PDO Improvements
PDO is not a total abstraction layer, and improvements in PDO are being made.
Please refer
http://wiki.php.net/rfc/pdov1
48 publicly visible posts • joined 20 Jun 2006
To add quoting in a SELECT query PHP Zend framework provides the Zend_Db_Select class, which automatically adds the quoting. PHP Zend framework also provides the quote(), quoteInto(), and quoteIdentifier() functions to add quotes.
http://framework.zend.com/manual/en/zend.db.html#zend.db.adapter.quoting
To add quoting replace:
$where[] = "ID ="."'".$_POST['id']."'";
with:
$id=$db->quote($_POST['id']);
$where[] = "ID ="."'".$id."'";
PHP Zend framework has corporate support and follows the PHP best practices.IBM and Google have contributed to PHP Zend framework.
"..Zend's is the first framework with support from a corporate entity and relevant contributions from companies like IBM and Google..".
http://www.infoworld.com/article/07/06/27/zend-framework_1.html
http://www.informationweek.com/software/showArticle.jhtml?articleID=200000468
If a directory is stored directly in a dataabse the directory information would have to be mapped to multiple databases. Also the directory service provides attributes, which facilitiate update and search of directory information. The alternative is using the WHERE cluases in SQL statements to update and search.
Please also refer "LDAP vs relational database", which is for OpenDS, but most of the advantages also apply to OpenLDAP. Both OpenDS and OpenLDAP directory servers are based on the embedded Berkeley DB database.
http://blogs.sun.com/treydrake/entry/ldap_vs_relational_database
Oracle Database 11g new features document specifies :
"Oracle Database 11g is compliant with JDBC 4.0 and Java SE 5.0 for the JDBC drivers and Oracle Java Virtual Machine (JVM)."
http://www.oracle.com/technology/products/database/oracle11g/pdf/database-11g-new-features-whitepaper.pdf
But, Oracle Dataabse does not actually support all the JDBC 4.0 features such as SQLXML.
The article mentions "...SOAP which stands for Simple Object Access Protocol."
SOAP is not an acronym since SOAP 1.2.
"In previous versions of this specification the SOAP name was an acronym."
http://www.w3.org/TR/2001/WD-soap12-part1-20011217/
Some corrections:
1. In section An Application Service "EJB 3.9 Tutorial" should be "EJB 3.0 Tutorial".
2. JBoss is referred to as JBos.
Finally, why are you embedding your HTML generation in the controller instead of putting it where it belongs, in views?
According to the observe_field method, the :update option specifies the DOM ID of the element whose innerHTML should be updated with the XMLHttpRequest response text.
The HTML is returned by the controller class.
Your finder there is completely terrible. It's vulnerable to a SQL injection attack. Instead, you want Catalog.find_all_by_section(params[:section]); that is cleaner and requires no SQL.
The following method may also be used.
Catalog.find(:all, :conditions => ["section = ?", @section])
Furthermore, why isn't this in the context of a full Rails app? Why do you manually establish the ActiveRecord connection in the model?
Establishing a connection in the model class is not required as the database.yml connection parameters are used by default to establish a connection. The connection is established in the model class to demonstrate establish_connection and set_table_name. A different table than "catalogs" may be specified and a connection with a different database or as a different user may be established.
Finally, why are you embedding your HTML generation in the controller instead of putting it where it belongs, in views?
The HTML may be included in the view instead of the controller class.
The MySQL Adapter for Ruby on Rails might generate some errors.
http://wiki.rubyonrails.org/rails/pages/MySQL+Database+access+problem
If password= nil generates an error, use password= . Or, create a database instance with a password for the root user. By default root does not require a password.
Matthew,
Different finder methods are available. Dynamic finders may be used as you suggested. The result set for a section may be obtained by any of the following methods.
Catalog.find(:all, :conditions => ["section = ?", @section])
Catalog.find_all_by_section(@section)
Catalog.find_by_sql("SELECT * from catalogs WHERE SECTION='"+@section+"'")
Deepak
I have used WebLogic, JBoss to deploy J2EE applications.
WebSphere deployment descriptors for EJBs requires WebSphere Studio to develop and are not as easy to develop as the WebLogic deployment descriptors.
