Date post: | 05-Apr-2018 |
Category: |
Documents |
Upload: | roberto-carlos-guevara |
View: | 218 times |
Download: | 0 times |
of 49
8/2/2019 IDS and Open SOurce
1/49
Open Source and InformixDynamic Server
Jonathan LefflerIBM Information Management
L13
Thursday 11th
May 2006 10:00 11:10
A brief discussion of how to use IDS with a wide variety of Open Source languages
- Perl, Tcl/Tk, Python, PHP, etc.
8/2/2019 IDS and Open SOurce
2/49
2
Agenda
Open Source Connecting to IDS
Perl, DBI, and DBD::Informix
Tcl/Tk and isqltcl
PHP
Aubit 4GL
SQLCMD
SQSL
Python
Ruby
Projects marked with a star have separate presentations
8/2/2019 IDS and Open SOurce
3/49
3
Open Source
What is Open Source? Which rock have you been hiding under? Software released under an Open Source license
Conformant with the Open Source Definition Found at http://www.opensource.org/
Free Redistribution Source Code Derived Works Permitted No Discrimination Against People or Groups No Discrimination Against Fields of Endeavour Distribution of License
8/2/2019 IDS and Open SOurce
4/49
4
Open Source Licenses
There are many Open Source licenses GPL GNU Public License
LGPL Lesser GNU Public License
BSD Berkeley Systems Distribution
MIT Massachussetts Institute of Technology
MPL Mozilla Public License
Academic Free License
Open Software License
Nearly 60 licenses at the Open Source Initiative!
8/2/2019 IDS and Open SOurce
5/49
5
Informix Database Connectivity
ESQL/C The original connectivity. Standardized in SQL by ISO/IEC 9075:1992
ODBC Originally defined by Microsoft. Standardized (as CLI) by ISO/IEC 9075-3:1996.
JDBC Java analogue of ODBC. Standardized by Sun.
All of these are proprietary. But can be used with Open Source software.
8/2/2019 IDS and Open SOurce
6/49
6
ESQL/C
Preprocessor that converts extended C into pure C. Links with specific libraries.
Separates static and dynamic SQL. Even though Informix does not really do so.int main(void) {
EXEC SQL WHENEVER ERROR STOP;EXEC SQL DATABASE Stores;EXEC SQL BEGIN WORK;EXEC SQL DROP TABLE Customer;EXEC SQL ROLLBACK WORK;return(0);
}
8/2/2019 IDS and Open SOurce
7/49
7
ODBC
Database agnostic. Separates driver manager from drivers.
Different drivers can be loaded at run time.
You can avoid database-specific features.
But sometimes you want to use them.
All statements are dynamic.
De-emphasized by Microsoft
In favour of newer technologies
ADO, .NET
8/2/2019 IDS and Open SOurce
8/49
8
JDBC
Database agnostic.
Drivers have different levels of Java-ness.
Type 4: pure Java usually the best type to use.
The other way to connect in Java is ESQL/J.
Not widely accepted.
JDBC is the lingua franca of the Java database world.
8/2/2019 IDS and Open SOurce
9/49
9
Perl Practical Extraction and ReportLanguage
Originally written by Larry Wall Version 1.0 in 1987
Version 5.0 in 1994
Version 6 under development (2+ years so far)
Current stable version:
5.8.7 June 2005
Obtain via CPAN
Comprehensive Perl Archive Network
http://www.cpan.org/
8/2/2019 IDS and Open SOurce
10/49
8/2/2019 IDS and Open SOurce
11/49
8/2/2019 IDS and Open SOurce
12/49
8/2/2019 IDS and Open SOurce
13/49
Danger Danger Danger! SQL Injection Danger
Danger Danger!
If the code did not use $dbh->quote and embedded $name instead of $xname is asecurity breach (SQL injection exploit) ready to happen.
Consider what happens if user supplies a name value: X% OR fname != X OR
fname =
The query is now:
DELETE FROM Customer WHERE Lname LIKE %X% OR fname != X OR fname
= % AND ZipCode IS NULL
This is going to delete most rows from the table most likely, all
rows.
Use $dbh->quote($name)
8/2/2019 IDS and Open SOurce
14/49
14
Danger SQL Injection
What happens if the code is written as: $sth = $dbh->prepare(qq{ DELETE FROM Customer WHERE
Lname LIKE %$name% AND ZipCode IS NULL });
This is a security breach ready to happen
SQL injection exploit.
What happens if the user enters this name:
X% OR fname != X OR fname =
8/2/2019 IDS and Open SOurce
15/49
15
Danger SQL Injection
The query is now: DELETE FROM Customer WHERE Lname LIKE %X% OR
fname != X OR fname = % AND ZipCode IS NULL
This deletes all (most) rows from the table!
Use $dbh->quote($name) if you must.
Better to use placeholders (?) in the SQL $sth = $dbh->prepare(qq{ DELETE FROM Customer WHERE
Lname LIKE ? AND ZipCode IS NULL });
SQL Injection is a serious problem in many systems it is not peculiar to Perl or
IDS.
8/2/2019 IDS and Open SOurce
16/49
8/2/2019 IDS and Open SOurce
17/49
8/2/2019 IDS and Open SOurce
18/49
8/2/2019 IDS and Open SOurce
19/49
19
Tcl/Tk and isqltcl
Tcl Tool Control Language Invented by John Ousterhout
Tk Tool Kit (GUI)
Tcl/Tk at http://www.tcl.tk/
Current version 8.4.12 December 2005.
isqltcl Informix SQL access via Tcl.
Available at http://isqltcl.sourceforge.net/
Version 5.0 released February 2002.
Builds into dynamically loadable shared library
8/2/2019 IDS and Open SOurce
20/49
20
Tcl/Tk Extensions
Tcl/Tk is designed to be easily extended Many extensions available for all jobs
For example Expect
Designed to handle scripting of processes
Used for automating testing
ftp://expect.nist.gov/
And many more...
8/2/2019 IDS and Open SOurce
21/49
21
Loading ISQLTCL
Load the ISQLTCL extension load isql.so
Adds the command sql to Tcl/Tk
tclsh
wish
8/2/2019 IDS and Open SOurce
22/49
22
ISQLTCL Connections
Connect to a database sql connect dbase as conn1 user \ $username
password $password
Connect to given database
sql disconnect \ [current|default|all|conn1]
Close database connection
sql setconnection [default|conn1]
Sets the specified connection
8/2/2019 IDS and Open SOurce
23/49
23
ISQLTCL Statements
Executable statements Statements that return no data
sql run {delete from sometable
where pkcol = ?} $pkval
Prepares and executes the statement
Optionally takes a number of arguments for placeholders
Returns zero on success; non-zero on failure
8/2/2019 IDS and Open SOurce
24/49
24
ISQLTCL Cursors
SELECT, EXECUTE PROCEDURE set stmt [sql open {select * from
sometable}]
Does PREPARE, DECLARE, and OPEN
Returns a statement number (id) or a negative error
Optionally takes arguments for placeholders
set row [sql fetch $stmt 1]
Collects one row of data
As a Tcl list in the variable row
The 1 is optional and means strip trailing blanks
The list is empty if there is no more data
8/2/2019 IDS and Open SOurce
25/49
25
ISQLTCL Cursors
sql reopen $stmt ?arg1? ?arg2?
Reopens the statement, with new parameters
sql close $stmt
Indicates you have no further use for the statement
It frees both the cursor and statement!
8/2/2019 IDS and Open SOurce
26/49
26
What is PHP?
Hypertext Processor Was once Personal Home Page
Version 4.4.1 released October 2005 Version 5.0.5 released September 2005 Version 5.1.1 released November 2005 An HTML scripting language
Server-side Cross-platform Embedded in HTML documents Extensible
8/2/2019 IDS and Open SOurce
27/49
27
What is PHP?
Built into the Apache Web Server Using DSO (dynamic shared objects)
mod_php
Or as a CGI binary
With any web server
PHP has a reputation for being insecure. Largely a question of how it is used. See PHP Security Consortium
http://phpsec.org/
8/2/2019 IDS and Open SOurce
28/49
28
What is PHP?
Built-in access to: Email XML HTTP (cookies, sessions)
And databases: ODBC
DB2, Adabas-D, Empress, Solid, Velocis
mSQL, MySQL, PostgreSQL Sybase, Oracle Informix
8/2/2019 IDS and Open SOurce
29/49
29
What is PHP?
IBM also provides modern PDO drivers
PDO PHP Data Objects
PHP analogue of Perl DBI
Article on DeveloperWorks
http://tinyurl.com/eycg2
For DB2
Via PDO_ODBC
For IDS (beta version 0.2.1)
http://pecl.php.net/package/PDO_INFORMIX
8/2/2019 IDS and Open SOurce
30/49
30
Informative PHP Script
PHP Information
8/2/2019 IDS and Open SOurce
31/49
31
Old Informix Driver
Code provided as standard part of PHP. But not maintained for several years.
Must be explicitly compiled into PHP.
30 core functions.
8 functions to manipulate SBLOBs.
8/2/2019 IDS and Open SOurce
32/49
32
Old Informix Driver
Connection management ifx_connect ifx_pconnect ifx_close
Basic Operations ifx_prepare ifx_query ifx_fetch_row ifx_do ifx_free_result
8/2/2019 IDS and Open SOurce
33/49
33
Old Informix Driver
Status and Error Handling ifx_getsqlca
ifx_error
ifx_errormsg
ifx_affected_rows
Attribute Queries
Blob handling
Utility functions
ifx_htmltbl_result
8/2/2019 IDS and Open SOurce
34/49
34
New Informix Driver
Accessed via PDO functions See: http://www.php.net/pdo
8/2/2019 IDS and Open SOurce
35/49
35
Python and InformixDB
http://www.python.org/
Version 2.4 November 2004.
InformixDB under active development
Maintainer: Carsten Haese
Python DB-API 2.0 compliant
Requires Python 2.2 or better
Needs Informix ClientSDK
8/2/2019 IDS and Open SOurce
36/49
36
Python and InformixDB
import informixdb
conn = informixdb.connect(test, informix, pw)
cur = conn.cursor()
cur.execute(create table test1(a int, b int))
for i in range(1,25):
cur.execute("insert into test1 values(?,?)", (i, i**2))
cur.execute("select * from test1")
for row in cur:
print "The square of %d is %d." % (row[0], row[1])
8/2/2019 IDS and Open SOurce
37/49
37
Aubit 4GL Open Source 4GL
99% Informix 4GL Compatible BODR=Business Oriented, Database Related
Task-focussed language
Embedded SQL for database access High productivity, easy to learn
Licensed under GPL/LGPL Includes 4GL-based Open Source software For commercial and non-commercial applications
8/2/2019 IDS and Open SOurce
38/49
38
Aubit 4GL New to 4GL?
MAINMENU "Title for my test menu"COMMAND "Impress Me" "Do something to impress me
HELP 126CALL OpenMyWindow()
COMMAND "Exit" "Exit this menu" HELP 127EXIT MENU
END MENUEND MAIN
FUNCTION OpenMyWindow()OPEN WINDOW MyTestWindow AT 2,3 WITH FORM"FormForMyTestWindow" ATTRIBUTE(BORDER, WHITE)
END FUNCTION
Think about amount of code to achieve same functionality in 3GL!
8/2/2019 IDS and Open SOurce
39/49
39
Aubit 4GL Features
Database independent ODBC, native, ESQL/C
Fully modular (plug-in) architecture User interface independent
GUI and Curses modes
Platform independent (POSIX, UNIX, Windows)
Easy to embed 3GL in 4GL Embedded C code
8/2/2019 IDS and Open SOurce
40/49
40
Aubit 4GL Enhancements
Logical Reports
ASQL dbaccess/isql replacement
Flexible key mapping
Print Screen functions
Fully integrated testing hooks (including key recordingand replay for batch jobs)
Dynamic function calls (like perl ::)
8/2/2019 IDS and Open SOurce
41/49
41
Aubit 4GL Web Sites
Web site http://aubit4gl.sourceforge.net Bug Tracker http://www.aubit.com/mantis
Bulletin board http://www.aubit.com/phpBB
Commercial support http://www.aubit.com
Current version: 0.50-2 dated 2005-06-22
8/2/2019 IDS and Open SOurce
42/49
42
SQLCMD
Originally called RDSQL in 1987. Renamed SQLCMD in 1992.
Intended as an alternative to isql.
Before DB-Access was created.
Designed for use in shell scripts.
Exits with non-zero status on error.
Careful use of standard input, output, error.
Output layout independent of selected data.
Designed for interactive use.
Available from the IIUG Software Archive.
8/2/2019 IDS and Open SOurce
43/49
43
SQSL Structured Query ScriptingLanguage SQSL is a scripting language
Created by Marco Greco
Superset of SQL
Features aimed at scripting, reporting, and simple ETL
Lets a DBA perform daily activities as easily as possible
8/2/2019 IDS and Open SOurce
44/49
44
SQSL Structured Query ScriptingLanguage It has a low learning curve:
Language features should be familiar To anyone with experience of SQL, SPL, Informix 4GL or Bourne
shell
It includes flow-control operations
It has a curses-based full-screen mode Like DB-Access
http://www.4glworks.com/sqsl.htm
8/2/2019 IDS and Open SOurce
45/49
45
Ruby
http://www.ruby-lang.org/
Version 1.8.3 September 2005.
No known Informix support
Lots of different database support packages.
No unifying concept like DBI or PDO.
See also Ruby on Rails
http://www.rubyonrails.com/
8/2/2019 IDS and Open SOurce
46/49
46
IIUG Software Archive
http://www.iiug.org/software
Many useful utilities
Art Kagels utils2_ak package
Generate UPDATE STATISTICS statements
DB-Copy
Stored Procedure Libraries
Example DataBlades
4GL Code Generators
8/2/2019 IDS and Open SOurce
47/49
47
http://www.ibm.com/software/data/informix
http://www.iiug.org/software
8/2/2019 IDS and Open SOurce
48/49
48
http://www.ibm.com/software/data/informix
http://www.iiug.org/software
8/2/2019 IDS and Open SOurce
49/49
49
Jonathan LefflerIBM Information Management
Session L13Open Source and Informix Dynamic Server