PHP Refresher: migration to PDO (PHP Data Objects)
|
|
- Adam Harvey
- 7 years ago
- Views:
Transcription
1 PHP Refresher: migration to PDO (PHP Data Objects) 1
2 Background PHP & MySQL Three MySQL APIs in PHP mysql, mysqli and PDO <?php // mysql $c = mysql_connect("example.com", "user", "password"); mysql_select_db("database"); $result = mysql_query("select 'Hello, dear MySQL user!' AS _message FROM DUAL"); $row = mysql_fetch_assoc($result); echo htmlentities($row['_message']); // mysqli $mysqli = new mysqli("example.com", "user", "password", "database"); $result = $mysqli >query("select 'Hello, dear MySQL user!' AS _message FROM DUAL"); $row = $result >fetch_assoc(); echo htmlentities($row['_message']);?> Note that both mysql and mysqli APIs are highly MySQL specific and not portable between different RDBMS! Copyright The PHP Group hint: you should use the excellent manual! 2
3 PHP Data Objects - PDO <?php // PDO $pdo = new PDO('mysql:host=example.com;dbname=database', 'user', 'password'); $statement = $pdo >query("select 'Hello, dear MySQL user!' AS _message FROM DUAL"); $row = $statement >fetch(pdo::fetch_assoc); echo htmlentities($row['_message']);?> Note that PDO API is not MySQL specific! Copyright The PHP Group hint: you should use the excellent manual! 3
4 Choosing an API Three MySQL APIs in PHP mysql, mysqli and PDO mysql API deprecated from PHP5.5 onwards maintenance only not for new projects commonly found in tutorials and textbooks! mysqli (improved) API object oriented and suitable for new projects most fully featured for MySQL RDBMS highly MySQL specific and not portable between different RDBMS PDO also object oriented and suitable for new projects consistent interface for accessing databases ease of switching databases (in theory, just change the connection parameters on a single line) drivers for CUBRID, MS SQL Server, Firebird/Interbase, IBM, Informix, MySQL, MS SQL Server, Oracle, ODBC and DB2, PostgreSQL, SQLite & 4D object oriented requiring OO features of PHP 5 core prepared statements and bind values are more secure ORM-like features (Object Relational Mapping) fields within record properties of object a common feature of MVC frameworks some employers insist on PDO hint: you should use the excellent manual! 4
5 PDO Concepts PDO PHP DB Driver Database Abstraction layer: consistent interface for accessing different databases Driver required for your chosen database Database technology of your choice 5
6 PDO - PHP Data Objects PDO extension defines a lightweight, consistent interface for accessing databases in PHP PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data <?php try { $dbh = new PDO('mysql:host=localhost;dbname=test',$user,$pass); foreach($dbh >query('select * from FOO') as $row) { print_r($row); } $dbh = null; } catch (PDOException $e) { print "Error!: ". $e >getmessage(). "<br/>"; die(); }?> Copyright The PHP Group hint: you should use the excellent manual! 6
7 PDO: Prepared statements, placeholders and bind values $stmt = $dbh >prepare("insert INTO REG (name, value) VALUES (:name, :value);"); $stmt >bindparam(':name', $name); $stmt >bindparam(':value', $value); // insert one row $name = 'one'; $value = 1; $stmt >execute(); The parameters to prepared statements don't need to be quoted; the PDO driver automatically handles this. $stmt = $dbh >prepare("insert INTO REG (name, value) VALUES (?,?);"); $stmt >bindparam(1, $name); $stmt >bindparam(2, $value); // insert another row with different values $name = 'two'; $value = 2; $stmt >execute(); If an application exclusively uses prepared statements, the developer can be sure that no SQL injection will occur. Note that the PDO functions are not MySQL specific! 7
8 MySQL functions lack prepared statements, placeholders and bind values // insert a third row with different values $name = 'three'; $value = 3; $res=mysql_query("insert INTO REG (name, value) VALUES ('$name', $value);"); Note that string variable must be enclosed in quotes for valid SQL. String interpolation is open to SQL injection attack. // insert a fourth row with different values $name = 'four'; $value = 4; $res=mysql_query( "INSERT INTO REG (name, value) VALUES ('". $name. "',". $value. ");" ); Note that these functions are very MySQL specific and less secure! Note that string variable has been enclosed in single quotes for valid SQL. String concatenation is open to SQL injection attack. 8