For a comparison of WebSphere-WebLogic please refer
http://websphere.sys-con.com/read/45682.htm
Ajax book covers the Ruby on Rails with Ajax, but does not cover some other Ajax topics such:
1. AjaxTags- are used in a JSP page to send an Ajax request.
http://ajaxtags.sourceforge.net/
2. Ajax4JSF-integrates Ajax with JSF.
https://ajax4jsf.dev.java.net/nonav/ajax/ajax-jsf/
Some of the Ruby on Rails topics are not covered in the Ruby for Rails book. The book is mainly about Ruby (for Rails) rather than Ruby on Rails. Web Services with Ruby on Rails, creating PDF/Excel reports with Ruby on Rails, and using Ruby on Rails in Eclipse are some of the Ruby on Rails topics not covered.
The 'XML' data type is a new data type in SQL:2003 standard.
The 'XML' data type is just like any other SQL data type such as VARCHAR. A complete XML document is stored in the 'XML' type column. The database is still of a relational database type. Just like SQL data type VARCHAR maps to the Java data type java.lang.String, the 'XML' SQL data type maps to Java type java.sql.SQLXML.
A relational model is based on relvar, attribute, and tuple.
The corresponding structures in a relational database are table, column, and row. Adding a column of type 'XML' does not alter the relational model of the database.
However, at the column storage level the XML Infoset may be stored in a format other than the relational model.
As discussed by Philip Howard in a tutorial,On IBM and native XML(http://www.channelregister.co.uk/2005/04/06/ibm_db2_xml_native_storage/):"A datatype definition is, in essence, the definition of a mapping from the physical storage mechanisms used by the database to the logical representation of that data, so that it can be recognised and used automatically by standard database facilities such as the optimiser. When you define a new datatype you only create a new mapping, you do not impact the underlying storage mechanisms used by the database. Thus the fact that you have an XML datatype does not mean that the data is stored in XML format – it is still stored using whatever physical mechanisms are employed by that database."
However, the 'XML' data type does not specify the physical storage model for XML. As discussed in the tutorial: XML and Relational Database Management Systems: the Inside Story(http://portal.acm.org/citation.cfm?id=1066157.1066298): "The logical data model on which the XML datatype is based does not specify any particular organization for physical storage. In addition, access aids such as indexes may be created to improve query performance. Index creation and maintenance are more complex in a native XML system than in a pure relational system, since the XML data model is less constrained than the relational data model. XML indexes may support access to data at various levels of the element hierarchy, and the objects indexed may vary in cardinality and datatype."
Conclusion: At the database level the 'XML' data type does not alter the relational model of the database. At the column storage level the XML Infoset may be stored in a format other than the relational model.
JDK 6.0 includes support for JDBC 4.0, which has some new features:
1. DataSet. A DataSet is a parametrized type interface for the data returned by an SQL query.
2.Support for new data types. Support for database data types NCHAR, NVARCHAR, LONGNVARCHAR, and NCLOB has been added.
3.SQL 2003 XML Data Type Support.The SQL 2003 supports a new data type, ‘XML’, for storing XML documents. SQLXML is the Java mapping for the database type ‘XML’.
4. Automatic driver loading.
None of the databases provide a JDBC driver for the JDBC 4.0 specification yet. And few of the databases support the 'XML' data type. SQL Server 2005 and DB2 9 support the 'XML' data type.
The JWSDP 2.0 version of JAXB 2.0 is used, so that JAXB may be used with other web services APIs. JWSDP 2.0 contains JAXB 2.0 EA3. Between JAXB 2.0 ea3 and JAXB 2.02 a few bug fixes and features have been added.
For notable changes between JAXB 2.0 ea 3 and JAXB 2.02 please refer
https://jaxb.dev.java.net/nonav/2.0.2/docs/changelog2.html
JAXB 2.02 may also be used separately as suggested by Kohsuke Kawaguchi.
The JAXB 2.0 implemenetation in JWSDP 2.0 or Project GlassFish is recommended if other web service APIs(the "integrated stack") are also used.
