System Aspects of SQL System Aspects of SQL SQL Environment User Access Control SQL in Programming Environment Embedded SQL SQL and Java Transactions (Programmers View)
System Aspects of SQLSystem Aspects of SQL
SQL Environment
User Access Control
SQL in Programming Environment
Embedded SQL
SQL and Java
Transactions (Programmers View)
2
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL Environment: IntroductionSQL Environment: Introduction
�SQL server � Supports operations on database elements
� Typically runs on large host machine
�SQL client� Supports user connections to server
� Runs on (different) host machine
�Connection� Channel between client and server
3
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL Environment: IntroductionSQL Environment: Introduction
�Session� All SQL operations performed while connection open� Current catalog, current schema , authorized user
�Application� Module: application program� SQL agent: execution of module
SQL ClientSQL ServerConnection
Session
SQL EnvironmentSQL agent
4
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL Environment: Module TypesSQL Environment: Module Types
�Generic SQL Interface:� Module: each query or statement
�Embedded SQL:� SQL statements within host-language program
� SQL statements pre-processed to function calls
� Calls executed at run-time
�True modules:� Collection of stored procedures
� Host language code, SQL code
5
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL Environment: PrivilegesSQL Environment: Privileges
�User� Outside schema, handling implementation dependent
� Identification by Authorization ID (user name)
�Role� Defines user group
� Inside schema, handling via SQL statements
� Identification by Authorization ID (role name)
� All users: special role PUBLIC
� Examples:
CREATE ROLE Customer; CREATE ROLE Secretary WITH ADMIN Klaus; CREATE ROLE Movie_staff; CREATE ROLE Shop_owner;
6
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: IntroductionUser Access Control: Introduction
�Secrecy: � Users should not be able to see things they are not
supposed to.
� e.g., A student can’t see other students’ grades.
�Integrity: � Users should not be able to modify things they are not
supposed to.
� e.g., Only instructors can assign grades.
�Availability: � Users should be able to see and modify things they are
allowed to.
7
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: IntroductionUser Access Control: Introduction
�Security policy specifies authorization�Security mechanism enforces a security policy
�Two mechanisms at DBMS level
�Discretionary access control� Concept of privileges for objects (tables and views)� Mechanisms for giving and revoking users privileges
�Mandatory access control� System-wide policies for DBS� DB object have security class� Rules on security classes govern access � Used for specialized (e.g., military) applications
8
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Privileges� Right to perform SQL statement type on objects
� Assigned to roles (authorization IDs)
� Creator of object: all privileges
� DBMS: management of privileges and access rights
�Privilege types:� SELECT on table or view
� INSERT on table or view
� DELETE on table or view
� UPDATE on table or view
� REFERENCES: right to refer to relation in constraint
� USAGE: (SQL-92) right to use specified domain
� ALL PRIVILEGES: short form for all privileges
9
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Example
�Privileges: � SELECT on Tape
� SELECT on Format
� INSERT on Format
INSERT INTO Format(name)
SELECT format
FROM Tape t
WHERE t.format NOT IN (SELECT name
FROM format);
10
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Grant privilege
� GRANT OPTION: Right to pass privilege on to other users
� Only owner can execute CREATE, ALTER, and DROP
GRANT <privileges> ON <object>
TO <users> [WITH GRANT OPTION]
GRANT <privileges>
ON <tablename(<attributenames>)>
TO <users> [WITH GRANT OPTION]
�Privilege to SELECT particular columns in a table
11
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Examples:
GRANT INSERT, SELECT ON Movie TO Klaus
Klaus can query Movie or insert tuples into it.
GRANT DELETE ON Movie TO shop_owner WITH GRANT OPTION
Anna can delete tuples, and also authorize others to do so
GRANT UPDATE (pricePDay) ON Movie TO movie_staff
Staff can update (only) the price field of Movie tuples
GRANT SELECT ON MovieView TO Customers
This does NOT allow the customers to query Movie directly!