9 PDO: error handling $id = $_GET['id']; try { $dbh = new PDO("mysql:host=localhost;dbname=$database", $username, $password); $dbh >setattribute(pdo::attr_errmode, PDO::ERRMODE_EXCEPTION); // SQL errors will not be silent if (array_key_exists('name',$_get)) { // Update row (marker) with user data $name = $_GET['name']; $address = $_GET['address']; $type = $_GET['type']; $stmt=$dbh >prepare("update markers SET name=?,address=?,type=? WHERE id=?;"); $stmt >execute( array($name, $address, $type, $id) ); } else { // Update row (marker) with new position $lat = $_GET['lat']; $lng = $_GET['lng']; $stmt= $dbh >prepare( "UPDATE markers SET lat=?,lng=? WHERE id=?;" ); $stmt >execute( array($lat, $lng,$id) ); } $dbh = null; } catch (PDOException $e) { print "Error!: ". $e >getmessage(). "<br/>"; print "PHP Line Number: ". $e >getline(). "<br/>"; print "PHP File: ". $e >getfile(). "<br/>"; die(); } 9
10 require("phpsqlajax_dbinfo.php"); $dom = new DOMDocument("1.0"); $dom >formatoutput = true; $node = $dom >createelement("products"); $parnode = $dom >appendchild($node); try { PDO::FETCH_OBJ returns an anonymous object with property names that correspond to the column names returned in your result set (ORM-like behaviour ) $dbh = new PDO("mysql:host=localhost;dbname=$database", $username, $password); $dbh >setattribute(pdo::attr_errmode, PDO::ERRMODE_EXCEPTION); $stmt = $dbh >prepare("select catid, descr, stocklevel from products"); $stmt >execute(); while ( $result = $stmt >fetch(pdo::fetch_obj) ) { // ADD TO XML DOCUMENT NODE $node = $dom >createelement("product"); $newnode = $parnode >appendchild($node); $newnode >setattribute( "catid", $result >catid ); $newnode >setattribute( "descr", $result >descr ); $newnode >setattribute( "stocklevel", $result >stocklevel ); } $dbh = null; } catch (PDOException $e) { // as before } header("content Type: text/xml;"); echo $dom >savexml(); 10
11 PDO::FETCH_BOUND returns TRUE and assigns the values of the columns in your result set to the PHP variables to which they were bound with the PDOStatement::bindColumn() method <?php try { $stmt= $dbh >prepare( "select name, ,phone from users order by name asc;" ); $stmt >execute(); $stmt >bindcolumn( 'name', $name ); $stmt >bindcolumn( ' ', $ ); $stmt >bindcolumn( 'phone', $phone ); while ( $stmt >fetch(pdo::fetch_bound) ): echo <<<EOD <tr><form action='' method='post'> <td>name: <input type='text' value='$name' name='name'></td> <td> <input type='text' value='$ ' name=' '></td> <td>phone: <input type='text' value='$phone' name='phone'></td> <td>name: <input type='submit' value='update' name='update'></td> </form></tr> EOD; <?php endwhile; } catch (PDOException $e) { $dbh = null; print "Error displaying existing user!: ". $e >getmessage(). "<br/>"; die(); }?> 11
12 Additional reading (you should use the excellent manual!) 12
Advanced Object Oriented Database access using PDO. Marcus Börger
Advanced Object Oriented Database access using PDO Marcus Börger ApacheCon EU 2005 Marcus Börger Advanced Object Oriented Database access using PDO 2 Intro PHP and Databases PHP 5 and PDO Marcus Börger
More informationdatabase abstraction layer database abstraction layers in PHP Lukas Smith BackendMedia smith@backendmedia.com
Lukas Smith database abstraction layers in PHP BackendMedia 1 Overview Introduction Motivation PDO extension PEAR::MDB2 Client API SQL syntax SQL concepts Result sets Error handling High level features
More informationDatabase Driven Websites Using PHP with Informix
Database Driven Websites Using PHP with Informix February 12, 2013 Thomas Beebe Advanced DataTools Corp (tom@advancedatatools.com) Tom Beebe Tom is a Senior Database Consultant and has been with Advanced
More informationQ&A for Zend Framework Database Access
Q&A for Zend Framework Database Access Questions about Zend_Db component Q: Where can I find the slides to review the whole presentation after we end here? A: The recording of this webinar, and also the
More informationSQL Injection. SQL Injection. CSCI 4971 Secure Software Principles. Rensselaer Polytechnic Institute. Spring 2010 ...
