SystemSystem AspectsAspects ofof SQLSQL
SQL Environment User Access Control SQL in Programming Environment Embedded SQL SQL and Java Transactions (Programmers View) SQLSQL Environment:Environment: IntroductionIntroduction
SQL server Supports operations on database elements Typically runs on large host machine
SQL client Supports user connections to server Runs on (different) host machine FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Connection Channel between client and server
2 SQLSQL Environment:Environment: IntroductionIntroduction
Session All SQL operations performed while connection open Current catalog, current schema , authorized user
SQL Environment SQL agent
Connection SQL Server SQL Client Session FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Application Module: application program SQL agent: execution of module
3 SQLSQL Environment:Environment: ModuleModule TypesTypes
Generic SQL Interface: Module: each query or statement
Embedded SQL: SQL statements within host-language program SQL statements pre-processed to function calls Calls executed at run-time
True modules: Collection of stored procedures FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Host language code, SQL code
4 SQLSQL Environment:Environment: PrivilegesPrivileges
User Outside schema, handling implementation dependent Identification by Authorization ID (user name)
Role Defines user group Inside schema, handling via SQL statements Identification by Authorization ID (role name) All users: special role PUBLIC Examples: FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I CREATE ROLE Customer; CREATE ROLE Secretary WITH ADMIN Klaus; CREATE ROLE Movie_staff; CREATE ROLE Shop_owner;
5 UserUser AccessAccess Control:Control: IntroductionIntroduction
Secrecy: Users should not be able to see things they are not supposed to. e.g., A student can’t see other students’ grades.
Integrity: Users should not be able to modify things they are not supposed to. e.g., Only instructors can assign grades.
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Availability: Users should be able to see and modify things they are allowed to.
6 UserUser AccessAccess Control:Control: IntroductionIntroduction
Security policy specifies authorization Security mechanism enforces a security policy
Two mechanisms at DBMS level
Discretionary access control Concept of privileges for objects (tables and views) Mechanisms for giving and revoking users privileges
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Mandatory access control System-wide policies for DBS DB object have security class Rules on security classes govern access Used for specialized (e.g., military) applications
7 UserUser AccessAccess Control:Control: PrivilegesPrivileges
Privileges Right to perform SQL statement type on objects Assigned to roles (authorization IDs) Creator of object: all privileges DBMS: management of privileges and access rights
Privilege types: SELECT on table or view INSERT on table or view DELETE on table or view FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I UPDATE on table or view REFERENCES: right to refer to relation in constraint USAGE: (SQL-92) right to use specified domain ALL PRIVILEGES: short form for all privileges
8 UserUser AccessAccess Control:Control: PrivilegesPrivileges
Example INSERT INTO Format(name) SELECT format FROM Tape t WHERE t.format NOT IN (SELECT name FROM format);
Privileges: SELECT on Tape SELECT on Format FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I INSERT on Format
9 UserUser AccessAccess Control:Control: PrivilegesPrivileges
Grant privilege
GRANT
GRANT OPTION: Right to pass privilege on to other users Only owner can execute CREATE, ALTER, and DROP
Privilege to SELECT particular columns in a table FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I GRANT
10 UserUser AccessAccess Control:Control: PrivilegesPrivileges
Examples:
GRANT INSERT, SELECT ON Movie TO Klaus Klaus can query Movie or insert tuples into it.
GRANT DELETE ON Movie TO shop_owner WITH GRANT OPTION Anna can delete tuples, and also authorize others to do so
GRANT UPDATE (pricePDay) ON Movie TO movie_staff Staff can update (only) the price field of Movie tuples FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
GRANT SELECT ON MovieView TO Customers This does NOT allow the customers to query Movie directly!