12
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: Privileges on viewsUser Access Control: Privileges on views
�Creator has privilege on view if privilege on all underlying tables
�Creator loses SELECT privilege on underlying table ⇒ view is dropped
�Creator loses a privilege on underlying table ⇒creator loses privilege on view
�Creator loses a privilege held with grant option on underlying table ⇒ users who were granted that privilege on the view lose privilege on view
13
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Revoke privilege
� RESTRICT: only revoke if non of the privileges have been granted by these users
� Privilege given from different users – must be revoked from all users to loose privilege
REVOKE <privileges>
ON <object>
FROM <users> RESTRICT
Core SQL:1999
14
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: ExamplesUser Access Control: Examples
Owner: GRANT Update ON Movie TO Klaus;
Owner: GRANT Update ON Movie TO Anna;
owner
Movie
Priv
Klaus
Priv
Anna
Priv
Owner: REVOKE Update ON Movie FROM Klaus RESTRICT;
owner
Movie
Priv
Klaus Anna
Priv
15
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: ExamplesUser Access Control: Examples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION;
Klaus: GRANT Update ON Movie TO Anna;
owner
Movie
Priv
Klaus
Priv
Anna
Priv
Owner: REVOKE Update ON Movie FROM Klaus RESTRICT;
owner
Movie
Priv
Klaus Anna
Grant
Priv Priv
Grant Command fails !
16
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: PrivilegesUser Access Control: Privileges
�Revoke privilege
� CASCADE: revoke from all users that have been granted the privilege by these users
� RESTRICT: only revoke if non of the privileges have been granted by this user
REVOKE [GRANT OPTION FOR] <privileges>
ON <object>
FROM <users> {RESTRICT | CASCADE}
enhanced SQL:1999
17
FU-Berlin, DBS I 2
006, H
inze / S
cholz
Grant
User Access Control: ExamplesUser Access Control: Examples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION;
Klaus: GRANT Update ON Movie TO Anna;
owner
Movie
Priv
Klaus
Priv
Anna
Priv
Owner: REVOKE Update ON Movie FROM Klaus CASCADE;
owner
Movie
Priv
Klaus Anna
18
FU-Berlin, DBS I 2
006, H
inze / S
cholz
Grant
User Access Control: ExamplesUser Access Control: Examples
Owner: GRANT Update ON Movie TO Klaus WITH GRANT OPTION;
Klaus: GRANT Update ON Movie TO Anna;
owner
Movie
Priv
Klaus
Priv
Anna
Priv
Owner: REVOKE GRANT OPTION FOR Update ON Movie FROM
Klaus CASCADE;owner
Movie
Priv
Klaus Anna
Priv
19
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: ExamplesUser Access Control: Examples
Owner: REVOKE GRANT OPTION FOR Update ON Movie FROM
Klaus CASCADE;
owner
Movie
Priv
Klaus Anna
Priv
Owner: GRANT Update ON Movie TO Klaus WITH GRAND OPTION;
Owner: GRANT Update ON Movie TO Anna;
owner
Movie
Priv
Klaus
Priv
Anna
Priv
Klaus: GRANT Update ON Movie TO Anna;
20
FU-Berlin, DBS I 2
006, H
inze / S
cholz
User Access Control: Object ownersUser Access Control: Object owners
�Schema owner: � Right for create, drop, alter (no privilege, not grantable)
� All privileges on schema objects
�Object creator/owner:� Create statement: current authorizationID is owner
� Enhanced SQL:1999 : owner needn't be creator
�Current user privileges in Oracle:SQL> SELECT * FROM session_privs;
PRIVILEGE
----------------------------------------
CREATE SESSION
ALTER SESSION
CREATE TABLE
....
SQL> SELECT * FROM session_privs;
PRIVILEGE
----------------------------------------
CREATE SESSION
ALTER SESSION
CREATE TABLE
....
21
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: IntroductionSQL in Programs: Introduction
�SQL� Sub-language for data access
� Efficient database operations
�Host language: � Control structures
� Complex computations
� User interface: output formatting, forms
� Transactions: DB interactions as unit of work
�SQL and host language needed
22
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Impedance MismatchSQL in Programs: Impedance Mismatch
�Impedance Mismatch:
differing data model of SQL and host language
�Problems:� Set oriented operations vs manipulation of individuals
� Interconnection of program variables and SQL statements
� Compilation time of embedded SQL-statements
23
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Program/DBS CommunicationSQL in Programs: Program/DBS Communication
1. Fourth Generation Languages (4GL)� Decreasing importance
2. Module Languages� Standardized in SQL:1999
3. Call level interface� Most important approach
� Standardized in SQL:1999
4. Component architectures� Hiding the details of DB interaction
� Example: Enterprise Java Beans (EJB)
24
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: 1. SQL in Programs: 1. 4GL4GL
�Underlying assumption: � application programs algorithmically simple
� sophisticated output formatting needed
� difficult to switch between different DBS
�Technical concept:
�Decreasing importance
Client workstation(presentation, requests, GUI)
Database server
Proprietary protocol
25
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: 2. SQL in Programs: 2. ModulesModules
�Parameterized modules of SQL statements
�Standardized in SQL:1999
�Compiled for a particular language
�Linked to application program
�Language Examples: COBOL, C, ADA, ...
