Call-Level Interface - Database Systems - Lecture Slides, Slides of Database Management Systems (DBMS)

Some concepts of Database Systems are Algebra, Call-Level Interface, Concurrency, Concurrency Control, Constraints, Controlling Concurrent Behavior.Main points of this lecture are: Call-Level Interface , Queries, Constructed, Constants, Careless Code, Unexpected, Relation Accounts, Injection, Web Interface, Account Number

Typology: Slides

2012/2013

Uploaded on 04/26/2013

parina
parina 🇮🇳

4.4

(67)

222 documents

1 / 43

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Database-Connection Libraries
Call-Level Interface
Java Database Connectivity
PHP
1
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b

Partial preview of the text

Download Call-Level Interface - Database Systems - Lecture Slides and more Slides Database Management Systems (DBMS) in PDF only on Docsity!

Database-Connection Libraries

Call-Level Interface Java Database Connectivity PHP

An Aside: SQL Injection

  • SQL queries are often constructed by programs.
  • These queries may take constants from user input.
  • Careless code can allow rather unexpected queries to be constructed and executed.

User (Who Is Not Bill Gates) Types

4

Name:

Password:

Your account number is 1234-

gates’ --

who cares?

Comment in Oracle

The Query Executed

SELECT acct FROM Accounts

WHERE name = ’gates’ --’ AND

passwd = ’who cares?’

5

All treated as a comment

Three-Tier Architecture

  • A common environment for using a database has three tiers of processors: 1. Web servers --- talk to the user. 2. Application servers --- execute the business logic. 3. Database servers --- get what the app servers need from the database.

Example: Amazon

  • Database holds the information about products, customers, etc.
  • Business logic includes things like “what do I do after someone clicks ‘checkout’?” - Answer: Show the “how will you pay for this?” screen.

Diagram to Remember

10

Environment Connection

Statement

SQL/CLI

  • Instead of using a preprocessor (as in embedded SQL), we can use a library of functions. - The library for C is called SQL/CLI = “ Call-Level Interface .” - Embedded SQL’s preprocessor will translate the EXEC SQL … statements into CLI or similar calls, anyway.

Handles

  • Function SQLAllocHandle(T,I,O) is used to create these structs, which are called environment, connection, and statement handles. - T = type, e.g., SQL_HANDLE_STMT. - I = input handle = struct at next higher level (statement < connection < environment). - O = (address of) output handle.

Example: SQLAllocHandle

SQLAllocHandle(SQL_HANDLE_STMT,

myCon, &myStat);

  • myCon is a previously created connection

handle.

  • myStat is the name of the statement handle

that will be created.

Example: Prepare and Execute

SQLPrepare(myStat, ”SELECT beer, price FROM Sells WHERE bar = ’Joe’’s Bar’”, SQL_NTS);

SQLExecute(myStat);

16

This constant says the second argument is a “null-terminated string”; i.e., figure out the length by counting characters.

Direct Execution

  • If we shall execute a statement S only once, we can combine PREPARE and EXECUTE with:

SQLExecuteDirect(H,S,L);

  • As before, H is a statement handle and L is the length of string S.

Accessing Query Results

  • When we fetch a tuple, we need to put the components somewhere.
  • Each component is bound to a variable by the function SQLBindCol.
  • This function has 6 arguments, of which we shall show only 1, 2, and 4: 1 = handle of the query statement. 2 = column number. 4 = address of the variable.

Example: Binding

  • Suppose we have just done SQLExecute(myStat), where myStat is the handle for query

SELECT beer, price FROM Sells

WHERE bar = ’Joe’’s Bar’

  • Bind the result to theBeer and thePrice:

SQLBindCol(myStat, 1, , &theBeer, , );

SQLBindCol(myStat, 2, , &thePrice, , );