11 UserUser AccessAccess Control:Control: PrivilegesPrivileges onon viewsviews
Creator has privilege on view if privilege on all underlying tables
Creator loses SELECT privilege on underlying table ⇒ view is dropped
Creator loses a privilege on underlying table ⇒ creator loses privilege on view
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Creator loses a privilege held with grant option on underlying table ⇒ users who were granted that privilege on the view lose privilege on view
12 UserUser AccessAccess Control:Control: PrivilegesPrivileges Core Revoke privilege SQL:1999
REVOKE
RESTRICT: only revoke if non of the privileges have been granted by theseusers
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Privilege given from different users – must be revoked from all users to loose privilege
13 UserUser AccessAccess Control:Control: ExamplesExamples
Owner: GRANT Update ON Movie TO Klaus; Owner: GRANT Update ON Movie TO Anna;
owner Klaus Anna
Movie Priv Priv
Priv
Owner: REVOKE Update ON Movie FROM Klaus RESTRICT;
owner Klaus Anna FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Movie Priv
Priv
14 UserUser AccessAccess Control:Control: ExamplesExamples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION; Klaus: GRANT Update ON Movie TO Anna;
owner Klaus Anna
Movie Priv Priv
Priv Grant
Owner: REVOKE Update ON Movie FROM Klaus RESTRICT;
owner Klaus Anna FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Movie Priv Priv
Priv Grant Command fails ! 15 UserUser AccessAccess Control:Control: PrivilegesPrivileges enhanced Revoke privilege SQL:1999
REVOKE [GRANT OPTION FOR]
CASCADE: revoke from all users that have been granted the privilege by these users RESTRICT: only revoke if non of the privileges have been
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I granted by this user
16 UserUser AccessAccess Control:Control: ExamplesExamples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION; Klaus: GRANT Update ON Movie TO Anna;
owner Klaus Anna
Movie Priv Priv
Priv Grant
Owner: REVOKE Update ON Movie FROM Klaus CASCADE;
owner Klaus Anna FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Movie
Priv
17 UserUser AccessAccess Control:Control: ExamplesExamples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION; Klaus: GRANT Update ON Movie TO Anna;
owner Klaus Anna
Movie Priv Priv
Priv Grant
Owner: REVOKE GRANT OPTION FOR Update ON Movie FROM Klaus CASCADE; owner Klaus Anna FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Movie Priv
Priv
18 UserUser AccessAccess Control:Control: ExamplesExamples
Owner: GRANT Update ON Movie TO Klaus WITH GRAND OPTION; Owner: GRANT Update ON Movie TO Anna; Klaus: GRANT Update ON Movie TO Anna;
owner Klaus Anna
Movie Priv Priv
Priv
Owner: REVOKE GRANT OPTION FOR Update ON Movie FROM Klaus CASCADE;
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I owner Klaus Anna
Movie Priv
Priv
19 UserUser AccessAccess Control:Control: ObjectObject ownersowners
Schema owner: Right for create, drop, alter (no privilege, not grantable) All privileges on schema objects
Object creator/owner: Create statement: current authorizationID is owner Enhanced SQL:1999 : owner needn't be creator
Current user privileges in Oracle: SQL> SELECT * FROM session_privs;
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I SQL> SELECT * FROM session_privs;
PRIVILEGEPRIVILEGE ------CREATECREATE SESSIONSESSION ALTERALTER SESSIONSESSION CREATECREATE TABLETABLE ...... 20 SQLSQL inin Programs:Programs: IntroductionIntroduction
SQL Sub-language for data access Efficient database operations
Host language: Control structures Complex computations User interface: output formatting, forms Transactions: DB interactions as unit of work FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
SQL and host language needed
21 SQLSQL inin Programs:Programs: ImpedanceImpedance MismatchMismatch
Impedance Mismatch: differing data model of SQL and host language
Problems: Set oriented operations vs manipulation of individuals Interconnection of program variables and SQL statements Compilation time of embedded SQL-statements FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
22 SQLSQL inin Programs:Programs: Program/DBSProgram/DBS CommunicationCommunication
1. Fourth Generation Languages (4GL) Decreasing importance
2. Module Languages Standardized in SQL:1999
3. Call level interface Most important approach Standardized in SQL:1999 FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I 4. Component architectures Hiding the details of DB interaction Example: Enterprise Java Beans (EJB)
23 SQLSQL inin Programs:Programs: 1.1. 4GL4GL
Underlying assumption: application programs algorithmically simple sophisticated output formatting needed difficult to switch between different DBS
Technical concept:
Client workstation (presentation, Database server requests, GUI) FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Proprietary protocol
Decreasing importance
24 SQLSQL inin Programs:Programs: 2.2. ModulesModules
Parameterized modules of SQL statements Standardized in SQL:1999 Compiled for a particular language Linked to application program Language Examples: COBOL, C, ADA, ...
