Web based development

Web-based Database Development

IS 465Min Song

Three-Tier Architecture

Oracle/MySQLDB Server

Apache TomcatApp Server

MicrosoftInternetExplorer

HTML

Tuples

HTTPRequests

JDBCRequests

Java ServerPages (JSPs)

Located@ your server

Located@ Your PC

Located@ Any PC

Data Entry Forms

Java Database Connectivity (JDBC)

Instruction for Building Web-based Database in Java

• Tomcat 6.0 or above– http://tomcat.apache.org/download-60.cgi– From the above download site, choose Binary Distribution

-> Core -> Zip• Unzip the package to C:\Program Files\Apache

Software Foundation\Tomcat 6.0\webapps • Start Tomcat by executing tomcat6w in C:\Program

Files\Apache Software Foundation\Tomcat 6.0\bin• Open the internet browser and type

http://localhost:8080/. If you see the tomcat on the upper left corner, you are successful so far.

http://tomcat.apache.org/download-60.cgi

http://localhost:8080/

• Download mysql server at http://dev.mysql.com/downloads/mysql/5.1.html and install it onto your computer

• Download a sample DB from my home page• Create a database in mysql as follows:

http://dev.mysql.com/downloads/mysql/5.1.html

http://dev.mysql.com/downloads/mysql/5.1.html

• Shell > mysql –u root –p• mysql> CREATE DATABASE world; • mysql> USE world; • mysql> SOURCE world.sql; • mysql> SHOW TABLES;

• Go to the following url: http://localhost/world_db/index.jsp

• Note: You need to modify configuration files and properties file such as sqldb.xml and build.properties

http://localhost/world_db/index.jsp

Data Base Connectivity From JAVA

package edu.njit.is465;

import java.sql.Connection; // Java’s interface to SQLimport java.sql.DriverManager; // Loads the appropriate SQL driverimport java.sql.SQLException; // Handles errors from the databaseimport java.util.Properties; // Configuration file to load the //db.properties fileimport java.util.logging.Level; // Logs informationimport java.util.logging.Logger; // Logs information

/** * Base class for those that use a database connection * * @version 1.0 * @since 1.0 */public abstract class DatabaseConnection{

protected final Logger logger;protected Connection connect = null;

import java.sql.*;

class JdbcTest { public static void main (String args []) throws SQLException { // Load Oracle driver DriverManager.registerDriver (new oracle.jdbc.driver.OracleDriver()); // Connect to the local database Connection conn = DriverManager.getConnection ("jdbc:oracle:thin:@myhost:1521:ORCL","scott", "tiger");

JDBC

// Query the student names Statement stmt = conn.createStatement (); ResultSet rset = stmt.executeQuery ("SELECT name

FROM Student"); // Print the name out //name is the 2nd attribute of Studentwhile (rset.next ())

System.out.println (rset.getString (1));

//close the result set, statement, and the connection rset.close();stmt.close(); conn.close();

PreparedStatement ObjectIf you want to execute a Statement object many times,

it will normally reduce execution time to use a PreparedStatement object instead.

PreparedStatement updateStud = conn.prepareStatement( "UPDATE Student SET name = ? WHERE lastname LIKE ?");

updateStud.setString(1, “John”); updateStud.setString(2, “Smith”);

updateStud.executeUpdate();

PreparedStatement Objectthe following two code fragments accomplish the same

thing:• Code Fragment 1:

String updateString = "UPDATE COFFEES SET SALES = 75 " + "WHERE COF_NAME LIKE 'Colombian'"; stmt.executeUpdate(updateString);

• Code Fragment 2:PreparedStatement updateSales = con.prepareStatement( "UPDATE COFFEES SET SALES = ? WHERE COF_NAME LIKE ? "); updateSales.setInt(1, 75); updateSales.setString(2, "Colombian"); updateSales.executeUpdate():

• int getInt(int columnIndex) Retrieves the value of the designated column in the current row of this ResultSet object as an int in the Java programming language.

• int getInt(String columnName)

• String getString(int columnIndex)

• String getString(String columnName)

Using TransactionsWhen a connection is created, it is in auto-commit mode.