�Disadvantages:� SQL code hidden in application and vice versa
� Not widely used
�Used in stored procedures (e.g., Oracle PL/SQL)
�Executed under control of DBS
26
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: 2. SQL in Programs: 2. Modules (cont)Modules (cont)
�Example:MODULE demo NAMES are ascii
LANGUAGE FORTRAN
SCHEMA movie_db AUTHORIZATION ...
PROCEDURE discount_op
(SQLSTATE, :title VARCHAR(40),
:discount DECIMAL(3,2))
UPDATE Movie M
SET pricePday = pricePday - :discount
WHERE M.title = :title;
PROCEDURE customerState
(SQLSTATE, :customer INTEGER)
SELECT movie_id,tape_id,from_date
FROM Tape T, Rental R
WHERE R.member = customer
AND R.tape_id = T.id;
MODULE demo NAMES are ascii
LANGUAGE FORTRAN
SCHEMA movie_db AUTHORIZATION ...
PROCEDURE discount_op
(SQLSTATE, :title VARCHAR(40),
:discount DECIMAL(3,2))
UPDATE Movie M
SET pricePday = pricePday - :discount
WHERE M.title = :title;
PROCEDURE customerState
(SQLSTATE, :customer INTEGER)
SELECT movie_id,tape_id,from_date
FROM Tape T, Rental R
WHERE R.member = customer
AND R.tape_id = T.id;
ProgramLanguagevariables
Returnedstate value
27
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: 3. Call level interfaceSQL in Programs: 3. Call level interface
�Interface in standard programming languages
�Proprietary library routines, API
�Embedded C / Java / ..Standardized language extensions
�Standardized API � Open Database connection (ODBC),
� Java Database Connectivity (JDBC)
28
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: 3. Call level interfaceSQL in Programs: 3. Call level interface
�Language/DBS specific library of procedures
�Example: MySQL C API� Buffer for transferring commands and results
� API data types, e.g.,
� API functions, e.g.,
MYSQL handle for db connections
MYSQL_RES result set structure
mysql_real_query()
mysql_real_query(MYSQL *mysql,
const char *query,
unsigned int queryLength)
29
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�Direct SQL:� SQL interpreter accepts and executes SQL commands
�SQL in host language:� Program in programming language (C, Java,…)
� Parts of program in SQL statements
� Most implementations: call level interface used
� Most popular: Embedded C (Oracle: PRO*C)
�Java support� SQLJ = Embedded Java
� JDBC = Standardized call interface for Java
30
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�Program with "native" and SQL-like statements
�Pre-compiler = Preprocessor creates native code
�Calls to DBS resources included
�Programmer: embedded SQL or function calls
Preprocessor
Host language+
Embedded SQL
Host language+
Function CallsHost languagecompiler
Object-codeprogram
SQLlibrary
31
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Static/dynamic embeddingSQL in Programs: Static/dynamic embedding
�Static embedding: � SQL commands known in advance
� SQL-compilation and language binding at pre-compile time
�Dynamic SQL: � SQL-String compiled at runtime
� variable bindings at runtime
32
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�Concepts:� Well defined type mapping (for different languages)
� Syntax for embedded SQL statements
� Binding to host language variables
� Exception handling
WHENEVER <condition> <action>SQLSTATE
EXEC SQL {SELECT title FROM ...}
EXEC SQL {SELECT id FROM Movie
WHERE titel = :titleString};...
