Databases/JQuery AUGUST 1, 2018

Similar documents
Security. CSC309 TA: Sukwon Oh

A1 (Part 2): Injection SQL Injection

Byte Academy. Python Fullstack

Varargs Training & Software Development Centre Private Limited, Module: HTML5, CSS3 & JavaScript

Tuesday, January 13, Backend III: Node.js with Databases

Petr CZJUG, December 2010

Brad Dayley. Sams Teach Yourself. NoSQL with MongoDB. SAMS 800 East 96th Street, Indianapolis, Indiana, USA

Now go to bash and type the command ls to list files. The unix command unzip <filename> unzips a file.

Extra Notes - Data Stores & APIs - using MongoDB and native driver

MongoDB Web Architecture

This tutorial discusses the basics of PouchDB along with relevant examples for easy understanding.

welcome to BOILERCAMP HOW TO WEB DEV

Mysql Manual Order By Multiple Columns Example

Front End Programming

Use of PHP for DB Connection. Middle and Information Tier. Middle and Information Tier

CS50 Quiz Review. November 13, 2017

Full Stack boot camp

Node.js. Node.js Overview. CS144: Web Applications

User Interaction: jquery

MASTERS COURSE IN FULL STACK WEB APPLICATION DEVELOPMENT W W W. W E B S T A C K A C A D E M Y. C O M

Web Security: Vulnerabilities & Attacks

Open Source Library Developer & IT Pro

UNIVERSITY OF TORONTO Faculty of Arts and Science DECEMBER 2015 EXAMINATIONS. CSC309H1 F Programming on the Web Instructor: Ahmed Shah Mashiyat

DATABASE SYSTEMS. Introduction to web programming. Database Systems Course, 2016

Use of PHP for DB Connection. Middle and Information Tier

Review. Fundamentals of Website Development. Web Extensions Server side & Where is your JOB? The Department of Computer Science 11/30/2015

CS193X: Web Programming Fundamentals

Human-Computer Interaction Design

Developing ASP.Net MVC 4 Web Application

Networking & The Web. HCID 520 User Interface Software & Technology

COURSE 20486B: DEVELOPING ASP.NET MVC 4 WEB APPLICATIONS

Developer Internship Opportunity at I-CC

Advances in Programming Languages

Storage Tier. Mendel Rosenblum. CS142 Lecture Notes - Database.js

Web Penetration Testing

Contents. Demos folder: Demos\14-Ajax. 1. Overview of Ajax. 2. Using Ajax directly. 3. jquery and Ajax. 4. Consuming RESTful services

MEAN Stack. 1. Introduction. 2. Foundation a. The Node.js framework b. Installing Node.js c. Using Node.js to execute scripts

NoSQL Injection SEC642. Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques S

Developing ASP.NET MVC 4 Web Applications

Json Parse Error - No Json Object Could Be Decoded Django Rest Framework

! The final is at 10:30 am, Sat 6/4, in this room. ! Open book, open notes. ! No electronic devices. ! No food. ! Assignment 7 due 10pm tomorrow

Full Stack Web Developer

What is Node.js? Tim Davis Director, The Turtle Partnership Ltd

AWS Lambda + nodejs Hands-On Training

Networking & The Web. HCID 520 User Interface Software & Technology

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Using Data Science to deliver Workforce & Labour Market Insights. Gary Gan Co-Founder, JobKred

Learn Web Development CodersTrust Polska course outline. Hello CodersTrust! Unit 1. HTML Structuring the Web Prerequisites Learning pathway.

Qiufeng Zhu Advanced User Interface Spring 2017

Masters in Web Development

CNIT 129S: Securing Web Applications. Ch 10: Attacking Back-End Components

NoSQL: NoInjections or NoSecurity

20486-Developing ASP.NET MVC 4 Web Applications

Quiz 1 Review Session. November 17th, 2014

Future Web App Technologies

Introduction to InfoSec SQLI & XSS (R10+11) Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Jquery Ajax Json Php Mysql Data Entry Example

Scaling DreamFactory

DATABASE SYSTEMS. Database programming in a web environment. Database System Course, 2016

The connection has timed out

Advanced Database Project: Document Stores and MongoDB

Developing ASP.NET MVC 5 Web Applications. Course Outline

Advanced Programming Techniques. Database Systems. Christopher Moretti

JSON Evaluation. User Store

7401ICT eservice Technology. (Some of) the actual examination questions will be more precise than these.