This means that each individual SQL statement is treated as a transaction and will be automatically committed right after it is executed.

conn.setAutoCommit(false); ....transaction...con.commit(); con.setAutoCommit(true);

Using Transactionsexample

con.setAutoCommit(false); PreparedStatement updateSales =

con.prepareStatement( "UPDATE COFFEES SET SALES = ? WHERE COF_NAME LIKE ?");

updateSales.setInt(1, 50); updateSales.setString(2, "Colombian"); updateSales.executeUpdate(); PreparedStatement updateTotal =

con.prepareStatement( "UPDATE COFFEES SET TOTAL = TOTAL + ? WHERE COF_NAME LIKE ?"); updateTotal.setInt(1, 50);

updateTotal.setString(2, "Colombian"); updateTotal.executeUpdate(); con.commit(); con.setAutoCommit(true);

Retrieving Exceptions

JDBC lets you see the warnings and exceptions generated by your DBMS and by the Java compiler. To see exceptions, you can have a catch block print them out. For example, the following two catch blocks from the sample code print out a message explaining the exception:

try { // Code that could generate an exception goes here. // If an exception is generated, the catch block below // will print out information about it. } catch(SQLException ex) { System.err.println("SQLException: " + ex.getMessage()); }

JSP Syntax

• Comment– <%-- Comment --%>

• Expression– <%= java expression %>

• Scriplet– <% java code fragment %>

• Include– <jsp:include page="relativeURL" />

Entry Form - First Attempt


<b>Data Entry Menu</b><ul> <li> <a href="courses.jsp">Courses<a> </li> <li> <a href="classes.jsp">Classes<a> </li> <li> <a href="students.jsp">Students<a> </li></ul>

Menu HTML Code


<html><body> <table> <tr> <td> <jsp:include page="menu.html" /> </td> <td> Open connection code Statement code Presentation code Close connection code </td> </tr> </table></body></html>

JSP Code


<%-- Set the scripting language to java and --%><%-- import the java.sql package --%><%@ page language="java" import="java.sql.*" %> <% try { // Load Oracle Driver class file DriverManager.registerDriver (new oracle.jdbc.driver.OracleDriver()); // Make a connection to the Oracle datasource Connection conn = DriverManager.getConnection ("jdbc:oracle:thin:@feast.ucsd.edu:1521:source", “user", “pass");%>

Open Connectivity Code


<%

// Create the statement

Statement statement = conn.createStatement();

// Use the statement to SELECT the student attributes

// FROM the Student table.

ResultSet rs = statement.executeQuery

("SELECT * FROM Student");

%>

Statement Code


<table> <tr> <th>SSN</th> <th>First</th> <th>Last</th> <th>College</th> </tr>

<% // Iterate over the ResultSet while ( rs.next() ) {%> Iteration Code<% }%></table>

Presentation Code



<tr> <%-- Get the SSN, which is a number --%> <td><%= rs.getInt("SSN") %></td>

<%-- Get the ID --%> <td><%= rs.getString("ID") %></td>

<%-- Get the FIRSTNAME --%> <td><%= rs.getString("FIRSTNAME") %></td>

<%-- Get the LASTNAME --%> <td><%= rs.getString("LASTNAME") %></td>

<%-- Get the COLLEGE --%> <td><%= rs.getString("COLLEGE") %></td></tr>

Iteration Code


<%// Close the ResultSetrs.close(); // Close the Statementstatement.close(); // Close the Connectionconn.close();

} catch (SQLException sqle) { out.println(sqle.getMessage());} catch (Exception e) { out.println(e.getMessage());}%>

Close Connectivity Code

Entry Form - Second Attempt


<html><body> <table> <tr> <td> Open connection code Insertion Code Statement code Presentation code Close connection code </td> </tr> </table></body></html>

JSP Code


// Check if an insertion is requestedString action = request.getParameter("action");if (action != null && action.equals("insert")) {

conn.setAutoCommit(false); // Create the prepared statement and use it to// INSERT the student attrs INTO the Student table.PreparedStatement pstmt = conn.prepareStatement(("INSERT INTO Student VALUES (?, ?, ?, ?, ?)"));

pstmt.setInt(1,Integer.parseInt(request.getParameter("SSN")));pstmt.setString(2, request.getParameter("ID"));…pstmt.executeUpdate();

conn.commit();conn.setAutoCommit(true);}

Insertion Code


<table> <tr> <th>SSN</th> <th>First</th> <th>Last</th> <th>College</th> </tr> Insert Form Code<% // Iterate over the ResultSet while ( rs.next() ) {%> Iteration Code<% }%></table>

Presentation Code


<tr>

<form action="students.jsp" method="get">

<input type="hidden" value="insert" name="action">

<th><input value="" name="SSN" size="10"></th>

<th><input value="" name="ID" size="10"></th>

<th><input value="" name="FIRSTNAME" size="15"></th>

<th><input value="" name="LASTNAME" size="15"></th>

<th><input value="" name="COLLEGE" size="15"></th>

<th><input type="submit" value="Insert"></th>

</form>

</tr>

Insert Form Code

Entry Form - Third Attempt


<html><body> <table> <tr> <td> Open connection code Insertion Code Update Code Delete Code Statement code Presentation code Close connection code </td> </tr> </table></body></html>