33
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�SQL / Host Language Interface:
� Embedded SQL-statement:
� Shared variables:
� Exception handling:
EXEC SQL <sql statement>
:<variableName> (access in SQL)
<variableName> (access in host language)
SQLSTATE (SQL function execution status)
e.g., 00000 - no problem
02000 – answer tuple not found
34
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�Shared variable declaration
�Syntax:
� Declaration in host language
� Use variable types in common
�Example:
EXEC SQL BEGIN DECLARE SECTION;
…
EXEC SQL END DECLARE SECTION;
EXEC SQL BEGIN DECLARE SECTION;
integer movie_number;integer movie_number;
integer tape_number; integer tape_number;
EXEC SQL END DECLARE SECTION;
35
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Embedded SQLSQL in Programs: Embedded SQL
�Single row results: � direct insert into variable
�Syntax:
�Multiple row results:� Use of cursors on result set
EXEC SQL SELECT <attributeName>
INTO :<sharedVariable>
FROM <tableNames>
WHERE <condition>
36
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor conceptSQL in Programs: Cursor concept
�Cursor: � Name of SQL statement and
� Handle for processing the result set record by record
�Defined at runtime
�Opened at runtime (SQL-statement executed)
�Used in most language embeddings of SQL � e.g., ESQL-C, PL/SQL, JDBC
Important concept
37
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor conceptSQL in Programs: Cursor concept
� No binding of result attributes to variables
� Allows traversal of result set row by row
1. Cursor declaration
2. Cursor initialisation
3. Fetch tuples
4. Close cursor
OPEN FETCH EMPTY? CLOSEDECLAREyes
no
38
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor conceptSQL in Programs: Cursor concept
�Cursor declaration:
�Cursor initialisation:
� binds input variables
� executes query
� puts first results into communication area
� positions cursor before first row of the result set
EXEC SQL DECLARE <cursorName> CURSOR
FOR <query>
EXEC SQL OPEN <cursorName>;
39
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor conceptSQL in Programs: Cursor concept
�Fetch tuples:
� Puts next results into communication area
� Positions cursor before before next row of the result set
� Assigns tuple to shared variables
� Sets SQLSTATE
EXEC SQL FETCH <cursorName>
INTO :<shared variable>;
40
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: ExampleSQL in Programs: Example
#include <stdio.h>
/* declare host variables */
EXEC SQL BEGIN DECLARE SECTION;
char userid[12] = "ABEL/xyz";
char movie_name[10];
int movie_number;
int tape_number;
char temp[32];
void sql_error();
EXEC SQL END DECLARE SECTION;
/* include the SQL Communication Area */
#include <sqlca.h>
#include <stdio.h>
/* declare host variables */
EXEC SQL BEGIN DECLARE SECTION;
char userid[12] = "ABEL/xyz";
char movie_name[10];
int movie_number;
int tape_number;
char temp[32];
void sql_error();
EXEC SQL END DECLARE SECTION;
/* include the SQL Communication Area */
#include <sqlca.h>
41
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: ExampleSQL in Programs: Example
/* main program */
main()
{ movie_number = 200;
/* handle errors */
EXEC SQL WHENEVER SQLERROR
do sql_error("Oracle error");
/* connect to Oracle */
EXEC SQL CONNECT :userid;
printf("Connected.\n");
/* main program */
main()
{ movie_number = 200;
/* handle errors */
EXEC SQL WHENEVER SQLERROR
do sql_error("Oracle error");
/* connect to Oracle */
EXEC SQL CONNECT :userid;
printf("Connected.\n");
42
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: ExampleSQL in Programs: Example
/* declare a cursor */
EXEC SQL DECLARE movie_cursor
CURSOR FOR
SELECT m.title
FROM movie m, tape t
WHERE t.id = :tape_number
AND t.movie_id = m.id;
/* get user data */
printf(“Tape number? ");
gets(temp);
tape_number = atoi(temp);
