Presentation is loading. Please wait.

Presentation is loading. Please wait.

Database Application Development CS348 Introduction to Database Management Systems Fall 2014 1 CS348: Database applicaiton development.

Published byClarissa Todd Modified over 9 years ago

Similar presentations

Presentation on theme: "Database Application Development CS348 Introduction to Database Management Systems Fall 2014 1 CS348: Database applicaiton development."— Presentation transcript:

1 Database Application Development CS348 Introduction to Database Management Systems Fall 2014 1 CS348: Database applicaiton development

2 Communicating with a Database Sever How have you interacted with a database server? – Web interface – Management console that comes with the DBMS – Your custom written program (java/C++) Each of the above is a software that is written in a procedural language – How does it communicate in SQL with the DBMS CS348: Database application development2

3 Outline Embedded SQL – SQL libraries for programming languages Call level interfaces – JDBC – ODBC Stored Procedures – Programming in SQL Modern developments – Language integrated querying (LINQ) – Use of SQL in procedural languages CS348: Database application development3

4 Embedded SQL Augment a host procedural programming language with functionality to support SQL – Use a pre-compiler to parse SQL constructs – Embed the result generated machine Example: SQLJ, PRO*C/C++ CS348: Database application development4

5 Embedded SQL example #include EXEC SQL INCLUDE SQLCA; main() { EXEC SQL WHENEVER SQLERROR GOTO error; EXEC SQL CONNECT TO sample; EXEC SQL UPDATE Employee SET salary = 1.1*salary WHERE empno = '000370'; EXEC SQL COMMIT WORK; EXEC SQL CONNECT RESET; return(0); error: printf("update failed, sqlcode = %1d\n",SQLCODE ); EXEC SQL ROLLBACK return(-1); } CS348: Database application development5

6 Embedded SQL: Host variables CS348: Database application development6

7 Host Variables The pre-compiler handles most of the grunt work of converting the query into an executable command – E.g., INT in SQL vs. the programming language – What is a NULL? – Note: The actual SQL statement sent could be different than what is in the program because we are not fully aware of what the compiler is doing CS348: Database application development7

8 Host variables example EXEC SQL BEGIN DECLARE SECTION; char deptno[4]; char deptname[30]; char mgrno[7]; char admrdept[4]; char location[17]; EXEC SQL END DECLARE SECTION; /* program assigns values to variables */ EXEC SQL INSERT INTO Department(deptno,deptname,mgrno,admrdept,location) VALUES (:deptno,:deptname,:mgrno,:admrdept,:location); CS348: Database application development8

9 Embedded SQL: SQLJ import java.sql.*; public class SimpleDemoSQLJ { …//other methods in class public Address getEmployeeAddress(int empno) throws SQLException { Address addr; #sql { SELECT office_addr INTO :addr FROM employees WHERE empnumber = :empno }; return addr; } …//other methods in class } // end of class CS348: Database application development9

10 Cursors If a query returns multiple rows cursors need to be used to retrieve results A cursor is like a pointer/iterator that refers to some row of the result. At any time, a cursor may be in one of three places – Before first tuple – On a tuple – After last tuple CS348: Database application development10

11 Cursor management 4 steps to using cursors – DECLARE the cursor and associate it with a query – OPEN the cursor (conceptually) causing the query to be evaluated – FETCH one or more rows from the cursor – CLOSE the cursor Concept is simple but there are many issues to consider between initiating a query and consuming results of a query. Consider: – Delayed Fetching of 1 billion rows from a remote low bandwidth server – Aggressive fetching (fetch all) and memory management issues – Locking cursors – Looping through dataset while creating other cursors CS348: Database application development11

12 Embedded SQL Takeaway Embedded SQL is not extremely popular – Requires a very specific and “intelligent” pre-compiler – DBMS upgrades and improvements do not necessarily get passed to the pre-compiler (optimizations may require a re- compile) – Original source code is generic but the final executable is specific to a particular pre-compiler created for a specific database system Lessons learnt: – Two completely different programming language paradigms have to be “merged” in one way or the other before execution – Cursor management, memory management, latency, locks are challenges that still exist today (at both the database server side and the application side) CS348: Database application development12