Disadvantages: SQL code hidden in application and vice versa Not widely used FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Used in stored procedures (e.g., Oracle PL/SQL) Executed under control of DBS
25 SQLSQL inin Programs:Programs: 2.2. ModulesModules (cont)(cont)
Example: MODULEMODULE demodemo NAMESNAMES areare asciiascii LANGUAGELANGUAGE FORTRANFORTRAN SCHEMASCHEMA movie_dbmovie_db AUTHORIZATIONAUTHORIZATION ...... Returned PROCEDURE discount_op state value PROCEDURE discount_op (SQLSTATE,(SQLSTATE, :title:title VARCHAR(40),VARCHAR(40), :discount:discount DECIMAL(3,2))DECIMAL(3,2)) Program UPDATEUPDATE MovieMovie M M Language SETSET pricePdaypricePday = = pricePdaypricePday - - :discount :discount variables WHEREWHERE M.titleM.title == :title;:title;
PROCEDUREPROCEDURE customerStatecustomerState FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I (SQLSTATE,(SQLSTATE, :customer:customer INTEGER)INTEGER) SELECTSELECT movie_id,tape_id,from_datemovie_id,tape_id,from_date FROMFROM TapeTape T,T, RentalRental R R WHEREWHERE R.memberR.member == customercustomer ANDAND R.tape_idR.tape_id == T.id;T.id;
26 SQLSQL inin Programs:Programs: 3.3. CallCall levellevel interfaceinterface
Interface in standard programming languages Proprietary library routines, API
Embedded C / Java / .. Standardized language extensions
Standardized API Open Database connection (ODBC), Java Database Connectivity (JDBC) FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
27 SQLSQL inin Programs:Programs: 3.3. CallCall levellevel interfaceinterface
Language/DBS specific library of procedures
Example: MySQL C API Buffer for transferring commands and results
API data types, e.g., MYSQL handle for db connections MYSQL_RES result set structure
API functions, e.g., FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I mysql_real_query() mysql_real_query(MYSQL *mysql, const char *query, unsigned int queryLength)
28 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
Direct SQL: SQL interpreter accepts and executes SQL commands
SQL in host language: Program in programming language (C, Java,…) Parts of program in SQL statements
Most implementations: call level interface used Most popular: Embedded C (Oracle: PRO*C) FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Java support SQLJ = Embedded Java JDBC = Standardized call interface for Java
29 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
Program with "native" and SQL-like statements Pre-compiler = Preprocessor creates native code Calls to DBS resources included Programmer: embedded SQL or function calls
SQL Host language library + Embedded SQL FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Host language + Object-code Preprocessor Host language Function Calls compiler program
30 SQLSQL inin Programs:Programs: Static/dynamicStatic/dynamic embeddingembedding
Static embedding: SQL commands known in advance SQL-compilation and language binding at pre-compile time
Dynamic SQL: SQL-String compiled at runtime variable bindings at runtime FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
31 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
Concepts: Well defined type mapping (for different languages)
Syntax for embedded SQL statements EXEC SQL {SELECT title FROM ...}
Binding to host language variables
EXEC SQL {SELECT id FROM Movie WHERE titel = :titleString};...