JSP Code


// Check if an update is requestedif (action != null && action.equals("update")) {

conn.setAutoCommit(false); // Create the prepared statement and use it to// UPDATE the student attributes in the Student table.PreparedStatement pstatement = conn.prepareStatement("UPDATE Student SET ID = ?, FIRSTNAME = ?, " +"LASTNAME = ?, COLLEGE = ? WHERE SSN = ?");

pstatement.setString(1, request.getParameter("ID"));pstatement.setString(2, request.getParameter("FIRSTNAME"));…int rowCount = pstatement.executeUpdate();

conn.setAutoCommit(false);conn.setAutoCommit(true);}

Update Code


// Check if a delete is requestedif (action != null && action.equals("delete")) {

conn.setAutoCommit(false); // Create the prepared statement and use it to// DELETE the student FROM the Student table.PreparedStatement pstmt = conn.prepareStatement("DELETE FROM Student WHERE SSN = ?");

pstmt.setInt(1, Integer.parseInt(request.getParameter("SSN")));

int rowCount = pstmt.executeUpdate();

conn.setAutoCommit(false);conn.setAutoCommit(true);}

Delete Code


<table> <tr> <th>SSN</th> <th>First</th> <th>Last</th> <th>College</th> </tr> Insert Form Code<% // Iterate over the ResultSet while ( rs.next() ) {%> Iteration Code<% }%></table>

Presentation Code


<tr> <form action="students.jsp" method="get"> <input type="hidden" value="update" name="action"> <td><input value="<%= rs.getInt("SSN") %>" name="SSN"></td> <td><input value="<%= rs.getString("ID") %>" name="ID"></td>… <td><input type="submit" value="Update"></td> </form> <form action="students2.jsp" method="get"> <input type="hidden" value="delete" name="action"> <input type="hidden" value="<%= rs.getInt("SSN") %>" name="SSN"> <td><input type="submit" value="Delete"></td> </form></tr>

Iteration Code


public DatabaseConnection() throws Exception{

logger = Logger.getLogger(this.getClass().getName());

Properties props = new Properties();try {props.load(getClass().getResourceAsStream("db.properties"));final String driver = props.getProperty("driver");final String url = props.getProperty("url");final String user = props.getProperty("user");final String pass = props.getProperty("pass");Class.forName(driver).newInstance();connect = DriverManager.getConnection(url, user, pass);}catch (Exception ex) {

logger.log(Level.SEVERE, "Unable to create database connection",

ex);throw new Exception("Unable to create database

connection",ex);

}}


Driver specifies which backend database system to use

In this case, we need a mySQL driver since the database is mySQLThe URL specifies the location of the database as well as which database within mySQL to use

db.properties filedriver = com.mysql.jdbc.Driverurl = jdbc:mysql://landsend.cs.drexel.edu/scheduleruser = jsalvagepass = dbwiz


When an object goes out of scope it is important to close the connection.

protected void finalize(){

if (connect != null) {try {

connect.close();connect = null;

}catch (SQLException ex) {

logger.log(Level.SEVERE, "Unable to close database connection",ex);

}}

}}


/* * DatabaseCourseManager.java * */package edu.njit.is465;

import java.sql.PreparedStatement; //Executes a SQL statementimport java.sql.ResultSet; //Stores the rows returned from the queryimport java.sql.SQLException;//Handles errorsimport java.util.ArrayList;//Dynamic structure import java.util.List;//Interface to an ArrayListimport java.util.logging.Level; Used to log errors

/** * Database backed course manager * * @version 1.0 * @since 1.0 */public class DatabaseCourseManager extends DatabaseConnection

implements CourseManager{

Data Base Connectivity From JAVAADDING A RECORD TO THE DATABASEExample: AddCourse

A course contains:

• Department Name• Department Number• Number of Credits• Name• Description

Therefore, the insert statement will contain five values. In it’s most basic form, a SQL INSERT statement has the following syntax:

INSERT INTO TableName VALUES (list of values)

This form of SQL INSERT requires the knowledge of the order of the fields in the table. The SQL table was created in the order the fields are listed above. Therefore, we can perform a SQL insert by listing the values in their proper place.

Java allows this to be done without a lot of fancy string manipulation if you use the PreparedStatement object. Observe the following code which associates each value to be inserted with the proper question mark.