SQL Injection CSCI 4971 Secure Software Principles Rensselaer Polytechnic Institute Spring 2010 A Beginner s Example A hypothetical web application $result = mysql_query(
More informationZend Framework Database Access
Zend Framework Database Access Bill Karwin Copyright 2007, Zend Technologies Inc. Introduction What s in the Zend_Db component? Examples of using each class Using Zend_Db in MVC applications Zend Framework
More informationWriting MySQL Scripts with PHP and PDO
Writing MySQL Scripts with PHP and PDO Paul DuBois paul@kitebird.com Document revision: 1.02 Last update: 2013-08-11 PHP makes it easy to write scripts that access databases, enabling you to create dynamic
More informationWeb Application Security Part 1
Web Application Security Part 1 Author : Treasure Priyamal Site : www.treasuresec.com E-mail : treasure@treasuresec.com Twitter :http://twitter.com/treasure_sec Introduction Today we are going to talk
More informationUsing Cloud Databases in the Cloud Control Panel By J.R. Arredondo (@jrarredondo)
Using Cloud Databases in the Cloud Control Panel By J.R. Arredondo (@jrarredondo) Cloud Databases is the latest relational database service from Rackspace. We have just made it available in the new Cloud
More informationOnline Multimedia Winter semester 2015/16
Multimedia im Netz Online Multimedia Winter semester 2015/16 Tutorial 04 Major Subject Ludwig-Maximilians-Universität München Online Multimedia WS 2015/16 - Tutorial 04-1 Today s Agenda Repetition: Sessions:
More informationPHP Data Objects Layer (PDO) Ilia Alshanetsky
PHP Data Objects Layer (PDO) Ilia Alshanetsky What is PDO Common interface to any number of database systems. Written in C, so you know it s FAST! Designed to make use of all the PHP 5.1 features to simplify
More informationSQL Injection Attack Lab Using Collabtive
Laboratory for Computer Security Education 1 SQL Injection Attack Lab Using Collabtive (Web Application: Collabtive) Copyright c 2006-2011 Wenliang Du, Syracuse University. The development of this document
More informationDIPLOMA IN WEBDEVELOPMENT
DIPLOMA IN WEBDEVELOPMENT Prerequisite skills Basic programming knowledge on C Language or Core Java is must. # Module 1 Basics and introduction to HTML Basic HTML training. Different HTML elements, tags
More information1. What is SQL Injection?
SQL Injection 1. What is SQL Injection?...2 2. Forms of vulnerability...3 2.1. Incorrectly filtered escape characters...3 2.2. Incorrect type handling...3 2.3. Vulnerabilities inside the database server...4
More informationA SQL Injection : Internal Investigation of Injection, Detection and Prevention of SQL Injection Attacks
A SQL Injection : Internal Investigation of Injection, Detection and Prevention of SQL Injection Attacks Abhay K. Kolhe Faculty, Dept. Of Computer Engineering MPSTME, NMIMS Mumbai, India Pratik Adhikari
More informationDBMS Project. COP5725 - Spring 2011. Final Submission Report
DBMS Project COP5725 - Spring 2011 Final Submission Report Chandra Shekar # 6610-6717 Nitin Gujral # 4149-1481 Rajesh Sindhu # 4831-2035 Shrirama Tejasvi # 7521-6735 LINK TO PROJECT Project Website : www.cise.ufl.edu/~mallela
More informationSQL Injection Attack Lab
CMSC 426/626 Labs 1 SQL Injection Attack Lab CMSC 426/626 Based on SQL Injection Attack Lab Using Collabtive Adapted and published by Christopher Marron, UMBC Copyright c 2014 Christopher Marron, University
More informationSQL - QUICK GUIDE. Allows users to access data in relational database management systems.
http://www.tutorialspoint.com/sql/sql-quick-guide.htm SQL - QUICK GUIDE Copyright tutorialspoint.com What is SQL? SQL is Structured Query Language, which is a computer language for storing, manipulating
More informationSQL Injection. The ability to inject SQL commands into the database engine through an existing application
SQL Injection The ability to inject SQL commands into the database engine through an existing application 1 What is SQL? SQL stands for Structured Query Language Allows us to access a database ANSI and
More information7 Web Databases. Access to Web Databases: Servlets, Applets. Java Server Pages PHP, PEAR. Languages: Java, PHP, Python,...
7 Web Databases Access to Web Databases: Servlets, Applets Java Server Pages PHP, PEAR Languages: Java, PHP, Python,... Prof. Dr. Dietmar Seipel 837 7.1 Access to Web Databases by Servlets Java Servlets
More informationDatabase Toolkit: Portable and Cost Effective Software
Database Toolkit: Portable and Cost Effective Software By Katherine Ye Recursion Software, Inc. TABLE OF CONTENTS Abstract...2 Why using ODBC...2 Disadvantage of ODBC...3 Programming with Database Toolkit...4
More informationChapter 9 Java and SQL. Wang Yang wyang@njnet.edu.cn
Chapter 9 Java and SQL Wang Yang wyang@njnet.edu.cn Outline Concern Data - File & IO vs. Database &SQL Database & SQL How Connect Java to SQL - Java Model for Database Java Database Connectivity (JDBC)
More informationFacebook Twitter YouTube Google Plus Website Email
PHP MySQL COURSE WITH OOP COURSE COVERS: PHP MySQL OBJECT ORIENTED PROGRAMMING WITH PHP SYLLABUS PHP 1. Writing PHP scripts- Writing PHP scripts, learn about PHP code structure, how to write and execute
More informationSQL PDO and Microsoft SQL Server
SQL PDO and Microsoft SQL Server By: Blue Parabola, LLC Contents Accessing Databases using PHP... 4 Installing SQL Server Driver for PHP 2.0... 6 Accessing SQL Server from PHP... 8 PDO: The Why and the
More informationJacinta Richardson <jarich@perltraining.com.au> Perl Training Australia
Database access controls with DBD::Proxy and DBI::ProxyServer Jacinta Richardson Perl Training Australia perltraining.com.au Remote connections Not all databases handle connections
More informationUnderstanding Sql Injection
Understanding Sql Injection Hardik Shah Understanding SQL Injection Introduction: SQL injection is a technique used by a malicious user to gain illegal access on the remote machines through the web applications
More informationSerious Threat. Targets for Attack. Characterization of Attack. SQL Injection 4/9/2010 COMP620 1. On August 17, 2009, the United States Justice
Serious Threat SQL Injection COMP620 On August 17, 2009, the United States Justice Department tcharged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit
More informationDatabase Extension 1.5 ez Publish Extension Manual
Database Extension 1.5 ez Publish Extension Manual 1999 2012 ez Systems AS Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License,Version
More informationCreate dynamic sites with PHP & MySQL
Create dynamic sites with PHP & MySQL Presented by developerworks, your source for great tutorials Table of Contents If you're viewing this document online, you can click any of the topics below to link
More informationOther Language Types CMSC 330: Organization of Programming Languages
Other Language Types CMSC 330: Organization of Programming Languages Markup and Query Languages Markup languages Set of annotations to text Query languages Make queries to databases & information systems
More informationWebsite Pros Templates v1.0. Database Template Overview
Website Pros Templates v1.0 Database Template Overview The Templates v1.0 CD includes a pre-configured template using the database component introduced in NetObjects Fusion v8.0. The theme for this template
More informationUSING MYWEBSQL FIGURE 1: FIRST AUTHENTICATION LAYER (ENTER YOUR REGULAR SIMMONS USERNAME AND PASSWORD)
USING MYWEBSQL MyWebSQL is a database web administration tool that will be used during LIS 458 & CS 333. This document will provide the basic steps for you to become familiar with the application. 1. To
More informationAWS Schema Conversion Tool. User Guide Version 1.0
AWS Schema Conversion Tool User Guide AWS Schema Conversion Tool: User Guide Copyright 2016 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may
More informationExposed Database( SQL Server) Error messages Delicious food for Hackers
Exposed Database( SQL Server) Error messages Delicious food for Hackers The default.asp behavior of IIS server is to return a descriptive error message from the application. By attacking the web application
More informationSupercharge your MySQL application performance with Cloud Databases
Supercharge your MySQL application performance with Cloud Databases J.R. Arredondo Director Product Marketing Kelly Goolsby Sales Engineering Manager Daniel Morris Senior Product Manager Dave Fowler Founder
More informationReal SQL Programming 1
Real 1 We have seen only how SQL is used at the generic query interface an environment where we sit at a terminal and ask queries of a database. Reality is almost always different: conventional programs
More informationSQL Injec*on Preven*on. May 3rd 2012
SQL Injec*on Preven*on May 3rd 2012 About Me Tom Webb webbtc@mailbox.sc.edu 803-777- 1701 12 Years in IT Over 6 years at USC Irhowto.wordpress.com computer- forensics.sans.org/blog Who should AOend this
More informationWhite Paper. Blindfolded SQL Injection
White Paper In the past few years, SQL Injection attacks have been on the rise. The increase in the number of Database based applications, combined with various publications that explain the problem and
More informationDB2 Application Development and Migration Tools
DB2 Application Development and Migration Tools Migration Tools If I decide I want to move to DB2 from my current database, can you help me? Yes, we have migration tools and offerings to help you. You
More informationYOUR APP. OUR CLOUD.