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Exception handling WHENEVER
32 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
SQL / Host Language Interface:
Embedded SQL-statement: EXEC SQL
Shared variables: :
Exception handling: FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I SQLSTATE (SQL function execution status) e.g., 00000 - no problem 02000 – answer tuple not found
33 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
Shared variable declaration
Syntax: EXEC SQL BEGIN DECLARE SECTION; … EXEC SQL END DECLARE SECTION;
Declaration in host language Use variable types in common FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Example: EXEC SQL BEGIN DECLARE SECTION; integer movie_number; integer tape_number; EXEC SQL END DECLARE SECTION;
34 SQLSQL inin Programs:Programs: EmbeddedEmbedded SQLSQL
Single row results: direct insert into variable
Syntax:
EXEC SQL SELECT
Multiple row results: Use of cursors on result set
35 SQLSQL inin Programs:Programs: CursorCursor conceptconcept
Important concept Cursor: Name of SQL statement and Handle for processing the result set record by record
Defined at runtime Opened at runtime (SQL-statement executed)
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Used in most language embeddings of SQL e.g., ESQL-C, PL/SQL, JDBC
36 SQLSQL inin Programs:Programs: CursorCursor conceptconcept
No binding of result attributes to variables Allows traversal of result set row by row
1. Cursor declaration 2. Cursor initialisation 3. Fetch tuples 4. Close cursor
no
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I yes DECLARE OPEN FETCH EMPTY? CLOSE
37 SQLSQL inin Programs:Programs: CursorCursor conceptconcept
Cursor declaration: EXEC SQL DECLARE
Cursor initialisation: EXEC SQL OPEN
binds input variables executes query FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I puts first results into communication area positions cursor before first row of the result set
38 SQLSQL inin Programs:Programs: CursorCursor conceptconcept
Fetch tuples: EXEC SQL FETCH
Puts next results into communication area Positions cursor before before next row of the result set Assigns tuple to shared variables Sets SQLSTATE FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
39 SQLSQL inin Programs:Programs: ExampleExample
#include#include
/*/* declaredeclare hosthost variablesvariables */*/ EXECEXEC SQLSQL BEGINBEGIN DECLAREDECLARE SECTION;SECTION; charchar userid[12]userid[12] == "ABEL/xyz";"ABEL/xyz"; charchar movie_name[10];movie_name[10]; intint movie_number; movie_number; intint tape_number; tape_number; charchar temp[32];temp[32]; void sql_error(); FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I void sql_error(); EXECEXEC SQLSQL ENDEND DECLAREDECLARE SECTION;SECTION;
/*/* includeinclude thethe SQLSQL CommunicationCommunication AreaArea */*/ #include#include
/*/* mainmain programprogram */*/
main()main() {{ movie_numbermovie_number == 200;200;
/*/* handlehandle errorserrors */*/ EXECEXEC SQLSQL WHENEVERWHENEVER SQLERRORSQLERROR dodo sql_error("Oraclesql_error("Oracle error"); error");
/* connect to Oracle */ FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I /* connect to Oracle */ EXECEXEC SQLSQL CONNECTCONNECT :userid;:userid; printf("Connected.\n");printf("Connected.\n");
41 SQLSQL inin Programs:Programs: ExampleExample
/*/* declaredeclare aa cursorcursor */*/ EXECEXEC SQLSQL DECLAREDECLARE movie_cursormovie_cursor CURSORCURSOR FORFOR SELECTSELECT m.titlem.title FROMFROM moviemovie m,m, tapetape tt WHEREWHERE t.idt.id == :tape_number:tape_number ANDAND t.movie_idt.movie_id == m.id;m.id;
/* get user data */ FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I /* get user data */ printf(“Tapeprintf(“Tape number? number? ");"); gets(temp);gets(temp); tape_numbertape_number == atoi(temp);atoi(temp);
42 SQLSQL inin Programs:Programs: ExampleExample
/*/* openopen thethe cursorcursor andand identifyidentify thethe resultresult setset */*/