13 Call level interfaces Vendor neutral standard of communicating with a database server – Queries do not get pre-compiled and the database server itself takes care of all optimizations – No need to recompile a program in case you have to use a different database server product from a different vendor – Can query different servers at the same time Most common examples of SQL CLI: – JDBC (Java database Connectivity) – ODBC (Open Database Connectivity) CS348: Database application development13

14 Much simpler Still the same challenges of writing SQL in procedural code – Queries are treated as strings – Results of executing a query (in case of select queries) are treated as containers of data Often called ResultSet (java) or Dataset (C#) – Syntax of the program does not contain SQL (e.g., the code is fully compliant java/C++ compiler compatible code) Interface (driver) is intelligent enough to determine data types of returned data and the programmer can focus on application development CS348: Database application development14

15 Java Example: Assignment 0 import java.sql.*; import java.util.Properties; public class Test { private static final String CONNECTION_STRING = "jdbc:mysql://127.0.0.1/tpch?user=root&password=cs348&Database=tpch;"; public static void main(String[] args) throws ClassNotFoundException,SQLException { Connection con = DriverManager.getConnection(CONNECTION_STRING); String query = "SELECT COUNT(*) FROM LINEITEM AS CNT"; Statement stmt = con.createStatement(); ResultSet rs = stmt.executeQuery(query); while (rs.next()) { System.out.println(rs.getString(1)); } con.close(); } CS348: Database application development15

16 Example: C++ sql::mysql::MySQL_Driver *driver; sql::Connection *con; sql::Statement *stmt; driver = sql::mysql::get_mysql_driver_instance(); con = driver->connect("tcp://127.0.0.1:3306", "user", "password"); stmt = con->createStatement(); stmt->execute("USE " EXAMPLE_DB); stmt->execute("DROP TABLE IF EXISTS test"); stmt->execute("CREATE TABLE test(id INT, label CHAR(1))"); stmt->execute("INSERT INTO test(id, label) VALUES (1, 'a')"); delete stmt; delete con; /*taken from MySQL samples*/ CS348: Database application development16

17 Prepared Statements Can also create statement templates called “prepared statements” CODE: String updateString = "update " + dbName + ".COFFEES " + "set SALES = ? where COF_NAME = ?"; updateSales = con.prepareStatement(updateString); //…Later on in the program updateSales.setInt(1, 100); updateSales.setString(2, "French_Roast"); updateSales.executeUpdate(); CS348: Database application development17

18 Why use prepared statements? Can pre-compile and optimize the query before execution – Need to do compile and optimize only once! DBMS can optimize and make a query plan ahead of time knowing what kind of query it will be expecting – Typically used where a single query will be executed multiple times with different parameters – Dynamically adjusting query execution plans is expensive so prepared statements prepare the database for upcoming queries. CS348: Database application development18

19 Prepared statement benefits Prepared statements are resilient to SQL injection attacks Warning: Don’t let users directly query your DB! conn = pool.getConnection( ); String sql = "select * from user where username='" + username +"' and password='" + password + "'"; stmt = conn.createStatement(); rs = stmt.executeQuery(sql); if (rs.next()) { loggedIn = true; System.out.println("Successfully logged in"); } else { System.out.println("Username/password not recognized"); } CS348: Database application development19

20 SQL Injection Directly inserting user input into SQL queries is dangerous! SELECT * FROM USER WHERE USERNAME = 'X' AND PASSWORD = 'Y' -- What if a hacker enters username = admin' OR '1'='1 -- Any password will work! SELECT * FROM USER WHERE USERNAME = 'admin' OR '1'='1' AND PASSWORD = 'Y' CS348: Database application development20

21 Stored procedures Yet another approach to client-server programming How it works – The programmer/application passes only the parameters to the SQL server and let it do everything else – SQL on the server itself is sufficient to do everything CS348: Database application development21

22 Stored procedures Stored procedures (SP) are: – Functions, procedures, and routines within the database server that can be invoked by applications – SPs are written in SQL and are typically long sequences of SQL code that many applications can use Avoid rewrite of SQL code across several applications by merging them into SPs – Low maintenance cost, hiding schema for programmers and providing another interface for them to use Why should a programmer have to write SQL code in an application that may need maintenance if the table structure changes – Why not Object.savetodatabase(); CS348: Database application development22

23 SP Example (MySQL) CREATE PROCEDURE GetOfficeByCountry(IN countryName VARCHAR(255)) BEGIN SELECT * FROM offices WHERE country = countryName; END CS348: Database application development23

