Databases/JQuery AUGUST 1, 2018
Databases What is a Database? A table Durable place for storing things Place to easily lookup and update information
Databases: The M in MVC What is a Database? Your Model Your View and Controller fetch data from it
Databases Why databases? Tabular format is easy to access Conventions in language and access model simplify things
Databases Types SQL NoSQL
Databases SQL Rigid syntax Represent things as tables Use the Sequential Query Language E.g select firstname, lastname FROM users WHERE lastname = `banda` Example: MySQL, PostgreSQL
Databases SQL = Sequential Query Language SELECT title FROM book WHERE author = `Darren Jones`; Book Table ISBN title author format price 9780992461225 JavaScript: Novice to Ninja Darren Jones ebook 29.00 9780994182654 Jump Start Git Shaumik Daityari ebook 29.00
Databases NoSQL Document { ISBN: 9780992461225, title: "JavaScript: Novice to Ninja", author: "Darren Jones", format: "ebook", price: 29.00 } NoSQL sticks the native language syntax Examples: Mongodb, Couchdb
Databases Databases usually run in separate process so any framework can usually us any database Framework e.g Node.JS View Controller Database e.g MySQL MongoDB
NoSQL vs SQL http://dataconomy.com/2014/07/sql-vs-nosql-need-know/
NoSQL vs SQL For most small applications no big difference Generally, the answer depends on how strictly a tabular format benefits your App and your knowledge of SQL
NoSQL vs SQL NoSQL has some advantages especially for beginners SQL can be annoying SQL can be unsafe SQL injection attacks SQL bugs can be hard to detect
SQL Injection Attacks
SQL Injection Attacks: Example Users Table Name Phone Password April 1234 1234 Sandhya 4567 password Dalitso 8920 hello Suppose we had a website to look up phone numbers
SQL Injection Attacks: Example Hacking a phone directory Enter your name: SELECT phone FROM users WHERE name = Dalitso; Dalitso SQL Database 8920
SQL Injection Attacks: Example Hacking a phone directory: Bad code var name = $('#input').text() // name = "Dalitso" var query = "SELECT phone FROM users WHERE name =" + name + ";" var phone = sendquerytodatabase(query) // send query to database
SQL Injection Attacks: Example Hacking a phone directory Enter your name: Dalitso; SELECT name, password FROM users;
SQL Injection Attacks: Example Hacking a phone directory SELECT phone FROM users WHERE name = Dalitso; SELECT name, password FROM users; Enter your name: SQL Database All usernames and passwords
SQL Injection Attacks: Example Hacking a phone directory: Possible Fix var name = $('#input').text() // name = "Dalitso" var query = connection.query("select phone FROM users WHERE name =?, name) var phone = sendquerytodatabase(query) // send query to database
SQL Injection Attacks: Example Fixes Prevent the user from inputting special symbols Sanitize all input Use library to construct queries instead of +
NoSQL avoids bad injection attacks NoSQL uses functions instead of passing SQL Enter your name: Dalitso find({name: Dalitso }, function(response){ sendtouser(response); }) NoSQL Database
Some Problems with NoSQL Not standardized query language NoSQLs have different APIs Big systems can be difficult in the document model Some NoSQLs have poor performance and consistency
Some Problems with NoSQL Not standardized query language Example: MongoDB in NodeJS behavior different from Python Django NodeJS MongoDB callback hell
MongoDB in NodeJS var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; function connectcallback(err, db){ console.log("database created!"); database = db } MongoClient.connect(url, connectcallback)
MongoDB in NodeJS In nodejs, callbacks are executed asynchronously Asynchronously means at any time Programmer has to be careful Callbacks can lead to verbosity problem know as callback hell Try to break code into pieces to avoid callback hell
MongoDB in NodeJS: Asynchrony var database; function connectcallback(err, db){ console.log("database created!"); database = db } MongoClient.connect(url, connectcallback) console.log(database) // undefined!
MongoDB in NodeJS: Callback hell var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; MongoClient.connect(url, function(err, db){ console.log("database created!"); database = db; })
MongoDB in NodeJS: Callback hell var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; MongoClient.connect(url, function(err, db){ console.log("database created!"); database = db database.collection("users").findone({name: "Dalitso"}, function(err, result) { console.log(result.phone); }); })
MongoDB in NodeJS: Fixed Code var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; function connectcallback(err, db){ console.log("database created!"); database = db database.collection("users").findone({name: "Dalitso"}, findphone) } function findphone(err, result) { console.log(result.phone); } MongoClient.connect(url, connectcallback)
JQuery
JQuery Large client JavaScript library Easy way to make AJAX calls What is AJAX? GET, POST requests. HTTP Verbs Uses callbacks like MongoDB
Jquery Example: Site to show names <!DOCTYPE html> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> </head> <body> <button id = "btn">click me</button> <p id="names">names<p> </body> </html>
JQuery Example: Site to show names The jquery library is accessed using $ $ is not a special syntax but just the name for variable Calling $ with a string, runs the selector function E.g $( #button ) The selector function is used to access html elements in JavaScript
JQuery Example: Site to show names function handlenames(names_data){ var names = $("#names"); names.text(names_data); } function getnames(){ } $.get(https://raw.githubusercontent.com/gsl-peru/names/master/names.txt, handlenames); var btn = $("#btn"); btn.click(getnames);
<!DOCTYPE html> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> </head> <body> <button id = "btn">click me</button> <p id="names">names<p> <script type="text/javascript"> function handlenames(names_data){ var names = $("#names"); names.text(names_data); } function getnames(){ $.get("https://raw.githubusercontent.com/gsl-peru/names/master/names.txt", handlenames); } var btn = $("#btn"); btn.click(getnames); </script> </body> </html>
Exercise: Try to replicate what we just did. The link to the names file: https://raw.githubusercontent.com/gsl-peru/names/master/na mes.txt