EXECEXEC SQLSQL OPENOPEN movie_cursor;movie_cursor; …… /*/* fetchfetch andand processprocess datadata inin aa looploop exitexit whenwhen nono moremore datadata */*/
EXECEXEC SQLSQL WHENEVERWHENEVER NOTNOT FOUNDFOUND DODO break;break;
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I whilewhile (1){(1){ EXECEXEC SQLSQL FETCHFETCH movie_cursormovie_cursor INTOINTO :movie_name;:movie_name; …… }}
43 SQLSQL inin Programs:Programs: ExampleExample
/*/* closeclose cursorcursor beforebefore anotheranother SQLSQL statementstatement isis executedexecuted */*/
EXECEXEC SQLSQL CLOSECLOSE movie_cursor;movie_cursor;
EXECEXEC SQLSQL COMMITCOMMIT WORKWORK RELEASE;RELEASE; exit(0);exit(0); }} FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
44 SQLSQL inin Programs:Programs: PositionedPositioned UpdateUpdate
Step through set of rows and update or delete
Syntax: EXEC SQL DECLARE
Example: EXEC SQL DECLARE myCurs CURSOR FOR SELECT id,length,title FROM Movie FOR UPDATE ON length FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
EXEC SQL UPDATE Movie SET lenght = length + 1 WHERE CURRENT OF myCurs;
45 SQLSQL inin Programs:Programs: CursorCursor OptionsOptions
Ordering tuples Use ORDER BY in query
Cursor motion SCROLL CURSOR Relative to current position: PRIOR/NEXT/RELATIVE
Limit effect of changes FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Performance: cursor FOR READ ONLY Concurrent access: INSENSITIVE CURSOR FOR …
46 SQLSQL inin Programs:Programs: CursorCursor sensitivitysensitivity
Example: EXEC SQL DECLARE myCurs INSENSITIVE CURSOR FOR SELECT id,length,title FROM Movie FOR UPDATE ON length WHERE id >100;
EXEC SQL OPEN...
EXEC SQL FETCH myCurs INTO ..... UPDATE Movie SET lenght = length + 20 WHERE CURRENT OF myCurs; FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Changes not visible in result set Visible if cursor closed and reopened
47 SQLSQL inin Programs:Programs: DynamicDynamic SQLSQL
Statements not known at compile time Statements computed by host language User input of query
Tasks at run-time: Pass query string to SQL system Translate to executable statement Execute statement FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Use ‘Prepared Statements’
48 SQLSQL inin Programs:Programs: DynamicDynamic SQLSQL
Step 1: EXEC SQL PREPARE
String : SQL statement SQLvariable : assigned SQL statement Parse and prepare statement for execution
Step 2: FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I EXEC SQL EXECUTE
Execute statement SQLvariable
49 SQLSQL inin Programs:Programs: DynamicDynamic SQLSQL
Example:
voidvoid readQuery(){readQuery(){ EXECEXEC SQLSQL BEGINBEGIN DECLAREDECLARE SECTION;SECTION; charchar *query;*query; EXECEXEC SQLSQL ENDEND DECLAREDECLARE SECTION;SECTION; …… /*/* promptprompt useruser forfor queryquery allocateallocate spacespace makemake :query:query pointpoint toto query*/query*/
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I …… EXECEXEC SQLSQL PREPAREPREPARE SQLquerySQLquery FROM FROM :query;:query; EXECEXEC SQLSQL EXECUTEEXECUTE SQLquery;SQLquery; }}
50 SQLSQL inin Programs:Programs: DynamicDynamic SQLSQL
Multiple execution: Prepare once Execute many times
Single execution: Combination of step 1 an 2
EXEC SQL EXECUTE IMMEDIATE
Example: FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
…… EXECEXEC SQLSQL EXECUTEEXECUTE IMMEDIATEIMMEDIATE :query;:query; ……
51 SQLSQL inin Programs:Programs: SQLSQL && JavaJava
SQLJ Embedded SQL for Java Compiles to JDBC method call Defined and implemented by major DBS companies (Oracle in particular)
JDBC Java call-level interface (API) for SQL DBS DB vendor independent FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Supports static and dynamic SQL Implemented by nearly all DB vendors
52 SQLSQL inin Programs:Programs: SQLJSQLJ
Part 1: SQLJ Embedded SQL Mostly reviewed and implemented Integrated with JDBC API Oracle has placed Translator source into public domain