YOUR APP. OUR CLOUD. The Original Mobile APP! Copyright cloudbase.io 2013 2 THE MARKET Mobile cloud market in billions of $ $ 16 $ 14 $ 12 $ 10 $14.5bn The size of the mobile cloud market in 2015 $ 8 $
More informationWeb Development using PHP (WD_PHP) Duration 1.5 months
Duration 1.5 months Our program is a practical knowledge oriented program aimed at learning the techniques of web development using PHP, HTML, CSS & JavaScript. It has some unique features which are as
More informationAdvanced PostgreSQL SQL Injection and Filter Bypass Techniques
Advanced PostgreSQL SQL Injection and Filter Bypass Techniques INFIGO-TD TD-200 2009-04 2009-06 06-17 Leon Juranić leon.juranic@infigo.hr INFIGO IS. All rights reserved. This document contains information
More informationHOW-TO. Access Data using BCI. Brian Leach Consulting Limited. http://www.brianleach.co.uk
HOW-TO Access Data using BCI http://www.brianleach.co.uk Contents Introduction... 3 Notes... 4 Defining the Data Source... 5 Check the Definition... 7 Setting up the BCI connection... 8 Starting with BCI...
More informationAWS Schema Conversion Tool. User Guide Version 1.0
AWS Schema Conversion Tool User Guide AWS Schema Conversion Tool: User Guide Copyright 2016 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may
More informationThe JAVA Way: JDBC and SQLJ
The JAVA Way: JDBC and SQLJ David Toman School of Computer Science University of Waterloo Introduction to Databases CS348 David Toman (University of Waterloo) JDBC/SQLJ 1 / 21 The JAVA way to Access RDBMS
More informationINTRODUCTION: SQL SERVER ACCESS / LOGIN ACCOUNT INFO:
INTRODUCTION: You can extract data (i.e. the total cost report) directly from the Truck Tracker SQL Server database by using a 3 rd party data tools such as Excel or Crystal Reports. Basically any software
More informationHow To Let A Lecturer Know If Someone Is At A Lecture Or If They Are At A Guesthouse
Saya WebServer Mini-project report Introduction: The Saya WebServer mini-project is a multipurpose one. One use of it is when a lecturer (of the cs faculty) is at the reception desk and interested in knowing
More informationDatabase System Security. Paul J. Wagner UMSSIA 2008
Database System Security Paul J. Wagner UMSSIA 2008 Need for Database System Security Education The value is in the data 3M Poster Attacks have changed from glory-seeking to attempted financial gain Security
More informationSQL injection: Not only AND 1=1. The OWASP Foundation. Bernardo Damele A. G. Penetration Tester Portcullis Computer Security Ltd
SQL injection: Not only AND 1=1 Bernardo Damele A. G. Penetration Tester Portcullis Computer Security Ltd bernardo.damele@gmail.com +44 7788962949 Copyright Bernardo Damele Assumpcao Guimaraes Permission
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection 2
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationA Brief Introduction to MySQL
A Brief Introduction to MySQL by Derek Schuurman Introduction to Databases A database is a structured collection of logically related data. One common type of database is the relational database, a term
More informationSQL Injection Attacks. Prof. Jim Whitehead CMPS 183: Spring 2006 May 17, 2006
SQL Injection Attacks Prof. Jim Whitehead CMPS 183: Spring 2006 May 17, 2006 Context and Observations on this Slide Deck This slide deck was developed for use in a senior-level course providing an introduction
More informationCourse Outline Basic Web Development
Course Outline Basic Web Development For Professionals Who Can Participate? Anyone can join who has the interest to get into the creative web development profession. Prerequisite: Technical Skill: Must