"The current release of Java Web Services Developer Pack, Version 2.0, contains the new JAX-WS 2.0 EA, JAXB 2.0 EA, and SAAJ 1.3 EA implementations, the "integrated stack" for Web services. These components are now available as FCS-quality releases in Project GlassFish. These three components represent a new architecture that establishes more logical relationships between Web services description, data binding, and SOAP attachment processing. The result is that deploying Web services with the integrated stack is easier, more efficient, and more reliable."
http://java.sun.com/webservices/jwsdp/index.jsp
JBoss application server is more suited to be integrated with Eclipse IDE than NetBeans.
1. Eclipse is more commonly used than NetBeans.
2. Both Eclipse and JBoss are open source.
3. JBoss provides a plugin for Eclipse; JBoss IDE for Eclipse.
http://www.jboss.org/products/jbosside
Packaging JBoss with NetBeans limits the choice of Java IDEs.
In the Java 6 Platform Revealed book JAXB 2.0 is not listed in the Table of Contents. Support for JAXB 2.0 is a new feature in JDK 6.0.Support for StAX is also mentioned just as a package listing. A chapter on StAX and JAXB 2.0 would be suitable. Also the new Java data type SQLXML should be listed.
PHP has advantages over JDBC in accessing a database.
1. PHP is designed for web applications. A datasource does not have to be configured with a database in an application server.
2. PHP is relatively simpler than JDBC.
3. PHP web applications are faster to develop than a J2EE application.
4. PHP has higher performance than JDBC.
For further reference:
http://www.zend.com/zend/art/php-over-java.php?article=php-over-java&kind=aphp&id=949&open=1&anc=0&view=1
I apologize for some paraphrasing, which was meant to provide a summary reference to the PHP/DB2 extension functions. Some of the comments on the PHP/DB2 -I article are not correct. PHP requires some processing on the web browser and the PHP DB2 extension has some advantages over the PDO extension.
The statement "PHP scripts may be included in HTML and don't need compilation and they run on most web browsers." implies that most web browsers encode data for PHP to decode on server side.
For example, consider a form element as shown in following code snippet; the web browser urlencodes $data to be sent to the server and on the server side the PHP script urldecodes the $data.
<?php
echo "<input type='hidden' value='" . htmlspecialchars($data) . "' />\n";
?>
Also refer
http://ca.php.net/manual/en/faq.html.php
Thanks for the correct link to the PHP DB2 documentation.
http://www.php-editors.com/php_manual/ref.ibm-db2.html
The article explains some of the commonly used PHP DB2 functions. Alternatively, a developer would refer to the documentation for which functions to use.
As for "A better introduction would have included a section on why to use DB2 as opposed to some other DB."
PHP provides extensions for various databases such as Oracle, SQL Server, DB2, MySQL, PostgreSQL, Informix. The choice of DB2 is arbitary. Procedure for other databases is similar.
As for "and a general discussion of how to go about using the ibm_db2 extension."
The next of PHP DB2 article explains the procedure to use the IBM DB2 extension.
"A statement of the actual goal of the tutorial would be a good thing as well."
The goal of the tutorial is to introduce PHP in general and explain the procedure to use the PHP DB2 extension.
"Also, you should never routinely give users the grant privilege, since this is a gaping security hole, especially in a web application. In most situations, only the MySQL root user needs to have grant privileges."-David
The MySQL documentation has examples of creating a user other than root which includes granting the Grant option to user.
http://dev.mysql.com/doc/refman/5.0/en/adding-users.html
If GRANT option is not required the GRANT statement to create a MySQL user would be:
GRANT ALL PRIVILEGES ON test TO 'mysql'@'localhost'
IDENTIFIED BY 'mysql'
Also, you should never routinely give users the grant privilege, since this is a gaping security hole, especially in a web application. In most situations, only the MySQL root user needs to have grant privileges.
The MySQL documentation has examples of creating a user other than root which includes granting the Grant option to user.
http://dev.mysql.com/doc/refman/5.0/en/adding-users.html
If GRANT option is not required the GRANT statement to create a MySQL user would be:
GRANT ALL PRIVILEGES ON test TO 'mysql'@'localhost'
IDENTIFIED BY 'mysql'