/* declare a cursor */
EXEC SQL DECLARE movie_cursor
CURSOR FOR
SELECT m.title
FROM movie m, tape t
WHERE t.id = :tape_number
AND t.movie_id = m.id;
/* get user data */
printf(“Tape number? ");
gets(temp);
tape_number = atoi(temp);
43
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: ExampleSQL in Programs: Example
/* open the cursor and
identify the result set */
EXEC SQL OPEN movie_cursor;
…
/* fetch and process data in a loop
exit when no more data */
EXEC SQL WHENEVER NOT FOUND DO break;
while (1){
EXEC SQL FETCH movie_cursor
INTO :movie_name; …
}
/* open the cursor and
identify the result set */
EXEC SQL OPEN movie_cursor;
…
/* fetch and process data in a loop
exit when no more data */
EXEC SQL WHENEVER NOT FOUND DO break;
while (1){
EXEC SQL FETCH movie_cursor
INTO :movie_name; …
}
44
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: ExampleSQL in Programs: Example
/* close cursor before another SQL
statement is executed */
EXEC SQL CLOSE movie_cursor;
EXEC SQL COMMIT WORK RELEASE;
exit(0);
}
/* close cursor before another SQL
statement is executed */
EXEC SQL CLOSE movie_cursor;
EXEC SQL COMMIT WORK RELEASE;
exit(0);
}
45
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Positioned UpdateSQL in Programs: Positioned Update
�Step through set of rows and update or delete
�Syntax:
�Example:
EXEC SQL DECLARE <cursorName> CURSOR
FOR <query>
FOR UPDATE ON <attribute>;
… WHERE CURRENT OF <cursorName>…
EXEC SQL DECLARE myCurs CURSOR
FOR SELECT id,length,title FROM MovieFOR UPDATE ON length
EXEC SQL UPDATE Movie
SET lenght = length + 1
WHERE CURRENT OF myCurs;
46
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor OptionsSQL in Programs: Cursor Options
�Ordering tuples� Use ORDER BY in query
�Cursor motion � SCROLL CURSOR
� Relative to current position: PRIOR/NEXT/RELATIVE<nr>
e.g., FETCH <cursorName> PRIOR INTO ...
� Absolute position: first/last/ABSOLUTE<nr>
�Limit effect of changes� Performance: cursor FOR READ ONLY
� Concurrent access: INSENSITIVE CURSOR FOR …
47
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Cursor sensitivitySQL in Programs: Cursor sensitivity
�Example:
�Changes not visible in result set
�Visible if cursor closed and reopened
EXEC SQL DECLARE myCurs INSENSITIVE CURSOR
FOR SELECT id,length,title FROM MovieFOR UPDATE ON length WHERE id >100;
EXEC SQL OPEN...
EXEC SQL FETCH myCurs INTO .....
UPDATE Movie SET lenght = length + 20
WHERE CURRENT OF myCurs;
48
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Dynamic SQLSQL in Programs: Dynamic SQL
�Statements not known at compile time� Statements computed by host language
� User input of query
�Tasks at run-time:� Pass query string to SQL system
� Translate to executable statement
� Execute statement
�Use ‘Prepared Statements’
49
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Dynamic SQLSQL in Programs: Dynamic SQL
�Step 1:
� String: SQL statement
� SQLvariable: assigned SQL statement
� Parse and prepare statement for execution
EXEC SQL PREPARE <SQLvariable>
FROM <string>
EXEC SQL EXECUTE <SQLvariable>
�Step 2:
� Execute statement SQLvariable
50
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Dynamic SQLSQL in Programs: Dynamic SQL
�Example:
void readQuery(){
EXEC SQL BEGIN DECLARE SECTION;
char *query;
EXEC SQL END DECLARE SECTION;
…
/* prompt user for query
allocate space
make :query point to query*/
…
EXEC SQL PREPARE SQLquery FROM :query;
EXEC SQL EXECUTE SQLquery;
}
void readQuery(){
EXEC SQL BEGIN DECLARE SECTION;
char *query;
EXEC SQL END DECLARE SECTION;
…
/* prompt user for query
allocate space
make :query point to query*/
…
EXEC SQL PREPARE SQLquery FROM :query;
EXEC SQL EXECUTE SQLquery;
}
51
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Dynamic SQLSQL in Programs: Dynamic SQL
�Multiple execution:� Prepare once
� Execute many times