Developing ASP.NET MVC 5 Web Applications

EPHP a tool for learning the basics of PHP development. Nick Whitelegg School of Media Arts and Technology Southampton Solent University

Comprehensive AngularJS Programming (5 Days)

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Building Effective ASP.NET MVC 5.x Web Applications using Visual Studio 2013

django-telegram-login Documentation

Fundamentals of Web Programming

20486: Developing ASP.NET MVC 4 Web Applications (5 Days)

Advance Dotnet ( 2 Month )

Frontend UI Training. Whats App :

Microsoft Developing ASP.NET MVC 4 Web Applications

Angular 2 Programming

All India Council For Research & Training

THE HITCHHIKERS GUIDE TO. Harper Maddox CTO, EdgeTheory 30 September 2014

Human-Computer Interaction Design

20486: Developing ASP.NET MVC 4 Web Applications

Server-Side JavaScript auf der JVM. Peter Doschkinow Senior Java Architect

Task 1: JavaScript Video Event Handlers

Overview of Web Application Development

PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH

Advances in Programming Languages

Ajax On Rails: Build Dynamic Web Applications With Ruby By Scott Raymond READ ONLINE

STRANDS AND STANDARDS

Contents in Detail. Foreword by Xavier Noria

Online. Course Packet PYTHON MEAN.NET

DATABASE SYSTEMS. Database programming in a web environment. Database System Course,

Project Avatar: Server Side JavaScript on the JVM GeeCon - May David Software Evangelist - Oracle

CS193X: Web Programming Fundamentals

Full Stack Web Developer

Programming: C ++ Programming : Programming Language For Beginners: LEARN IN A DAY! (Swift, Apps, Javascript, PHP, Python, Sql, HTML) By Os Swift

Getting MEAN. with Mongo, Express, Angular, and Node SIMON HOLMES MANNING SHELTER ISLAND

COURSE OUTLINE MOC 20480: PROGRAMMING IN HTML5 WITH JAVASCRIPT AND CSS3

COMP 2406: Fundamentals of Web Applications. Winter 2014 Mid-Term Exam Solutions

Basics of Web. First published on 3 July 2012 This is the 7 h Revised edition

MongoDB. CSC309 TA: Sukwon Oh

Transcription:

Databases/JQuery AUGUST 1, 2018

Databases What is a Database? A table Durable place for storing things Place to easily lookup and update information

Databases: The M in MVC What is a Database? Your Model Your View and Controller fetch data from it

Databases Why databases? Tabular format is easy to access Conventions in language and access model simplify things

Databases Types SQL NoSQL

Databases SQL Rigid syntax Represent things as tables Use the Sequential Query Language E.g select firstname, lastname FROM users WHERE lastname = `banda` Example: MySQL, PostgreSQL

Databases SQL = Sequential Query Language SELECT title FROM book WHERE author = `Darren Jones`; Book Table ISBN title author format price 9780992461225 JavaScript: Novice to Ninja Darren Jones ebook 29.00 9780994182654 Jump Start Git Shaumik Daityari ebook 29.00

Databases NoSQL Document { ISBN: 9780992461225, title: "JavaScript: Novice to Ninja", author: "Darren Jones", format: "ebook", price: 29.00 } NoSQL sticks the native language syntax Examples: Mongodb, Couchdb

Databases Databases usually run in separate process so any framework can usually us any database Framework e.g Node.JS View Controller Database e.g MySQL MongoDB

NoSQL vs SQL http://dataconomy.com/2014/07/sql-vs-nosql-need-know/

NoSQL vs SQL For most small applications no big difference Generally, the answer depends on how strictly a tabular format benefits your App and your knowledge of SQL

NoSQL vs SQL NoSQL has some advantages especially for beginners SQL can be annoying SQL can be unsafe SQL injection attacks SQL bugs can be hard to detect

SQL Injection Attacks

SQL Injection Attacks: Example Users Table Name Phone Password April 1234 1234 Sandhya 4567 password Dalitso 8920 hello Suppose we had a website to look up phone numbers

