SQL commands in PL/SQL programs Retrieve single rows using embedded SQL Update a table using embedded.
ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET.

ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET.
Structured Query Language SQL: An Introduction. SQL (Pronounced S.Q.L) The standard user and application program interface to a relational database is.

Structured Query Language SQL: An Introduction. SQL (Pronounced S.Q.L) The standard user and application program interface to a relational database is.
Phil Brewster  One of the first steps – identify the proper data types  Decide how data (in columns) should be stored and used.

Phil Brewster  One of the first steps – identify the proper data types  Decide how data (in columns) should be stored and used.
Introduction To Databases IDIA 618 Fall 2014 Bridget M. Blodgett.

Introduction To Databases IDIA 618 Fall 2014 Bridget M. Blodgett.
Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –

Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –
PHP1-1 PHP & SQL Xingquan (Hill) Zhu

PHP1-1 PHP & SQL Xingquan (Hill) Zhu
Database System Concepts and Architecture Lecture # 3 22 June 2012 National University of Computer and Emerging Sciences.

Database System Concepts and Architecture Lecture # 3 22 June 2012 National University of Computer and Emerging Sciences.
Module 3: Table Selection

Module 3: Table Selection
Chapter 5 Introduction to SQL. Structured Query Language = the “programming language” for relational databases SQL is a nonprocedural language = the user.

Chapter 5 Introduction to SQL. Structured Query Language = the “programming language” for relational databases SQL is a nonprocedural language = the user.
MySQL in PHP – Page 1 of 17CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: MySQL in PHP Reading: Williams &

MySQL in PHP – Page 1 of 17CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: MySQL in PHP Reading: Williams &
4-1 INTERNET DATABASE CONNECTOR Colorado Technical University IT420 Tim Peterson.

4-1 INTERNET DATABASE CONNECTOR Colorado Technical University IT420 Tim Peterson.
Database testing Prepared by Saurabh sinha. Database testing mainly focus on: Data integrity test Data integrity test Stored procedures test Stored procedures.

Database testing Prepared by Saurabh sinha. Database testing mainly focus on: Data integrity test Data integrity test Stored procedures test Stored procedures.

Similar presentations

Ads by Google