�Single execution:� Combination of step 1 an 2
� Example:
EXEC SQL EXECUTE IMMEDIATE <string>
…
EXEC SQL EXECUTE IMMEDIATE :query;
…
…
EXEC SQL EXECUTE IMMEDIATE :query;
…
52
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: SQL & JavaSQL & Java
�SQLJ � Embedded SQL for Java
� Compiles to JDBC method call
� Defined and implemented by major DBS companies (Oracle in particular)
�JDBC � Java call-level interface (API) for SQL DBS
� DB vendor independent
� Supports static and dynamic SQL
� Implemented by nearly all DB vendors
53
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQLJSQL in Programs: SQLJ
�Part 1: SQLJ Embedded SQL� Mostly reviewed and implemented
� Integrated with JDBC API
� Oracle has placed Translator source into public domain
�Part 2: SQLJ Stored Procedures and UDFs� Using Java static methods as SQL stored procedures &
functions
� Leverages JDBC API
�Part 3: SQLJ Data Types� Pure Java Classes as SQL ADTs
� Alternative to SQL:1999 Abstract Data Types
54
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQLJ ExampleSQL in Programs: SQLJ Example
// Part of a SQLJ program, one method:
public void changeMovie(int movieid, int newTape)
{
string mtitle;
int tnumber;
#sql { SELECT m.title, count(t.id)
INTO :mtitle, :tnumber
FROM movie m, tape t
WHERE m.id = :movieid
AND m.id = t.movie_id };
if (tnumber < 3)
#sql {INSERT INTO tape VALUES
(:newTape, 'DVD', :movieid)};
}
// Part of a SQLJ program, one method:
public void changeMovie(int movieid, int newTape)
{
string mtitle;
int tnumber;
#sql { SELECT m.title, count(t.id)
INTO :mtitle, :tnumber
FROM movie m, tape t
WHERE m.id = :movieid
AND m.id = t.movie_id };
if (tnumber < 3)
#sql {INSERT INTO tape VALUES
(:newTape, 'DVD', :movieid)};
}
55
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: SQL & JavaSQL & Java
�Java in Web context (2 tier architecture):
JDBC
Java application
DBMS
Business Logic (application)
Proprietary protocol of DBMS
Database Server
56
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: SQL & JavaSQL & Java
�Java in Web context (3 tier architecture):
JDBC
Application server
DBMS
Java applet or WWW Browser
GUI
Proprietary protocol of DBMS
Database Server
Business Logic (application)
HTTP, RMI, CORBA,…
57
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: JDBCJDBC
1. Preparation
2. Load a driver � many vendor products
� url JDBC-Driver and host information
Class.forName(
"oracle.jdbc.driver.OracleDriver");
String url = "jdbc:oracle:thin:
@<host>:<port>:<db>";
import java.sql.*;
58
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: JDBCJDBC
3. Set up connection database(s)
� Several connections at a time possible
4. Create statement object
� Similar to channel for sending queries to database
Connection con = DriverManager.getConnection(
"jdbc:oracle:thin:@<host>:<port>:<db>",
<username>,<password>);
Statement stmt = con.createStatement();
59
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SQL in Programs: JDBCJDBC
5. Send SQL query string
� results in ResultSet object
6. Process results one after the other� processed with "hidden cursor"
ResultSet rs = stmt.executeQuery(“<query>" );
while (rs.next()){
for (i = 1; i <= numCols; i++){
if (i > 1) System.out.print(",");
System.out.print(rs.getString(i));
}
}
60
FU-Berlin, DBS I 2
006, H
inze / S
cholz
#import java.io.*;#import java.sql.*;#import java.util.*;...
#import java.io.*;#import java.sql.*;#import java.util.*;...
SQL in Programs: JDBC ExampleSQL in Programs: JDBC Example
Class.forName("oracle.jdbc.driver.OracleDriver");
String url = "jdbc:oracle:thin:@kuh:1521:INTROKUH";
Connection con = DriverManager.getConnection
( url, “user", “passwort");
Protocol Oracle-spec. Sub-protocol Host Port
3. Connect to database
2. Load driver
1. Preparation
61
FU-Berlin, DBS I 2
006, H
inze / S
cholz
.
.
.
.
.
.
.
.