SQL Injection Attacks: Example Hacking a phone directory Enter your name: SELECT phone FROM users WHERE name = Dalitso; Dalitso SQL Database 8920

SQL Injection Attacks: Example Hacking a phone directory: Bad code var name = $('#input').text() // name = "Dalitso" var query = "SELECT phone FROM users WHERE name =" + name + ";" var phone = sendquerytodatabase(query) // send query to database

SQL Injection Attacks: Example Hacking a phone directory Enter your name: Dalitso; SELECT name, password FROM users;

SQL Injection Attacks: Example Hacking a phone directory SELECT phone FROM users WHERE name = Dalitso; SELECT name, password FROM users; Enter your name: SQL Database All usernames and passwords

SQL Injection Attacks: Example Hacking a phone directory: Possible Fix var name = $('#input').text() // name = "Dalitso" var query = connection.query("select phone FROM users WHERE name =?, name) var phone = sendquerytodatabase(query) // send query to database

SQL Injection Attacks: Example Fixes Prevent the user from inputting special symbols Sanitize all input Use library to construct queries instead of +

NoSQL avoids bad injection attacks NoSQL uses functions instead of passing SQL Enter your name: Dalitso find({name: Dalitso }, function(response){ sendtouser(response); }) NoSQL Database

Some Problems with NoSQL Not standardized query language NoSQLs have different APIs Big systems can be difficult in the document model Some NoSQLs have poor performance and consistency

Some Problems with NoSQL Not standardized query language Example: MongoDB in NodeJS behavior different from Python Django NodeJS MongoDB callback hell

MongoDB in NodeJS var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; function connectcallback(err, db){ console.log("database created!"); database = db } MongoClient.connect(url, connectcallback)

MongoDB in NodeJS In nodejs, callbacks are executed asynchronously Asynchronously means at any time Programmer has to be careful Callbacks can lead to verbosity problem know as callback hell Try to break code into pieces to avoid callback hell

MongoDB in NodeJS: Asynchrony var database; function connectcallback(err, db){ console.log("database created!"); database = db } MongoClient.connect(url, connectcallback) console.log(database) // undefined!

MongoDB in NodeJS: Callback hell var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; MongoClient.connect(url, function(err, db){ console.log("database created!"); database = db; })

MongoDB in NodeJS: Callback hell var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; MongoClient.connect(url, function(err, db){ console.log("database created!"); database = db database.collection("users").findone({name: "Dalitso"}, function(err, result) { console.log(result.phone); }); })

MongoDB in NodeJS: Fixed Code var MongoClient = require('mongodb').mongoclient; var url = "mongodb://localhost:27017/mydb"; var database; function connectcallback(err, db){ console.log("database created!"); database = db database.collection("users").findone({name: "Dalitso"}, findphone) } function findphone(err, result) { console.log(result.phone); } MongoClient.connect(url, connectcallback)

JQuery

JQuery Large client JavaScript library Easy way to make AJAX calls What is AJAX? GET, POST requests. HTTP Verbs Uses callbacks like MongoDB

Jquery Example: Site to show names <!DOCTYPE html> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> </head> <body> <button id = "btn">click me</button> <p id="names">names<p> </body> </html>

JQuery Example: Site to show names The jquery library is accessed using $ $ is not a special syntax but just the name for variable Calling $ with a string, runs the selector function E.g $( #button ) The selector function is used to access html elements in JavaScript

JQuery Example: Site to show names function handlenames(names_data){ var names = $("#names"); names.text(names_data); } function getnames(){ } $.get(https://raw.githubusercontent.com/gsl-peru/names/master/names.txt, handlenames); var btn = $("#btn"); btn.click(getnames);

<!DOCTYPE html> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> </head> <body> <button id = "btn">click me</button> <p id="names">names<p> <script type="text/javascript"> function handlenames(names_data){ var names = $("#names"); names.text(names_data); } function getnames(){ $.get("https://raw.githubusercontent.com/gsl-peru/names/master/names.txt", handlenames); } var btn = $("#btn"); btn.click(getnames); </script> </body> </html>

Exercise: Try to replicate what we just did. The link to the names file: https://raw.githubusercontent.com/gsl-peru/names/master/na mes.txt

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback