DT228/3 Web Development Databases. Querying a database: Partial info Search engines, on-line...
27
DT228/3 Web Development Databases
-
Upload
shannon-evans -
Category
Documents
-
view
214 -
download
0
Transcript of DT228/3 Web Development Databases. Querying a database: Partial info Search engines, on-line...
DT228/3 Web Development
Databases
Querying a database: Partial info
• Search engines, on-line catalogues often need to allow user to search a database using partial information
• e.g. First name begins with “A” , surname contains “mc”
• In SQL, use the LIKE keyword and wildcard characters (%, _)
• SQL Examples of partial searches
Search * From Customers WHERE FirstName LIKE “Jon%”
Search * from Customers WHERE LastName LIKE “Sm_th”
Querying a database: Partial info
• To implement in JSTL, need to just incorporate the LIKE keyword and the wildcard characters
• Example:<sql:query var = “nameResult” dataSource = “S{customerDb}” SELECT FirstName, LastName FROM Customers WHERE FirstName LIKE ? AND LastNAME LIKE ? <sql:param value = “${param.firstName}%”>/
<sql:param value = “%${param.lastName}%”>/ <sql:query>
• Will return all rows from Employee table where first name begins with firstName parameter and last name contains value of lastName parameter
• In the example, saw that query result is put into a variable
Processing result of a query
<sql:query var = “nameResult” …. etc
• This variable will contains the results set (a set of rows) of the query
• This variable is of type Result (javax.servlet.jsp.jstl.sql.Result class ) and has a number of properties that can be used to process the result
• When a query is run, need to be able to process the results e.g. to display rows back as a HTML table
Properties for Result interface
• rows
• rowCount
• columnNames
• limitByMaxRows
• rowsByIndex
Processing result of a query
• Rows returned by the query (array of column names and values)
• Number of rows in the result
• Array of column names
• boolean. true if Result was truncated due to maxRows attribute
• Rows return by the query, as arrays(rows/columns) of indexes
Processing result of a query: example
• To display back a list of customer names in a HTML table as a result of previous query:
<sql:query var = “nameResult” etc
• Want to display back on web page:First name Last nameJohn MurphySylvia McAllisterTom Jones
etc
•Need to display column names, followed by row results… with appropriate HTML tags <tr>, <th>, <td> etc
<table> <tr> <th> First name /<th> <th> Last name /<th> </tr><c:forEach items = “${nameResult.rows}” var = “row” <tr> <td> <c:out value = “$row.FirstName}” />
<td> <td> <c:out value = “$row.LastName}” />
<td> </c:forEach></table>
Processing result of a query: example
Rows from nameResult
Property “rows”is used
Assignany variable
name to accessthe columns
Query: Code sample – outputs all rows on a table
to a html page<%-- Queries a user table (customers) and returns a list of names --%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %><%@ taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql" %>
<%-- queries a table and outputs the results --%><%-- Note: this example DOESN’T use DSNs --%> <sql:setDataSource
var ="shopDb" scope = "session" driver = "sun.jdbc.odbc.JdbcOdbcDriver"url = "jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=c:\\test\Labdb.mdb"
/>
<%-- Selects username and address details from user table for all rows --%> <sql:query var="userList" scope="request" dataSource = "${shopDb}"> SELECT UserName, Address1 FROM Customers </sql:query> <c:choose> <c:when test = "${userList.rowCount ==0}"> Sorry, there are no customers on the </c:when> <c:otherwise> Here is the list of customers <br> <table border="1"> <th>User name</th> <th>Address</th>
Query: Code sample – outputs all rows on a table
<c:forEach items="${userList.rows}" var="row"> <tr> <td><c:out value="${row.UserName}" /></td> <td><c:out value="${row.Address1}" /></td> </tr> </c:forEach> </table> </c:otherwise> </c:choose>
Query: Code sample – outputs all rows on a table
Updating a database• To update database information, can use INSERT,
UPDATE or DELETE
• Use the <sql:update> is used for any SQL statement that doesn’t return rows -- it is used for INSERT, UPDATE, DELETE
• <sql:update> specification on page 148 of jstl specificaiton document
• <sql:update> has three attributes: sql (= sql statement), var (for result) and scope
• Uses ? and <sql:param> to assign parameter values in same way as <sql:query>
Updating a database
Reminder --- SQL statements are of the form:…
INSERT
INSERT INTO CUSTOMERS (customer_ID, name, phone)VALUES (5, “JOHN”, “875895”)
UPDATE
UPDATE CUSTOMERS SET NAME = “Robert” WHERE CUSTOMER_ID = 1
DELETE
DELETE FROM CUSTOMERS WHERE CUSTOMER_ID = 2
INSERT• To INSERT a new record on a table called
Customers
• Example:<sql:update> INSERT INTO Customers (UserName, Password, FirstName, LastName,DateofBirth) VALUES (?, ?, ?, ?, ?) <sql:param value = ${param.userName}” /> <sql:param value = ${param.Password}” /> <sql:param value = ${param.FirstName}” /> <sql:param value = ${param.LastName}” /> <sql:dateParam value = ${parsedDateofBirth}” type =
“date”/></sql:update>
Table name
Column names
Column values
• Place holders (?) for column values are filled up by request parameters (I.e. very unlikely to be hardcoded!)