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("SELECT id, title FROM movie");
while (rs.next()) {String n = rs.getInt(“id");String n = rs.getString(“title");System.out.println(s + ": " + n);}
5. execute statement
4. Create SQL-statement
SQL in Programs: JDBC ExampleSQL in Programs: JDBC Example
6. Process results
}
62
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: JDBC variable binding SQL in Programs: JDBC variable binding
�No explicit cursor
�Several methods in JDBC� e.g.,
�Access result data by position or by name� By position:
� By name:
boolean next(), void close(),
<JavaType> get<JavaType>(),
boolean wasNull()
String s = rs.getString(2);
String rs.getString ("b") ;
63
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: JDBC variable binding SQL in Programs: JDBC variable binding
�Example:
java.sql.Statement stmt = con.createStatement();
ResultSet rs1 = stmt.executeQuery
("SELECT id, title FROM movie");
while (rs1.next()) {
int mid = rs1.getInt(“id");
String mt = rs1.getString(“title");
System.out.println("ROW:" + mid + " " + mt);}
ResultSet rs2 = stmt.executeQuery
("SELECT id, movie_id FROM tape");
while (rs2.next()) {
int tid = rs2.getInt(1);
int tmid = rs2.getInt(2);
System.out.println("ROW:" + tid + " " + tmid);}
java.sql.Statement stmt = con.createStatement();
ResultSet rs1 = stmt.executeQuery
("SELECT id, title FROM movie");
while (rs1.next()) {
int mid = rs1.getInt(“id");
String mt = rs1.getString(“title");
System.out.println("ROW:" + mid + " " + mt);}
ResultSet rs2 = stmt.executeQuery
("SELECT id, movie_id FROM tape");
while (rs2.next()) {
int tid = rs2.getInt(1);
int tmid = rs2.getInt(2);
System.out.println("ROW:" + tid + " " + tmid);}
64
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Prepared statementsSQL in Programs: Prepared statements
�Pass input parameters
�Use prepared statement
� Statement compiled
� Missing values in query: “?”
�Set value:
java.sql.PreparedStatement prepStmt =
con.prepareStatement(<query>);
prepStmt.setString(<position>, <value>);
65
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Prepared statementsSQL in Programs: Prepared statements
String mTitle;
....
java.sql.PreparedStatement prepStmt =
con.prepareStatement(
"SELECT count(*)
FROM Movie m, Tape t
WHERE t.movie_id = m.id
AND m.title = ? );
prepStmt.setString(1, mTitle);
ResultSet rs = prepStmt.executeQuery() ;
while (rs.next()){
int i = r.getInt(1);
// by position, no name available
System.out.println("Number of tapes for " +
mTitle + " is: " +i)
}
String mTitle;
....
java.sql.PreparedStatement prepStmt =
con.prepareStatement(
"SELECT count(*)
FROM Movie m, Tape t
WHERE t.movie_id = m.id
AND m.title = ? );
prepStmt.setString(1, mTitle);
ResultSet rs = prepStmt.executeQuery() ;
while (rs.next()){
int i = r.getInt(1);
// by position, no name available
System.out.println("Number of tapes for " +
mTitle + " is: " +i)
}
66
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Positioned updateSQL in Programs: Positioned update
�Positioned update needs cursor name
�Define cursor (JDBC 1)
� Use for updates and deletes
�Define cursor (JDBC2)� more flexible (anonymous) cursor handling
� setCursorName not implemented in Oracle Driver
public void setCursorName(String name)
throws SQLException
67
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Positioned updateSQL in Programs: Positioned update
�JDBC 2.0� Result set scrollable and updateable
� Example:
Statement stmt = con.createStatement(
ResultSet.TYPE_SCROLL_SENSITIVE,
ResultSet.CONCUR_UPDATABLE);
stmt.setFetchSize(25);
ResultSet rs = stmt.executeQuery(
"SELECT id, title
FROM movie");
rs.first();
rs.updateString(“title“, “xxxxx”);
rs.updateRow();
68
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: TransactionsSQL in Programs: Transactions
�Transaction: � Collection of one or more database operations executed
atomically (either all operations or none )
�Programmers view:� Everything between beginning of a sequence of operations
on the database and ‘COMMIT’ or ‘ROLLBACK’
� No explicit "transaction begin" command
... OPEN MyCurs;........ ; COMMIT;
Begin of first transaction(first SQL command in program) End of first transaction
69
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: TransactionsSQL in Programs: Transactions
�COMMIT� Effects on database made permanent
�ROLLBACK� Aborts transaction
