overview questions
play

Overview/Questions Review: the Python tuple sequence. How does a - PDF document

Feb 22, 2024 •598 likes •724 views

CS108 Lecture 21: The Python DBABPI Aaron Stevens 18 March 2009 1 Overview/Questions Review: the Python tuple sequence. How does a custom application program connect to a database? How are SQL queries formed using parameterized

  1. CS108 Lecture 21: The Python DBABPI Aaron Stevens 18 March 2009 1 Overview/Questions – Review: the Python tuple sequence. – How does a custom application program connect to a database? – How are SQL queries formed using parameterized data? – How does the application read the results of SQL statements? 2 1

  2. The Python tuple sequence tuple s are constructed by the comma operator (not within square brackets), with or without enclosing parentheses. t = 4,5,6 print t A single element tuple must have a trailing comma, such as (d,). 3 The Python tuple sequence tuple s are very similar to list s, but they are immutable: items in a tuple cannot be changed. tuple elements are accessed by index, or by simultaneous assignment: print t[0] a,b,c = t # unpacking a tuple 4 2

  3. The Python DB API Python defines a standard API (objects and methods) for interaction with databases. – No standard implementation of this interface. – 3 rd party developers write their own libraries which conforms to the standard. We will be using the sqlite3 database, which is part of the Python distribution. – Nothing extra for you to install! 5 Creating a sqlite3 Connection A Connection is an object that represents the database connection. – Import the sqlite3 module – Use connection string to specify database file name. – Call connect function to obtain a Connection . 6 3

  4. Obtain a Cursor object A Cursor object is an used to execute transactions (via SQL) against the database. – Create the Connection first… – Ask the Connection object to give you a Cursor object: 7 Executing an SQL Statement Use the Cursor object’s execute method to run an SQL statement against the database. Look at the results. What type are these? 8 4

  5. Processing Query Results After calling the cursor.execute() method, we can process/interpret the results. SELECT queries: results will be zero or more rows of data returned from the database INSERT, UPDATE, and DELETE queries: the result will be the number of rows (zero or more) affected by the change. 9 Processing Query Results SELECT queries: results will be zero or more rows of data returned from the database The method cursor.fetchall() returns a tuple of rows (each row is a tuple of fields). data = cursor.fetchall() We can then process this tuple in the normal fashion using a for loop. 10 5

  6. Processing Query Results A complete example, processing all rows returned from a SELECT query: 11 Processing Query Results INSERT, UPDATE, and DELETE queries: the result will be the number of rows (zero or more) affected by the change. The attribute cursor.rowcount is an integer, the number of rows affected. 12 6

  7. Committing Changes For INSERT, UPDATE, and DELETE queries, you need to execute the method: conn.commit() on the Connection object to commit your changes. It might be a good idea to only commit if the row count is reasonable (e.g. 1). 13 Parameterized SQL Most likely, SQL queries in an application will be dependent on some data input by the user. Don’t do this: This kind of statement is vulnerable to SQL injection – a major security risk. 14 7

  8. SQL Injection SQL injection is a technique that exploits the syntax of SQL to chain extra statements to an SQL query. Suppose user inputs: BUD’;DROP TABLE stocks AND ‘t’=‘t The resulting SQL becomes: SELECT * from stocks WHERE symbol=‘BUD’;DROP TABLE stocks AND ‘t’=‘t’ Don’t think the hackers haven’t tried this! 15 Parameterized SQL Instead, do this: and put the input parameter into a tuple: 16 8

  9. Parameterized SQL Also, use parameterized SQL for INSERT statements. – (assume variables symbol, name, price, earnings, yield have received user input): sql = “INSERT INTO stocks VALUES (?,?,?,?,?)” parameters = (symbol,name,price,earnings,yield) cursor.execute(sql, parameters) 17 SQL Injection Source: www.xkcd.com 18 9

  10. Take-Away Points – tuple – DBAPI – Connection object – Cursor object – SQL injection! 19 Using sqliteClient Program I wrote a client a PythonCard GUI application which is a client program to interact with a sqlite3 database. Instructions for installing PythonCard are here: http://www.cs.bu.edu/courses/cs108/slides/CS108.PythonCard.Install.pdf You may use this to experiment with SQL statements. The program can be downloaded from: http://www.cs.bu.edu/courses/cs108/util/sqliteClient.zip 20 10

  11. Student To Dos – Readings for this week: SQL Tutorial http://www.firstsql.com/tutor.htm http://docs.python.org/library/sqlite3.html – Readings for next week: HTML Tutorial http://www.w3schools.com/HTML/  Read “Introduction”, “Elements”, “Basic Tags” for MONDAY; the rest for later in the week. – HW08 due Wednesday 3/18 – Quiz 4 will be on Friday 3/20  User defined classes  Lists, dictionaries 21 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 How Do I Ask Questions During this Webinar? Questions that arise during the training may be