Part 2: SQLJ Stored Procedures and UDFs Using Java static methods as SQL stored procedures & functions Leverages JDBC API FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Part 3: SQLJ Data Types Pure Java Classes as SQL ADTs Alternative to SQL:1999 Abstract Data Types
53 SQLSQL inin Programs:Programs: SQLJSQLJ ExampleExample
//// PartPart ofof aa SQLJSQLJ program,program, oneone method:method:
publicpublic voidvoid changeMovie(intchangeMovie(int movieid, movieid, intint newTape) newTape) {{ stringstring mtitle;mtitle; intint tnumber; tnumber; #sql#sql { { SELECTSELECT m.title,m.title, count(t.id)count(t.id) INTOINTO :mtitle,:mtitle, :tnumber:tnumber FROMFROM moviemovie m,m, tapetape t t WHEREWHERE m.idm.id == :movieid:movieid ANDAND m.idm.id == t.movie_idt.movie_id };}; if (tnumber < 3)
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I if (tnumber < 3) #sql#sql {INSERT {INSERT INTOINTO tapetape VALUESVALUES (:newTape,(:newTape, 'DVD','DVD', :movieid)};:movieid)}; }}
54 SQLSQL inin Programs:Programs: SQLSQL && JavaJava
Java in Web context (2 tier architecture):
Java application Business Logic (application) JDBC
Proprietary protocol of DBMS
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Database Server DBMS
55 SQLSQL inin Programs:Programs: SQLSQL && JavaJava
Java in Web context (3 tier architecture):
Java applet or GUI WWW Browser
HTTP, RMI, CORBA,…
Application server Business Logic (application) JDBC
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Proprietary protocol of DBMS
Database Server DBMS
56 SQLSQL inin Programs:Programs: JDBCJDBC
1. Preparation
import java.sql.*;
2. Load a driver many vendor products Class.forName( "oracle.jdbc.driver.OracleDriver");
String url = "jdbc:oracle:thin: FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I @
url JDBC-Driver and host information
57 SQLSQL inin Programs:Programs: JDBCJDBC
3. Set up connection database(s)
Connection con = DriverManager.getConnection( "jdbc:oracle:thin:@
Several connections at a time possible
4. Create statement object
Statement stmt = con.createStatement(); FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Similar to channel for sending queries to database
58 SQLSQL inin Programs:Programs: JDBCJDBC
5. Send SQL query string
ResultSet rs = stmt.executeQuery(“
results in ResultSet object
6. Process results one after the other processed with "hidden cursor"
while (rs.next()){ for (i = 1; i <= numCols; i++){
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I if (i > 1) System.out.print(","); System.out.print(rs.getString(i)); } }
59 SQLSQL inin Programs:Programs: JDBCJDBC ExampleExample
1. Preparation #import#import java.io.*;java.io.*; #import#import java.sql.*;java.sql.*; 2. Load driver #import#import java.util.*;java.util.*; ...... 3. Connect to database
Class.forName("oracle.jdbc.driver.OracleDriver"); String url = "jdbc:oracle:thin:@kuh:1521:INTROKUH";
Protocol Sub-protocol Oracle-spec. Host Port FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
Connection con = DriverManager.getConnection ( url, “user", “passwort");
60 SQLSQL inin Programs:Programs: JDBCJDBC ExampleExample
.. 4. Create SQL-statement .. .. 5. execute statement .. Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery( "SELECT id, title FROM movie");
6. Process results
while (rs.next()) { FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I String n = rs.getInt(“id"); String n = rs.getString(“title"); System.out.println(s + ": " + n); } }
61 SQLSQL inin Programs:Programs: JDBCJDBC variablevariable bindingbinding
No explicit cursor Several methods in JDBC e.g., boolean next(), void close(),
Access result data by position or by name By position: String s = rs.getString(2); FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
By name: String rs.getString ("b") ;
62 SQLSQL inin Programs:Programs: JDBCJDBC variablevariable bindingbinding