One huge benefit to using the PreparedStatement instead of building the string manually, is it handles any special characters that would need to be escaped. i.e. double quote. In addition, it will prevent SQL code from inadvertently being executed, but that is an advanced topic.

Data Base Connectivity From JAVA/* * @see edu.njit.is465.CourseManager#addCourse(edu.njit.is465.Course) */public void addCourse(final Course course) throws SchedulerException{

try {final PreparedStatement stm = connect.prepareStatement(

"INSERT INTO Course VALUES(?, ?, ?, ?, ?)");stm.setString(1, course.getDepartment());stm.setInt(2, course.getNumber());stm.setInt(3, course.getCredits());stm.setString(4, course.getName());stm.setString(5, course.getDescription());

int n = stm.executeUpdate();stm.close();if (n != 1)

throw new SchedulerException("Unable to add course");}catch (SQLException ex) {

logger.log(Level.SEVERE, "addStudent", ex);throw new SchedulerException("Unable to add course", ex);

}}

Executing the SQL command is simply a matter of calling the executeUpdate method of the PreparedStatement object.


RETRIEVING RECORDS FROM A DATABASEExample: getAllCourses

We need to select data from the database and return it into a structure Java can understand.

In it’s most basic form, a SQL SELECT statement has the following syntax:

SELECT * FROM TableName ORDER BY ListOfFields

The ORDER BY clause is optional, but will allow the results to be sorted by the fields we list after the keywords ORDER BY.

Again we will use the PreparedStatement to hold the SQL command.The results of the query will be stored in a ResultSet object and then each record will be added to our courses object.

Data Base Connectivity From JAVA/* * @see edu.njit.is465.CourseManager#getAllCourses() */public Course[] getAllCourses(){


"SELECT * FROM Course ORDER BY dept, num");

final ResultSet result = stm.executeQuery();final List<Course> courses = new ArrayList<Course>();while (result.next())

courses.add(toCourse(result));

result.close();stm.close();

return courses.toArray(new Course[0]);}catch (SQLException ex) {

logger.log(Level.SEVERE, "getAllCourses", ex);return new Course[0];

}}


RETRIEVING RECORDS FROM A DATABASE WITH A CONDITIONExample: getCourse

We need to add a selection criteria to our SQL statement so only a specific of courses is returned.

In it’s most complex form, a SQL SELECT statement has the following syntax:

SELECT * FROM TableName WHERE Field1 = value1 and Field2 = value2

The WHERE clause is optional, and allows the results to filtered based upon the selection criteria you list.

Again we will use the PreparedStatement to hold the SQL command.

The results of the query will be stored in a ResultSet object and the single record will be added to our course object.

Data Base Connectivity From JAVA/*

* @see edu.njit.is465.CourseManager#getCourse(java.lang.String, int) */public Course getCourse(final String dept, int num){

Course course = null;


"SELECT * FROM Course WHERE dept = ? AND num = ?");stm.setString(1, dept);stm.setInt(2, num);

final ResultSet result = stm.executeQuery();if (result.next())

course = toCourse(result);

result.close();stm.close();


logger.log(Level.SEVERE, "getCourse", ex);}

return course;}

Data Base Connectivity From JAVA/* * @see edu.njit.465.CourseManager#removeCourse(java.lang.String, int) */public void removeCourse(final String dept, int num) throws SchedulerException{


"DELETE FROM Course WHERE dept = ? AND num = ?");stm.setString(1, dept);stm.setInt(2, num);stm.executeUpdate();stm.close();


logger.log(Level.SEVERE, "removeCourse", ex);throw new SchedulerException(ex);

}}

Data Base Connectivity From JAVA/*

* @see edu.njit.is465.CourseManager#updateCourse(edu.njit.is465.Course) */public void updateCourse(final Course course) throws SchedulerException{


"UPDATE Course SET credits = ?, name = ?, description = ?" +

" WHERE dept = ? AND name = ?");stm.setInt(1, course.getCredits());stm.setString(2, course.getName());stm.setString(3, course.getDescription());stm.setString(4, course.getDepartment());stm.setInt(5, course.getNumber());

stm.executeUpdate();stm.close();


logger.log(Level.SEVERE, "updateCourse", ex);throw new SchedulerException(ex);

}}

private Course toCourse(final ResultSet result) throws SQLException{

final String dept = result.getString("dept");final int num = result.getInt("num");final Course course = new Course(dept, num);course.setCredits(result.getInt("credits"));course.setName(result.getString("name"));course.setDescription(result.getString("description"));return course;

}}

Education

Web based development