More informationConnect to MySQL or Microsoft SQL Server using R
Connect to MySQL or Microsoft SQL Server using R 1 Introduction Connecting to a MySQL database or Microsoft SQL Server from the R environment can be extremely useful. It allows a research direct access
More informationMercury Users Guide Version 1.3 February 14, 2006
Mercury Users Guide Version 1.3 February 14, 2006 1 Introduction Introducing Mercury Your corporate shipping has just become easier! The satisfaction of your customers depends on the accuracy of your shipments,
More informationPHP Tutorial From beginner to master
PHP Tutorial From beginner to master PHP is a powerful tool for making dynamic and interactive Web pages. PHP is the widely-used, free, and efficient alternative to competitors such as Microsoft's ASP.
More informationMaksym Iaroshenko Co-Founder and Senior Software Engineer at Eltrino. Magento non-mysql implementations
Maksym Iaroshenko Co-Founder and Senior Software Engineer at Eltrino Magento non-mysql implementations http://ice.eltrino.com/ MySQL? Magento OOB supports MySQL only Since release of Magento CE 1.6 and
More informationSQL Injection Vulnerabilities in Desktop Applications
Vulnerabilities in Desktop Applications Derek Ditch (lead) Dylan McDonald Justin Miller Missouri University of Science & Technology Computer Science Department April 29, 2008 Vulnerabilities in Desktop
More informationSQL Injection Attack Lab
Laboratory for Computer Security Education 1 SQL Injection Attack Lab Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science Foundation
More informationSQL Injection and Data Mining through Inference
SQL Injection and Data Mining through Inference David Litchfield What is SQL Injection? A SQL Injection vulnerability is a type of security hole that is found in a multi-tiered application; it is where
More informationAccessing Your Database with JMP 10 JMP Discovery Conference 2012 Brian Corcoran SAS Institute
Accessing Your Database with JMP 10 JMP Discovery Conference 2012 Brian Corcoran SAS Institute JMP provides a variety of mechanisms for interfacing to other products and getting data into JMP. The connection
More informationINSTALLING, CONFIGURING, AND DEVELOPING WITH XAMPP
INSTALLING, CONFIGURING, AND DEVELOPING WITH XAMPP by Dalibor D. Dvorski, March 2007 Skills Canada Ontario DISCLAIMER: A lot of care has been taken in the accuracy of information provided in this article,
More information> ACCESSING SQL SERVER FROM IBM COGNOS BI SERVER. www.progress.com/datadirect
T U T O R I A L > ACCESSING SQL SERVER FROM IBM COGNOS BI SERVER TABLE OF CONTENTS Configure ODBC Data Source to SQL Server Reporting Database... 2 Restart the IBM Cognos 8 Service from the IBM Cognos
More informationData Access Guide. BusinessObjects 11. Windows and UNIX
Data Access Guide BusinessObjects 11 Windows and UNIX 1 Copyright Trademarks Use restrictions Patents Copyright 2004 Business Objects. All rights reserved. If you find any problems with this documentation,
More informationASP.NET Programming with C# and SQL Server
ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET Objectives In this chapter, you will: Connect to SQL Server from ASP.NET Learn how to handle
More informationConnecting to a Database Using PHP. Prof. Jim Whitehead CMPS 183, Spring 2006 May 15, 2006
Connecting to a Database Using PHP Prof. Jim Whitehead CMPS 183, Spring 2006 May 15, 2006 Rationale Most Web applications: Retrieve information from a database to alter their on-screen display Store user
More informationWhat? Me, Worry? I've Already Been Hacked. Haven't You?