Example: java.sql.Statementjava.sql.Statement stmt stmt == con.createStatement();con.createStatement();
ResultSetResultSet rs1 rs1 == stmt.executeQuerystmt.executeQuery ("SELECT("SELECT id,id, titletitle FROMFROM movie");movie"); whilewhile (rs1.next())(rs1.next()) { { intint mid mid == rs1.getInt(“id");rs1.getInt(“id"); StringString mtmt = = rs1.getString(“title");rs1.getString(“title"); System.out.println("ROW:"System.out.println("ROW:" ++ midmid ++ "" "" ++ mt);}mt);}
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I ResultSetResultSet rs2 rs2 == stmt.executeQuerystmt.executeQuery ("SELECT("SELECT id,id, movie_idmovie_id FROMFROM tape");tape"); whilewhile (rs2.next())(rs2.next()) { { intint tid tid = = rs2.getInt(1);rs2.getInt(1); intint tmid tmid = = rs2.getInt(2);rs2.getInt(2); System.out.println("ROW:"System.out.println("ROW:" ++ tidtid + + "" "" ++ tmid);}tmid);} 63 SQLSQL inin Programs:Programs: PreparedPrepared statementsstatements
Pass input parameters
Use prepared statement
java.sql.PreparedStatement prepStmt = con.prepareStatement(
Statement compiled Missing values in query: “?”
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Set value: prepStmt.setString(
64 SQLSQL inin Programs:Programs: PreparedPrepared statementsstatements
StringString mTitle;mTitle; ...... java.sql.PreparedStatementjava.sql.PreparedStatement prepStmtprepStmt = = con.prepareStatement(con.prepareStatement( "SELECT"SELECT count(*)count(*) FROMFROM MovieMovie m, m, TapeTape t t WHEREWHERE t.movie_idt.movie_id = = m.idm.id ANDAND m.titlem.title == ?? ););
prepStmt.setString(1,prepStmt.setString(1, mTitle);mTitle); ResultSetResultSet rs rs = = prepStmt.executeQuery()prepStmt.executeQuery() ;;
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I whilewhile (rs.next()){(rs.next()){ intint i i == r.getInt(1);r.getInt(1); //// byby position, position, nono namename available available System.out.println("NumberSystem.out.println("Number of of tapestapes for for " " ++ mTitlemTitle + + "" is:is: "" +i)+i) }} 65 SQLSQL inin Programs:Programs: PositionedPositioned updateupdate
Positioned update needs cursor name
Define cursor (JDBC 1) public void setCursorName(String name) throws SQLException Use for updates and deletes
Define cursor (JDBC2) more flexible (anonymous) cursor handling FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I setCursorName not implemented in Oracle Driver
66 SQLSQL inin Programs:Programs: PositionedPositioned updateupdate
JDBC 2.0 Result set scrollable and updateable Example: Statement stmt = con.createStatement( ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_UPDATABLE); stmt.setFetchSize(25); ResultSet rs = stmt.executeQuery( "SELECT id, title FROM movie"); FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
rs.first(); rs.updateString(“title“, “xxxxx”); rs.updateRow();
67 SQLSQL inin Programs:Programs: TransactionsTransactions
Transaction: Collection of one or more database operations executed atomically (either all operations or none )
Programmers view: Everything between beginning of a sequence of operations on the database and ‘COMMIT’ or ‘ROLLBACK’
No explicit "transaction begin" command
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I ... OPEN MyCurs;...... ; COMMIT;
Begin of first transaction (first SQL command in program) End of first transaction
68 SQLSQL inin Programs:Programs: TransactionsTransactions
COMMIT Effects on database made permanent
ROLLBACK Aborts transaction All changes in transaction undone (rolled back)
Programmers View:
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Auto-commit mode: each SQL-command is a transaction Various transaction isolation levels
69 SQLSQL inin Programs:Programs: TransactionsTransactions
Transaction manager: Isolate concurrent users from each other
Problems: Lost update: same object concurrently updated by two users, one update lost Dirty read: object value changed by transaction which aborts later Non-repeatable read: same object has different value within same transaction
FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Phantom tuples: non-repeatable read caused by insertions or deletions
70 SQLSQL inin Programs:Programs: IsolationIsolation levelslevels
READ UNCOMMITTED
SET TRANSACTION READ ONLY, ISOLATION LEVEL READ UNCOMMITTED
Allows read access to uncommitted transactions Transaction has to be read only Lowest locking overhead Unpleasant effects may occur FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Example: TA1 increases the prices of some movies in DB by 5% TA2 scrolls through all movies, sees new prices
71 SQLSQL inin Programs:Programs: IsolationIsolation levelslevels
READ COMMITTED SET TRANSACTION ISOLATION LEVEL READ COMMITTED
Allows read access to committed transactions only Long write locks, no or short read locks Non-repeatable reads
Example: TA1 TA2 Read(a) x=x+a Write a=a-10 FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I commit Read(a) y:=y-a
Wrong balance 72 SQLSQL inin Programs:Programs: IsolationIsolation levelslevels
REPEATABLE READ
SET TRANSACTION ISOLATION LEVEL REPEATABLE READ
Allows read access to committed transactions only All data isolated from concurrent writes Read and write locks long term until end of TA Phantom tuples may occur FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
73 SQLSQL inin Programs:Programs: IsolationIsolation levelslevels
SERIALIZABLE
SET TRANSACTION ISOLATION LEVEL SERIALIZABLE
Allows read access to committed transactions only All data isolated from concurrent writes No phantom tuples inserted into the read set by other transaction Standard default FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I
74 SQLSQL inin Programs:Programs: TransactionsTransactions andand JDBCJDBC
Transactional properties of connections TRANSACTION_NONE (not implemented) TRANSACTION_READ_UNCOMMITTED TRANSACTION_READ_COMMITTED TRANSACTION_REPEATABLE_READ TRANSACTION_SERIALIZABLE
Methods: public void setTransactionIsolation(int level) throws SQLExceptionpublic void FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I setAutoCommit(boolean autoCommit) public void commit() throws SQLException public void rollback() throws SQLException
75 SQLSQL inin Programs:Programs: VisibilityVisibility ofof changeschanges
ResultSet rs = stmt1.executeQuery( "SELECT id, length FROM movie"); int i = stmt2.executeUpdate ( “DELETE FROM movie“); rs.first(); rs.updateString(“title“, “xxxxx”); rs.updateRow();
Scroll-insensitive result set no change by other result sets – even in the same TA – are visible FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Updates in result set r visible for operations on r Deletes / inserts (!) in result set r not visible Sensitive result set: depending on connection isolation level
76 SQLSQL inin Programs:Programs: ExceptionException handlinghandling
Abort transaction when error: EXEC SQL WHENEVER SQLERROR CONTINUE; EXEC SQL ROLLBACK WORK RELEASE;
WHENEVER SQLERROR CONTINUE prevents ROLLBACK from (infinite) invocation of routine
void sql_error(msg){ Example: void sql_error(msg){ charchar buf[500];buf[500]; intint buflen, buflen, msglen;msglen; EXECEXEC SQLSQL WHENEVERWHENEVER SQLERRORSQLERROR CONTINUE;CONTINUE; FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I EXECEXEC SQLSQL ROLLBACKROLLBACK WORKWORK RELEASE;RELEASE; buflenbuflen = = sizeofsizeof (buf); (buf); sqlglm(buf,sqlglm(buf, &buflen,&buflen, &msglen);&msglen); printf("%s\n",printf("%s\n", msg);msg); printf("%*.s\n",printf("%*.s\n", msglen,msglen, buf);buf); exit(1); } exit(1); } 77 SQLSQL inin Programs:Programs: SummarySummary
Access Rights Means to ensure data security Privileges to roles
Program – DB communication: Fourth Generation Languages (4GL) Module Languages Call level interface Component architectures FU-Berlin, DBS I 2006, Hinze / Scholz FU-Berlin,/ Hinze 2006, DBS I Transactions in programs Isolation levels Begin, end transaction
78