1 How Do I Ask Questions During this Webinar? Questions that arise during the training may be

1 How Do I Ask Questions During this Webinar? Questions that arise during the training may be emailed to: elibrarytraining@ahca.myflorida.com 2 Training Objectives Provide an overview of the Florida Medicaid Ambulance Transportation

821 views • 55 slides
Overview/Questions What is an algorithm? How do we go about writing a program? What

Overview/Questions What is an algorithm? How do we go about writing a program? What

CS101 Lecture 21: Writing Simple Programs: Algorithms, The Software Development Process Python Names, Expressions, Input, and Output Aaron Stevens 18 March 2009 1 Overview/Questions What is an algorithm? How do we go about writing a

531 views • 14 slides
An Overview of ACH Transition Subcommittee Responses to Discussion Guidance Questions 100%

An Overview of ACH Transition Subcommittee Responses to Discussion Guidance Questions 100%

An Overview of ACH Transition Subcommittee Responses to Discussion Guidance Questions 100% response rate by public members Responses compiled by P. Porter, Consultant and P. Pierce, Research ACH Transition Committee Guidance Questions

410 views • 15 slides
Overview/Questions Where did computers come from? When were computers first discovered?

Overview/Questions Where did computers come from? When were computers first discovered?

CS101 Lecture 5: Brief History of Computing Aaron Stevens 26 January 2009 Some images courtesy Wikimedia Commons, IBM 1 Overview/Questions Where did computers come from? When were computers first discovered? What is the

386 views • 15 slides
Year 12 Unit 4 Planning Sustainable Places Overview Short Answer Exam Questions. Students

Year 12 Unit 4 Planning Sustainable Places Overview Short Answer Exam Questions. Students

Year 12 Unit 4 Planning Sustainable Places Overview Short Answer Exam Questions. Students may be required to utilise Geographical skills within these questions/answers. Usually involves some source analysis. Overview of Places and their

741 views • 45 slides
Resort Beach Civic League Proposed Arena Questions/Concerns April 20, 2015 Presentation

Resort Beach Civic League Proposed Arena Questions/Concerns April 20, 2015 Presentation

Resort Beach Civic League Proposed Arena Questions/Concerns April 20, 2015 Presentation Overview Introduction USM Proposal Overview Project Update and Recent Activities Responses to Questions/Concerns Follow Up Questions 2

410 views • 27 slides
CMS 101 For questions or issues: go.pacific.edu/WebRequest Overview Introductions What

CMS 101 For questions or issues: go.pacific.edu/WebRequest Overview Introductions What

CMS 101 For questions or issues: go.pacific.edu/WebRequest Overview Introductions What is a CMS? What is Workflow? Logging into the CMS and overview of CMS interface Creating a folder Creating a Detail Page Text

140 views • 13 slides
INTERVIEWING BASICS Erin Pischke & Kathy Halvorsen Overview 1. Creating interview questions

INTERVIEWING BASICS Erin Pischke & Kathy Halvorsen Overview 1. Creating interview questions

INTERVIEWING BASICS Erin Pischke & Kathy Halvorsen Overview 1. Creating interview questions 2. Interviewing skills 3. Qualitative data analysis Creating Interview Questions 1. Consider the number of 5. No jargon! questions to ask

221 views • 7 slides
CRP overview Questions H ISTORY Congressional Mandate in 1996 Established in May

CRP overview Questions H ISTORY Congressional Mandate in 1996 Established in May

A LASKA C ITIZEN R EVIEW P ANEL Dr. Diwakar Vadapalli Chair, Alaska Citizen Review Panel A Presentation to the Tribal State Collaboration Group May 4, 2017 P RESENTATION O UTLINE CRP overview Questions H ISTORY Congressional Mandate

138 views • 12 slides
Now Front and Center #NonprofitProfiles Have questions? Have questions? Have questions? Have

Now Front and Center #NonprofitProfiles Have questions? Have questions? Have questions? Have

New Nonprofit Profile Preview: Your Organizations Full Story, Now Front and Center #NonprofitProfiles Have questions? Have questions? Have questions? Have questions? Have questions? #NonprofitProfiles #NonprofitProfiles

722 views • 20 slides
Overview/Questions What are objects, and how do they help us program more effectively?

Overview/Questions What are objects, and how do they help us program more effectively?