What? Me, Worry? I've Already Been Hacked. Haven't You? David Maman Co-Founder, CTO GreenSQL Session ID: Session Classification: DSP-F43 General Interest #1 Global Security Challenge Sophisticated attacks:
More informationPHP Language Binding Guide For The Connection Cloud Web Services
PHP Language Binding Guide For The Connection Cloud Web Services Table Of Contents Overview... 3 Intended Audience... 3 Prerequisites... 3 Term Definitions... 3 Introduction... 4 What s Required... 5 Language
More informationNO SQL! NO INJECTION?
NO SQL! NO INJECTION? A talk on the state of NoSQL security IBM Cyber Security Center of Excellence Aviv Ron Alexandra Shulman-Peleg IBM AppScan Emanuel Bronshtein AVIV RON Security Researcher for IBM
More informationIBM DB2 XML support. How to Configure the IBM DB2 Support in oxygen
Table of Contents IBM DB2 XML support About this Tutorial... 1 How to Configure the IBM DB2 Support in oxygen... 1 Database Explorer View... 3 Table Explorer View... 5 Editing XML Content of the XMLType
More informationOracle PL/SQL Injection
Oracle PL/SQL Injection David Litchfield What is PL/SQL? Procedural Language / Structured Query Language Oracle s extension to standard SQL Programmable like T-SQL in the Microsoft world. Used to create
More informationHP OO 10.X - SiteScope Monitoring Templates
HP OO Community Guides HP OO 10.X - SiteScope Monitoring Templates As with any application continuous automated monitoring is key. Monitoring is important in order to quickly identify potential issues,
More informationOffice 365 and SharePoint Local File Share Synchronization
Office 365 and SharePoint Local File Share Synchronization Frank Daske Business Development Manager Layer2 30.03.2015 The Layer2 Cloud Connector can close many gaps and overcome limitations with Office
More informationImplementing the Shop with EJB
Exercise 2 Implementing the Shop with EJB 2.1 Overview This exercise is a hands-on exercise in Enterprise JavaBeans (EJB). The exercise is as similar as possible to the other exercises (in other technologies).
More informationWeb development... the server side (of the force)
Web development... the server side (of the force) Fabien POULARD Document under license Creative Commons Attribution Share Alike 2.5 http://www.creativecommons.org/learnmore Web development... the server
More informationWriting Scripts with PHP s PEAR DB Module
Writing Scripts with PHP s PEAR DB Module Paul DuBois paul@kitebird.com Document revision: 1.02 Last update: 2005-12-30 As a web programming language, one of PHP s strengths traditionally has been to make
More informationpset 7: C$50 Finance Zamyla Chan zamyla@cs50.net
pset 7: C$50 Finance Zamyla Chan zamyla@cs50.net Toolbox permissions HTML PHP SQL permissions use chmod in the Terminal to change permissions of files and folders chmod a+x folder folder executable by
More informationOracle Database: SQL and PL/SQL Fundamentals
Oracle University Contact Us: +966 12 739 894 Oracle Database: SQL and PL/SQL Fundamentals Duration: 5 Days What you will learn This Oracle Database: SQL and PL/SQL Fundamentals training is designed to
More informationSecurity and Control Issues within Relational Databases
Security and Control Issues within Relational Databases David C. Ogbolumani, CISA, CISSP, CIA, CISM Practice Manager Information Security Preview of Key Points The Database Environment Top Database Threats
More informationConfiguring an Alternative Database for SAS Web Infrastructure Platform Services
Configuration Guide Configuring an Alternative Database for SAS Web Infrastructure Platform Services By default, SAS Web Infrastructure Platform Services is configured to use SAS Framework Data Server.
More informationLayer2 Business Data List Connector for SharePoint
Layer2 Business Data List Connector for SharePoint Frank Daske Business Development Manager Layer2 Layer2 Successful for more than 20 years in the fields of SharePoint,.NET-programming and IT-Infrastructure
More informationDatabase Master User Manual
Database Master User Manual Copyright by Nucleon Software Database Master is a product by Nucleon Software. Table of Contents 1 Welcome to Database Master... 4 1.1 Supported Database Systems & Connections...