24 Executing SPs (MySQL) Using SQL interface: CALL GetOfficeByCountry('Canada') Using application: stmt.executeQuery("CALL GetOfficeByCountry('Canada')"); CS348: Database application development24

25 Programming in SPs (MySQL) CREATE FUNCTION IncomeLevel ( monthly_value INT ) RETURNS varchar(20) BEGIN DECLARE income_level varchar(20); IF monthly_value <= 4000 THEN SET income_level = 'Low Income'; ELSEIF monthly_value > 4000 AND monthly_value <= 7000 THEN SET income_level = 'Avg Income'; ELSE SET income_level = 'High Income'; END IF; RETURN income_level; END; -- Call this procedure after creating it CALL IncomeLevel(40000) CS348: Database application development25

26 Stored procedures CS348: Database application development26 Of course SPs can be “called” in other SPs (recursively) Depending on what an SP returns we can write SELECT statements that can utilize the return parameters Other lesser powerful variants such as “functions” also exist in most DBMS

27 Stored procedures CS348: Database application development27 Programming language of stored procedures is not widely standardized but is very similar – PL/SQL (Oracle), Transact-SQL (Microsoft), SQL/PSM (MySQL), SQL PL (DB2), even java is used in some DBMS for writing stored procedures In addition many DBMS allow you to execute your own externally written program (i.e., external call to a program written in C/C++) – Can be slow because of overhead but used in many situations where external software interacting with a server is required!

28 Stored procedures CS348: Database application development28 Lots of benefits – Keep SQL code stored in the SQL server – Programmers only pass parameters and retrieve datasets – Maintenance and upgrading all pieces of software that rely on a common database is easy to do because we have eliminated querying in applications altogether (i.e., no SELECT statement in application necessary, only CALL)

29 LINQ CS348: Database application development29 Relatively new, future unknown Why not take the best of SQL and integrate it within a programming language C# Example: Let us say we have an array of objects and instead of looping through the array a programmer could write a declarative (SQL-like) query against the array Car[] carList =... var carMake = from item in carList where item.Model == "bmw" select item.Make;

30 LINQ Example (C#) CS348: Database application development30 class IntroToLINQ { static void Main() { // The Three Parts of a LINQ Query: // 1. Data source. int[] numbers = new int[7] { 0, 1, 2, 3, 4, 5, 6 }; // 2. Query creation. // numQuery is an IEnumerable var numQuery = from num in numbers where (num % 2) == 0 select num; // 3. Query execution. foreach (int num in numQuery) { Console.Write("{0,1} ", num); }

31 Why LINQ CS348: Database application development31 Procedural code is long (expensive) and full of bugs Let the programmer declare what he wants instead of writing a long procedure to extract it Code can become difficult to read for non-expert programmers and LINQ may not catch on with non-DB progammers

Download ppt "Database Application Development CS348 Introduction to Database Management Systems Fall 2014 1 CS348: Database applicaiton development."

Similar presentations

SQL*PLUS, PLSQL and SQLLDR Ali Obaidi. SQL Advantages High level – Builds on relational algebra and calculus – Powerful operations – Enables automatic.

SQL*PLUS, PLSQL and SQLLDR Ali Obaidi. SQL Advantages High level – Builds on relational algebra and calculus – Powerful operations – Enables automatic.
CSC343 – Introduction to databases – A. Vaisman1 Database Application Development.

CSC343 – Introduction to databases – A. Vaisman1 Database Application Development.
Database programming in Java An introduction to Java Database Connectivity (JDBC)

Database programming in Java An introduction to Java Database Connectivity (JDBC)
Embedded SQL John Ortiz. Lecture 15Embedded SQL2 Why Isn’t Interactive SQL Enough?  How to do this using interactive SQL?  Print a well-formatted transcript.

Embedded SQL John Ortiz. Lecture 15Embedded SQL2 Why Isn’t Interactive SQL Enough?  How to do this using interactive SQL?  Print a well-formatted transcript.
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 13 Introduction to SQL Programming Techniques.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 13 Introduction to SQL Programming Techniques.
Murali Mani SQL with other Programming Languages.

