One approach - called dynamic SQL - involves the application program generating SQL statements as character strings. One of two approaches is typically used to allow the application code to access the database 1. Accessing the Database from Within a Program A. (At Gordon, this is dealt with in our Internet Programming and Mobile Systems courses.) Our focus in this lecture will be on the interaction between the application and database layers. The book included some discussion of communication between the user interface and the application server via http, but we won't deal with this today. Either way, though, they are conceptually distinct and communicate with each other - often through SQL E. It is possible for the application and database servers to either be the same system or to be on two separate systems communicating vial a network. In many cases, the middle layer also includes a web server that responds to http requests from a web browser (serving as the user interface) or an app running on a mobile device. User Interface (Client) PROJECT: three-tier architecture Business Logic (Application Server) Database (Database Server) 3Ĥ 1. The most common architecture is one called the three-tier architecture. Example: your library project for CPS122 (sort of - but could have been made more this way) However, most applications make use of a client-server model, where the user interface resides on the user's computer or mobile device which communicates with the application using the internet - typically via http. It is certainly possible for all three kinds of tasks to be done by the same program. This could be via a command line interface or some kind of dedicated hardware (e.g an ATM), but is often done through a GUI. User interface tasks - tasks concerned with presenting information to the user and accepting commands from the user. b) Ensuring that the appropriate business rules are adhered too - e.g., for example, if a system is registering students for courses one important rule that needs to be enforced is that a student cannot be signed up for two different courses meeting at the same time (at all, or perhaps without some sort of special permission) 2ģ c) Ensuring that users are properly authenticated if sensitive information is being made available or data is being modified. Business logic tasks - tasks related to the actual logic of the application (which vary widely from application to application, of course.) Quite a few things might fall into this category, including a) Carrying out the task(s) that the software is designed to do: displaying information, recording purchases/reservations/., etc. tasks corresponding to SQL select, insert, update, delete or the equivalent in some other DML). Database tasks - tasks related to accessing/modifying information in the database (e.g. When a user interacts with an application program that stores its data in a generic database, there are three kinds of tasks that are performed: 1. 1Ģ SQL SQL Database vs Application Program SQL SQL Database PROJECT Examples of the latter? ASK Numerous - many web-based ecommerce systems use a database to actually store the data also bank tellers, insurance agents. While the application program may store its data in various kinds of application-specific files (the file processing approach), frequently it stores its information in SQL database. Instead, they run an application program. Of course, the majority of people accessing information stored in a database don't do so directly using SQL. Thus far, we have used SQL as the means of actually accessing/modifying the database. Projectable of SQL Injection attack examples I. Projectable of SQLJ example and of Java code after separation 7. Projectable of JDBC Code revised to use prepared statement 6. Projectable of three tier architecture 3. Projectable of database access from an application 2. To discuss SQL injection in the context of database application development Materials: 1. 1 Objectives: CS352 Lecture - Database Application Development Last revised February 23, To discuss client-server application that uses a database 2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |