80 likes | 93 Views
CSC3530 Software Technology. Tutorial Five Demo of assignment 1 & Technique used. Unique ID. In po_item, invoice_item, you need to have unique ID for each row record create sequence id_generate increment by 1 nomaxvalue nominvalue nocycle; insert into po_item(unique_id,…) values
E N D
CSC3530 Software Technology Tutorial Five Demo of assignment 1 & Technique used
Unique ID • In po_item, invoice_item, you need to have unique ID for each row record create sequence id_generate increment by 1 nomaxvalue nominvalue nocycle; insert into po_item(unique_id,…) values (id_generate.nextval,…);
Integrity Constraint • You can’t sell a product that you don’t have • You can’t purchase product from an unknown supplier • Method 1 • Use select statement to check whether the product code or supplier code exist in the table or not
Integrity Constraint • Method 2 • Use integrity constraint when creating table create table po_item ( unique_id integer, po_number varchar2(10), product_code varchar2(10), price number(12,2), qty integer, primary key (unique_id), foreign key (po_number) references po, foreign key (product_code) references product(code) );
Integrity Constraint • If you run $statement->execute, error will occur, base on this to prompt the user • Use GET instead of POST for debugging purpose • Use console mode to debug
Cookie $expires = "Wednesday, 31-OCT-01 16:00:00 GMT"; print "Set-Cookie: code=$code; expires=$expires;path=\n"; Or $cookie_staff=cookie(-name=>'code', -value=>"$ID", -domain=>'cse.cuhk.edu.hk', -path=>'/'); print header(-cookie=>$cookie_staff); • If you don’t set path, only the CGI program that place the cookie can read it.
Access Control • Not all staff can change the staff record • Use the staff ID stored in cookie, and rank in the staff table to enforce access control
Flow Web server/ CGI database browser Call login.cgi check Login process Place cookie Check if use login before/ access control Send cookie Some operation Other operation result