Murali Mani SQL with other Programming Languages.
M.P. Johnson, DBMS, Stern/NYU, Sp20041 C20.0046: Database Management Systems Lecture #18 Matthew P. Johnson Stern School of Business, NYU Spring, 2004.

M.P. Johnson, DBMS, Stern/NYU, Sp20041 C : Database Management Systems Lecture #18 Matthew P. Johnson Stern School of Business, NYU Spring, 2004.
EmbeddedSQL: 1 Impedance Mismatch Problem Problem : How to connect SQL statements with conventional programming languages Different models of language.

EmbeddedSQL: 1 Impedance Mismatch Problem Problem : How to connect SQL statements with conventional programming languages Different models of language.
Three-Tier Architecture Oracle DB Server Apache Tomcat App Server Microsoft Internet Explorer HTML Tuples HTTP Requests JDBC Requests Java Server Pages.

Three-Tier Architecture Oracle DB Server Apache Tomcat App Server Microsoft Internet Explorer HTML Tuples HTTP Requests JDBC Requests Java Server Pages.
Riyadh Philanthropic Society For Science Prince Sultan College For Woman Dept. of Computer & Information Sciences CS 340 Introduction to Database Systems.

Riyadh Philanthropic Society For Science Prince Sultan College For Woman Dept. of Computer & Information Sciences CS 340 Introduction to Database Systems.
Java MS Access database connectivity Follow these steps: 1)Go to the start->Control Panel->Administrative Tools- > data sources. 2)Click Add button and.

Java MS Access database connectivity Follow these steps: 1)Go to the start->Control Panel->Administrative Tools- > data sources. 2)Click Add button and.
SEMESTER 1, 2013/2014 DB2 APPLICATION DEVELOPMENT OVERVIEW.

SEMESTER 1, 2013/2014 DB2 APPLICATION DEVELOPMENT OVERVIEW.
DB2. 2 Copyright © 2005, Infosys Technologies Ltd ER/CORP/CRS/DB01/003 Version No:2.0a Session Plan SPUFI Hands On Introduction to Embedded SQL DCLGEN.

DB2. 2 Copyright © 2005, Infosys Technologies Ltd ER/CORP/CRS/DB01/003 Version No:2.0a Session Plan SPUFI Hands On Introduction to Embedded SQL DCLGEN.
Embedded SQL Host Language (record-oriented) DBMS (set-oriented) 1. Query 3. Process a tuple at a time 4. Close Cursor 2. Evaluate query. Provide cursor.

Embedded SQL Host Language (record-oriented) DBMS (set-oriented) 1. Query 3. Process a tuple at a time 4. Close Cursor 2. Evaluate query. Provide cursor.
Dale Roberts 8/24/2015 1 Department of Computer and Information Science, School of Science, IUPUI Dale Roberts, Lecturer Computer Science, IUPUI E-mail:

Dale Roberts 8/24/ Department of Computer and Information Science, School of Science, IUPUI Dale Roberts, Lecturer Computer Science, IUPUI
1 Section 6 Embedded SQL. 6-2 CA306 Embedded SQL Section Content 6.1Embedded SQL 6.2Java Database Connectivity 6.3Web Databases.

1 Section 6 Embedded SQL. 6-2 CA306 Embedded SQL Section Content 6.1Embedded SQL 6.2Java Database Connectivity 6.3Web Databases.
Getting connected.  Java application calls the JDBC library.  JDBC loads a driver which talks to the database.  We can change database engines without.

Getting connected.  Java application calls the JDBC library.  JDBC loads a driver which talks to the database.  We can change database engines without.
1 CSC 440 Database Management Systems JDBC This presentation uses slides and lecture notes available from

1 CSC 440 Database Management Systems JDBC This presentation uses slides and lecture notes available from
1 Java Database Connection (JDBC) There are many industrial-strength DBMS's commercially available in the market. Oracle, DB2, and Sybase are just a few.

1 Java Database Connection (JDBC) There are many industrial-strength DBMS's commercially available in the market. Oracle, DB2, and Sybase are just a few.
Overview of JDBC and Pro*C 1 Overview of JDBC,Pro*C and Oracle connectivity on Omega CSE 5330 – Database Systems.

Overview of JDBC and Pro*C 1 Overview of JDBC,Pro*C and Oracle connectivity on Omega CSE 5330 – Database Systems.

Similar presentations

Ads by Google