� All changes in transaction undone (rolled back)
�Programmers View:� Auto-commit mode: each SQL-command is a transaction
� Various transaction isolation levels
70
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: TransactionsSQL in Programs: Transactions
�Transaction manager: � Isolate concurrent users from each other
�Problems:� Lost update: same object concurrently updated by two
users, one update lost
� Dirty read: object value changed by transaction which aborts later
� Non-repeatable read: same object has different value within same transaction
� Phantom tuples: non-repeatable read caused by insertions or deletions
71
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Isolation levelsSQL in Programs: Isolation levels
�READ UNCOMMITTED
� Allows read access to uncommitted transactions
� Transaction has to be read only
� Lowest locking overhead
� Unpleasant effects may occur
�Example:� TA1 increases the prices of some movies in DB by 5%
� TA2 scrolls through all movies, sees new prices
SET TRANSACTION
READ ONLY,
ISOLATION LEVEL READ UNCOMMITTED
72
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Isolation levelsSQL in Programs: Isolation levels
�READ COMMITTED
� Allows read access to committed transactions only
� Long write locks, no or short read locks
� Non-repeatable reads
�Example:
SET TRANSACTION
ISOLATION LEVEL READ COMMITTED
TA1
Read(a)
x=x+a
Read(a)
y:=y-a
TA2
Write a=a-10
commit
Wrong balance
73
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Isolation levelsSQL in Programs: Isolation levels
�REPEATABLE READ
� Allows read access to committed transactions only
� All data isolated from concurrent writes
� Read and write locks long term until end of TA
� Phantom tuples may occur
SET TRANSACTION
ISOLATION LEVEL REPEATABLE READ
74
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Isolation levelsSQL in Programs: Isolation levels
�SERIALIZABLE
� Allows read access to committed transactions only
� All data isolated from concurrent writes
� No phantom tuples inserted into the read set by other transaction
� Standard default
SET TRANSACTION
ISOLATION LEVEL SERIALIZABLE
75
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Transactions and JDBCSQL in Programs: Transactions and JDBC
�Transactional properties of connections� TRANSACTION_NONE (not implemented)
� TRANSACTION_READ_UNCOMMITTED
� TRANSACTION_READ_COMMITTED
� TRANSACTION_REPEATABLE_READ
� TRANSACTION_SERIALIZABLE
�Methods:� public void setTransactionIsolation(int
level) throws SQLExceptionpublic void
� setAutoCommit(boolean autoCommit)
� public void commit() throws SQLException
� public void rollback() throws SQLException
76
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Visibility of changesSQL in Programs: Visibility of changes
�Scroll-insensitive result set� no change by other result sets – even in the same TA – are
visible
� Updates in result set r visible for operations on r
� Deletes / inserts (!) in result set r not visible
�Sensitive result set: � depending on connection isolation level
ResultSet rs = stmt1.executeQuery(
"SELECT id, length FROM movie");
int i = stmt2.executeUpdate (
“DELETE FROM movie“);
rs.first();
rs.updateString(“title“, “xxxxx”);
rs.updateRow();
77
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: Exception handlingSQL in Programs: Exception handling
�Abort transaction when error:
� WHENEVER SQLERROR CONTINUE prevents ROLLBACK from (infinite) invocation of routine
�Example:
EXEC SQL WHENEVER SQLERROR CONTINUE;
EXEC SQL ROLLBACK WORK RELEASE;
void sql_error(msg){
char buf[500];
int buflen, msglen;
EXEC SQL WHENEVER SQLERROR CONTINUE;
EXEC SQL ROLLBACK WORK RELEASE;
buflen = sizeof (buf);
sqlglm(buf, &buflen, &msglen);
printf("%s\n", msg);
printf("%*.s\n", msglen, buf);
exit(1); }
void sql_error(msg){
char buf[500];
int buflen, msglen;
EXEC SQL WHENEVER SQLERROR CONTINUE;
EXEC SQL ROLLBACK WORK RELEASE;
buflen = sizeof (buf);
sqlglm(buf, &buflen, &msglen);
printf("%s\n", msg);
printf("%*.s\n", msglen, buf);
exit(1); }
78
FU-Berlin, DBS I 2
006, H
inze / S
cholz
SQL in Programs: SummarySQL in Programs: Summary
� Access Rights� Means to ensure data security
� Privileges to roles
� Program – DB communication:� Fourth Generation Languages (4GL)
� Module Languages
� Call level interface
� Component architectures
� Transactions in programs � Isolation levels
� Begin, end transaction