CSC3530 Software Technology

1
CSC3530 Software Technology

• Tutorial Five
• Demo of assignment 1
• Technique used

2
Unique ID

• In po_item, invoice_item, you need to have unique
  ID for each row record
• create sequence id_generate
• increment by 1
• nomaxvalue
• nominvalue
• nocycle
• insert into po_item(unique_id,) values
• (id_generate.nextval,)

3
Integrity Constraint

• You cant sell a product that you dont have
• You cant purchase product from an unknown
  supplier
• Method 1
• Use select statement to check whether the product
  code or supplier code exist in the table or not

4
Integrity Constraint

• Method 2
• Use integrity constraint when creating table
• create table po_item (
• unique_id integer,
• po_number varchar2(10),
• product_code varchar2(10),
• price number(12,2),
• qty integer,
• primary key (unique_id),
• foreign key (po_number) references po,
• foreign key (product_code) references
  product(code)
• )

5
Integrity Constraint

• If you run statement-gtexecute, error will occur,
  base on this to prompt the user
• Use GET instead of POST for debugging purpose
• Use console mode to debug

6
Cookie

• expires "Wednesday, 31-OCT-01 160000 GMT"
• print "Set-Cookie codecode expiresexpirespa
  th\n"
• Or
• cookie_staffcookie(-namegt'code',
• -valuegt"ID",
• -domaingt'cse.cuhk.edu.hk',
• -pathgt'/')
• print header(-cookiegtcookie_staff)
• If you dont set path, only the CGI program that
  place the cookie can read it.

7
Access Control

• Not all staff can change the staff record
• Use the staff ID stored in cookie, and rank in
  the staff table to enforce access control

8
Flow
Web server/ CGI
database
browser
Call login.cgi
check
Login process
Place cookie
Check if use login before/ access control
Send cookie
Some operation
Other operation
result