CS108 Lecture 11: Objects and Graphics Objects and Classes Graphics Concepts Aaron Stevens 9 February 2009 1 Overview/Questions What are objects, and how do they help us program more effectively? An overview of computer graphics

440 views • 13 slides
Welcome to our Class An Overview of Maranzanos Instructional Design Questions From The Art

Welcome to our Class An Overview of Maranzanos Instructional Design Questions From The Art

Welcome to our Class An Overview of Maranzanos Instructional Design Questions From The Art & Science of Teaching by Barbara Gorbaty and Toby Martin Maranzonos Framwork: Focused on improving instruction Research Based-

781 views • 39 slides
CS 134: Operating Systems Threads 1 / 23 Overview CS34 Overview 2012-12-06 Wiki Answers

CS 134: Operating Systems Threads 1 / 23 Overview CS34 Overview 2012-12-06 Wiki Answers

CS34 2012-12-06 CS 134: Operating Systems Threads CS 134: Operating Systems Threads 1 / 23 Overview CS34 Overview 2012-12-06 Wiki Answers Thread Questions Scheduler Questions Synchronization Questions Overview Threads Concepts

375 views • 26 slides
Overview/Questions What does Internet Protocol actually do? What is an IP address? How

Overview/Questions What does Internet Protocol actually do? What is an IP address? How

CS101 Lecture 6: Internetworking: Internet Protocol, IP Addresses, Routing, DNS John Magee 8 July 2013 Some images courtesy Wikimedia Commons 1 Overview/Questions What does Internet Protocol actually do? What is an IP address? How

495 views • 18 slides
How to ask questions and comment: Please use the Q&A pod to comments and ask questions:

How to ask questions and comment: Please use the Q&A pod to comments and ask questions:

How to ask questions and comment: Please use the Q&A pod to comments and ask questions: If time permits, verbal questions will be accepted. Please use the raised hand icon and you will be placed in the speaker queue When its

441 views • 15 slides
How to ask questions and comment: Please use the Q&A pod to comments and ask questions:

How to ask questions and comment: Please use the Q&A pod to comments and ask questions:

How to ask questions and comment: Please use the Q&A pod to comments and ask questions: If time permits, verbal questions will be accepted. Please use the raised hand icon and you will be placed in the speaker queue When its

380 views • 12 slides
Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel

Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel

Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Outline Web Application Security, Part I Brief introduction to HTML and Web applications (e.g., scripts) The

618 views • 38 slides
Secure Programming Laboratory 3: Injection SP Demonstrators: Arthur Chan / David Aspinall 6th

Secure Programming Laboratory 3: Injection SP Demonstrators: Arthur Chan / David Aspinall 6th

Secure Programming Laboratory 3: Injection SP Demonstrators: Arthur Chan / David Aspinall 6th March 2019 Orientation This is the third Laboratory Session for Secure Programming It is convened by Arthur and David. The handout and other

81 views • 7 slides
VOTD: SQL Injection Engineering Secure Software Last Revised: September 3, 2020 SWEN-331:

VOTD: SQL Injection Engineering Secure Software Last Revised: September 3, 2020 SWEN-331:

VOTD: SQL Injection Engineering Secure Software Last Revised: September 3, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is SQL Injection? Manipulating query strings to execute code Injecting SQL commands into

379 views • 9 slides
Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011

Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011

Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Advanced Web Technology 10) XSS, CSRF and SQL Injection 1 Table of Contents Cross Site Request

659 views • 39 slides
Lecture 3.3: Solving differential equations with Fourier series Matthew Macauley Department of

Lecture 3.3: Solving differential equations with Fourier series Matthew Macauley Department of

Lecture 3.3: Solving differential equations with Fourier series Matthew Macauley Department of Mathematical Sciences Clemson University http://www.math.clemson.edu/~macaule/ Math 4340, Advanced Engineering Mathematics M. Macauley (Clemson)

234 views • 4 slides
Tx Signal: 1000 Hz sine wave; Attenuation; Random noise with 0.5ms spike Tx Signal Noise Rx

Tx Signal: 1000 Hz sine wave; Attenuation; Random noise with 0.5ms spike Tx Signal Noise Rx

Tx Signal: 1000 Hz sine wave; Attenuation; Random noise with 0.5ms spike Tx Signal Noise Rx Signal Tx Signal: 1000 Hz square wave; Attenuation; Random noise with 0.5ms spike Tx Signal Noise Rx Signal What about a signal with 2 levels vs a

158 views • 5 slides
CONTINUOUS TIME FOURIER SERIES CHAPTER 3.3-3.8 16 CTFS TRANSFORM PAIR Suppose () can

CONTINUOUS TIME FOURIER SERIES CHAPTER 3.3-3.8 16 CTFS TRANSFORM PAIR Suppose () can

15 CONTINUOUS TIME FOURIER SERIES CHAPTER 3.3-3.8 16 CTFS TRANSFORM PAIR Suppose () can be expressed as a linear combination of harmonic complex exponentials 0 synthesis equation

884 views • 14 slides
Time Development Recall the rectangular initial wave packet in the infinite square well shown

Time Development Recall the rectangular initial wave packet in the infinite square well shown

Time Development Recall the rectangular initial wave packet in the infinite square well shown below. How does it evolve in time? V ( x ) = 0 0 < x < a = x 0 and x a 1 | ( x, 0) = x 0 x x 1 and d = x 0

333 views • 7 slides

More recommend