More information7- PHP and MySQL queries
7- PHP and MySQL queries Course: Cris*na Puente, Rafael Palacios 2010- 1 Introduc*on Introduc?on PHP includes libraries for communica*ng with several databases: MySQL (OpenSource, the use selected for
More informationHTSQL is a comprehensive navigational query language for relational databases.
http://htsql.org/ HTSQL A Database Query Language HTSQL is a comprehensive navigational query language for relational databases. HTSQL is designed for data analysts and other accidental programmers who
More informationAn Introduction to SQL Injection Attacks for Oracle Developers. January 2004 INTEGRIGY. Mission Critical Applications Mission Critical Security
An Introduction to SQL Injection Attacks for Oracle Developers January 2004 INTEGRIGY Mission Critical Applications Mission Critical Security An Introduction to SQL Injection Attacks for Oracle Developers
More informationOracle Database: SQL and PL/SQL Fundamentals
Oracle University Contact Us: 1.800.529.0165 Oracle Database: SQL and PL/SQL Fundamentals Duration: 5 Days What you will learn This course is designed to deliver the fundamentals of SQL and PL/SQL along
More informationQuerying Databases Using the DB Query and JDBC Query Nodes
Querying Databases Using the DB Query and JDBC Query Nodes Lavastorm Desktop Professional supports acquiring data from a variety of databases including SQL Server, Oracle, Teradata, MS Access and MySQL.
More informationDatabase Management System Choices. Introduction To Database Systems CSE 373 Spring 2013
Database Management System Choices Introduction To Database Systems CSE 373 Spring 2013 Outline Introduction PostgreSQL MySQL Microsoft SQL Server Choosing A DBMS NoSQL Introduction There a lot of options
More informationLinking Access to SQL Server
Linking Access to SQL Server Why Link to SQL Server? Whilst Microsoft Access is a powerful database program it has its limitations and is best suited to creating desktop applications for individual users
More informationRelease Bulletin EDI Products 5.2.1
Release Bulletin EDI Products 5.2.1 Document ID: DC00191-01-0521-01 Last revised: June, 2010 Copyright 2010 by Sybase, Inc. All rights reserved. Sybase trademarks can be viewed at the Sybase trademarks
More informationDownload: Server-side technologies. WAMP (Windows), http://www.wampserver.com/en/ MAMP (Mac), http://www.mamp.info/en/
+ 1 Server-side technologies Apache,, Download: Apache Web Server: http://httpd.apache.org/download.cgi application server: http://www.php.net/downloads.php DBMS: http://www.mysql.com/downloads/ LAMP:
More informationHow-To: MySQL as a linked server in MS SQL Server
How-To: MySQL as a linked server in MS SQL Server 1 Introduction... 2 2 Why do I want to do this?... 3 3 How?... 4 3.1 Step 1: Create table in SQL Server... 4 3.2 Step 2: Create an identical table in MySQL...
More informationExchanger XML Editor - Data Import
Exchanger XML Editor - Data Import Copyright 2005 Cladonia Ltd Table of Contents Data Import... 2 Import From Text File... 2 Import From Excel File... 3 Import From Database Table... 4 Import From SQL/XML
More information"SQL Database Professional " module PRINTED MANUAL
"SQL Database Professional " module PRINTED MANUAL "SQL Database Professional " module All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or
More informationUsing SAS ACCESS to retrieve and store data in relational database management systems
Using SAS ACCESS to retrieve and store data in relational database management systems Department of Biology Dalhousie University SHRUG meeting, February 23rd 2007 Disclaimer Background SAS is the only
More informationDavid M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation. Chapter Objectives
David M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation Chapter One: Introduction 1-1 Chapter Objectives To understand the nature and characteristics
More informationLog Analyzer Reference
IceWarp Unified Communications Log Analyzer Reference Version 10.4 Printed on 27 February, 2012 Contents Log Analyzer 1 Quick Start... 2 Required Steps... 2 Optional Steps... 3 Advanced Configuration...
More informationCS346: Database Programming. http://warwick.ac.uk/cs346
CS346: Database Programming http://warwick.ac.uk/cs346 1 Database programming Issue: inclusionofdatabasestatementsinaprogram combination host language (general-purpose programming language, e.g. Java)
More informationDatabase Security. Principle of Least Privilege. DBMS Security. IT420: Database Management and Organization. Database Security.
Database Security Rights Enforced IT420: Database Management and Organization Database Security Textbook: Ch 9, pg 309-314 PHP and MySQL: Ch 9, pg 217-227 Database security - only authorized users can
More information