Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS320 Web and Internet Programming Database Access with JDBC Chengyu Sun California State University, Los Angeles.

Published byMeghan Crawford Modified over 8 years ago

Similar presentations

Presentation on theme: "CS320 Web and Internet Programming Database Access with JDBC Chengyu Sun California State University, Los Angeles."— Presentation transcript:

1 CS320 Web and Internet Programming Database Access with JDBC Chengyu Sun California State University, Los Angeles

2 Client-Server Architecture of Databases ClientServer mysql MySQL Workbench PHPMyAdmin … Applications DB A library that sends SQL and other commands from client to server, and get the results from server to client.

3 JDBC JDBC DriverDB Server com.mysql.jdbc.Driver JDBC API Java Program MySQL DBMS Independent

4 About JDBC Java DataBase Connectivity JDBC API is DBMS independent JDBC Driver implements JDBC API for a particular DBMS

5 Example: HelloJDBC.java Load JDBC driver Only need to be done once per application Make connections Execute queries Process results Handle exceptions (and close connections)

6 JDBC Basics … import java.sql.*; Initialize driver Class.forName("com.mysql.jdbc.Driver") Create connection URL  jdbc:mysql://[host:port]/[database][?user=cs320stu31& password=abcd] DriverManager.getConnection( URL ) DriverManager.getConnection( URL, user, pass )

7 … JDBC Basics Create statement Statement stmt = c.createStatement();  stmt.executeQuery(String sql)  stmt.executeUpdate(String sql) Get result back ResultSet rs http://docs.oracle.com/javase/tutorial/jdbc/index.html

8 DB Query Results In a program, we want to Access each record Access each attribute in a record Access the name of each attribute select * from items; namepricequantity Milk3.892 Beer6.991

9 JDBC ResultSet – Row Access next() – move cursor down one row Cursor starts from before the 1 st record true if the current record is valid false if no more records Record 1 Record 2 Record 3 … Cursor Results

10 Common Code for Processing ResultSet Process each row while(rs.next()) {…} Check whether a result set is empty if(rs.next()) {…}

11 JDBC ResultSet – Column Access Access the columns of current row getXxx( String columnName ) E.g. getString( “user” ); getXxx( int columnIndex ) columnIndex starts from 1 E.g. getString( 1 ); http://docs.oracle.com/javase/7/docs/api/java/sql/ResultSet.html

12 JDBC ResultSet – Access Column Names ResultSetMetaData getColumnName( columnIndex )  Column name getColumnLabel( columnIndex )  Column title for display or printout ResultSetMetaData meta = rs.getMetaData();

13 JDBC ResultSet – Size No size() method? Something about FetchSize getFetchSize() setFetchSize( int nrows )

14 Handle Exceptions catch( SQLException e ) { throw new ServletException( e ); } finally { try { if( c != null ) c.close(); } catch( SQLException e ) { throw new ServletException( e ); }

15 Example: GuestBook (JDBC) – Display Create a guest_book table Retrieve the entries in a servlet Display the entries in a JSP

16 Example: GuestBook (JDBC) – Add Save new guest book entries to the database executeQuery() vs. executeUpdate() Potential problems of handing user input Special characters SQL injection attack

17 Example: SQL Injection Attack User input should NOT be trusted Regular user input Username: cysun Password: abcd Malicious user input Username: someuser Password: something’ or ‘1 Prevent SQL injection attack?

18 Prepared Statements Statements with parameters String sql = “insert into items values (? ? ?)”; PreparedStatement pstmt =c.prepareStatement(sql); pstmt.setString(1, “orange”); pstmt.setBigDecimal(2, 0.59); pstmt.setInt(3, 4); pstmt.executeUpdate();

19 Benefits of Prepared Statements Special characters are properly handled Secure if the SQL statement is constructed from user input The SQL statement is more readable Better performance (maybe)

Download ppt "CS320 Web and Internet Programming Database Access with JDBC Chengyu Sun California State University, Los Angeles."

Similar presentations

CE203 - Application Programming Autumn 2013CE203 Part 51 Part 5.

CE203 - Application Programming Autumn 2013CE203 Part 51 Part 5.
JDBC. Java Database Connectivity (JDBC) Use the java.sql package to query and update the database. JDBC is an API that allows java to communicate with.