• Request parameters are matched against the ?s in the order they appear
• Add in the datasource name into the statement
INSERT
•Note: setting a column that contains date or time – need to use a special tag action called <sql:dateParam> because of JDBC API quirk (requires specific JDBC data and time types).
•Also, if database table contains columns that are numeric (e.g. INT, REAL etc), may need to use the <fmt:parseNumber> action to convert a string request parameter
Data conversion
UPDATE• To update database row(s), simply use the UPDATE
statement in the SQL statement
• example: to update password, firstname and lastname on the row(s) in the Customer table where userName matches that held in the username request parameter. <sql:update>
UPDATE Customers SET Password = ?, FirstName = ?
LastNAme = ? WHERE UserName = ? <sql:param value = ${param.Password}” /> <sql:param value = ${param.FirstName}” /> <sql:param value = ${param.LastName}” />
<sql:param value = ${param.UserName}” /></sql:update>
DELETE• To update database row(s), simply use the
UPDATE statement in the SQL statement
• example: To delete all rows from the Customer table where the username matches that held in the userName request parameter.
<sql:update dataSource = ….whatever..>DELETE FROM CustomersWHERE UserName = ?, <sql:param value = ${param.userName}” /></sql:update>
Example of a simple search application that allows a user to search for an employee using a form (search.html). The search is processed by find.jsp, andpresented back by list.jsp**
** Separates presentation from business logic/request processing
Sample code: find.jsp
<%@ taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql" %>
<sql:setDataSource var ="empDb" scope = "session"
driver = "sun.jdbc.odbc.JdbcOdbcDriver" url = "jdbc:odbc:employeedb" />
<sql:query var="empList" scope="request" dataSource = "${empDb}"> SELECT * FROM Employees WHERE FirstName LIKE ? AND LastName LIKE ? AND Department LIKE ? ORDER BY LastName <sql:param value="%${param.firstName}%" /> <sql:param value="%${param.lastName}%" /> <sql:param value="%${param.dept}%" /></sql:query><jsp:forward page="list.jsp" />
connect to the databasewith appropriate driver
Results of querymust be available during the
full request (in order to send result on to another page)
Forward controLto list.jsp to
display results
Sample code – search.html
<html> <head> <title>Search in Employee Database</title> </head> <body bgcolor="white">
Please enter information about the employee you're looking for. You can use partial information in all fields.
<form action="find.jsp" method="get"> <table> <td>First Name:</td> <td><input type="text" name="firstName"> </td> </tr> <tr> <td>Last Name:</td> … ETC ETC….. rest of form </body></html>
Calls find.jsp
List.jsp displays the rows found. If not row found, displays an error
Sample code – list.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %><%@ taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql" %>
<html> <head> <title>Search Result</title> </head> <body bgcolor="white">
<c:choose> <c:when test="${empList.rowCount == 0}"> Sorry, no employees were found. </c:when> <c:otherwise> The following employees were found: <p> <table border="1"> <th>Last Name</th> <th>First Name</th> <th>Department</th>
The name of the query
Sample code – list.jsp
<c:forEach items="${empList.rows}" var="row"> <tr> <td><c:out value="${row.LastName}" /></td> <td><c:out value="${row.FirstName}" /></td> <td><c:out value="${row.Department}" /></td> </tr> </c:forEach> </table> </c:otherwise> </c:choose> </body></html>
The name used by the developerto access the contents of each row.The used as row.LastName… etc
Common errors
• Not specifying the datasource in your SQL command (get “database null” error in Apache when running)
• Using wrong number of parameters in SQL action
• When Specifying the dataSource name in a SQL statement, need to put it as an expression in ${ } ... otherwise, it will take the exact name in the “ “ and use it. Get an error, no suitable driver if you do this wrong.
• Scope: Make sure the scope on the SQL statement is correct, so that the connection or SQL statement results carry through to the required pages.
Tags used
• <sql:setDataSource>• <sql:query>• <sql:update>
Database access using JSLT
• Usually used for simple applications
• Can use java beans or servlets for database access for more complex applications
Info on JSTL
Sun tutorial. Chapter 14 is on JSTL at:
http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html
Contains examples
Also, Sun’s JSTL 1.0 tag specification on distrib. Good for definition of each tag. Poor on examples