JDBC. Java Database Connectivity (JDBC) Use the java.sql package to query and update the database. JDBC is an API that allows java to communicate with.
1 JDBC Java Database Connectivity. 2 c.pdf

1 JDBC Java Database Connectivity. 2 c.pdf
1 JDBC: Java Database Connectivity. 2 Introduction to JDBC JDBC is used for accessing databases from Java applications Information is transferred from.

1 JDBC: Java Database Connectivity. 2 Introduction to JDBC JDBC is used for accessing databases from Java applications Information is transferred from.
Java Database Connectivity (JDBC) java.sql package to query and update the database. JDBC is an API that allows java to communicate with a database server.

Java Database Connectivity (JDBC) java.sql package to query and update the database. JDBC is an API that allows java to communicate with a database server.
1 Lecture 29 More on JDBC Overview  Objectives of this lecture  JDBC and its Drivers  Connecting to Databases (Java’s Connection class)  Querying a.

1 Lecture 29 More on JDBC Overview  Objectives of this lecture  JDBC and its Drivers  Connecting to Databases (Java’s Connection class)  Querying a.
1 Foundations of Software Design Lecture 27: Java Database Programming Marti Hearst Fall 2002.

1 Foundations of Software Design Lecture 27: Java Database Programming Marti Hearst Fall 2002.
Three-Tier Architecture Oracle DB Server Apache Tomcat App Server Microsoft Internet Explorer HTML Tuples HTTP Requests JDBC Requests Java Server Pages.

Three-Tier Architecture Oracle DB Server Apache Tomcat App Server Microsoft Internet Explorer HTML Tuples HTTP Requests JDBC Requests Java Server Pages.
1 JDBC Java Database Connectivity. 2 Getting Started Guide: etstart/GettingStartedTOC.fm.html java.sql.

1 JDBC "Java Database Connectivity". 2 Getting Started Guide: etstart/GettingStartedTOC.fm.html java.sql.
UFCE4Y-20-31 UFCE4Y-20-3 Components and Services Julia Dawson.

UFCE4Y UFCE4Y-20-3 Components and Services Julia Dawson.
JAVA JDBC JAVA JDBC Java Database Programming Lamiaa Said.

JAVA JDBC JAVA JDBC Java Database Programming Lamiaa Said.
1 Java Database Connection (JDBC) There are many industrial-strength DBMS's commercially available in the market. Oracle, DB2, and Sybase are just a few.

1 Java Database Connection (JDBC) There are many industrial-strength DBMS's commercially available in the market. Oracle, DB2, and Sybase are just a few.
CSCI 6962: Server-side Design and Programming JDBC Database Programming.

CSCI 6962: Server-side Design and Programming JDBC Database Programming.
Java Database Connectivity Vijayan Sugumaran Department of DIS Oakland University.

Java Database Connectivity Vijayan Sugumaran Department of DIS Oakland University.
© Wang Bin 2004 JDBC ----Java Database Connectivity.

© Wang Bin 2004 JDBC ----Java Database Connectivity.
Beginning Databases with JDBC Mike Bradley Adapted from and notes by Kevin Parker, Ph.D.

Beginning Databases with JDBC Mike Bradley Adapted from and notes by Kevin Parker, Ph.D.
Java Database Connectivity ASE. Java Database Connectivity (JDBC) l JDBC – provides an interface to Relational Data Sources l JDBC library provides the.

Java Database Connectivity ASE. Java Database Connectivity (JDBC) l JDBC – provides an interface to Relational Data Sources l JDBC library provides the.
Database Programming in Java Corresponds with Chapter 32, 33.

Database Programming in Java Corresponds with Chapter 32, 33.
JDBC and Hibernate Joshua Scotton. Connecting to Relational DBs.

JDBC and Hibernate Joshua Scotton. Connecting to Relational DBs.
Active Server Pages ASP is Microsoft’s server-side script engine for dynamically-generated web pages. Most common language used is VBScript. If you use.

Active Server Pages ASP is Microsoft’s server-side script engine for dynamically-generated web pages. Most common language used is VBScript. If you use.

Similar presentations

Ads by Google