Lesson1 Flashcards
(35 cards)
What theorem outlines the basics of distributed systems?
CAP Theorem
The CAP Theorem states that it is impossible for a distributed system to simultaneously provide all three of the following guarantees: Consistency, Availability, and Partition Tolerance.
What are the components of SQL?
- DDL (Data Definition Language)
- DQL (Data Query Language)
- DML (Data Manipulation Language)
- TCL (Transaction Control Language)
- DCL (Data Control Language)
These components are essential for managing and manipulating relational databases.
What security issue can occur due to user input in SQL queries?
SQL Injection
SQL Injection occurs when an attacker is able to manipulate SQL queries by injecting malicious input.
What are the common causes of SQL injection?
- User input is not checked
- Complete SQL statements are sent to the server
- Permission problems
These causes highlight the importance of input validation and proper permission management.
How can SQL injections be avoided?
- Always validate your input
- Don’t send complete SQL statements to the server
- Use roles with correct permissions
These practices help secure SQL queries against injection attacks.
What is a Prepared Statement?
A pre-defined SQL statement with placeholders that is validated or escaped before execution.
Prepared Statements are used to enhance security and performance by preventing SQL injection.
What are the advantages of using Prepared Statements?
- Avoids SQL injection
- Improves performance by allowing multiple executions
Prepared statements are compiled once and can be reused, reducing overhead.
What SQL command is used to create a Prepared Statement in PostgreSQL?
PREPARE
The PREPARE command allows the creation of a prepared statement with specified parameters.
What is the purpose of Stored Procedures?
To execute independent programs that extend SQL’s functionality and improve performance.
Stored Procedures allow for complex operations and reduce communication overhead between client and server.
What is the difference between Stored Procedures and Stored Functions?
- Stored Procedures: Independent programs without a return type.
- Stored Functions: Can be used within SQL queries and return a value.
Both are stored in the database but serve different purposes.
What is PL/pgSQL?
PostgreSQL’s default procedural language for writing stored procedures and functions.
PL/pgSQL allows for control structures, variables, and loops, enhancing SQL capabilities.
How do you declare a variable in PL/pgSQL?
Using the DECLARE section with syntax: variable_name type [DEFAULT value];
Variables must be declared before being used in PL/pgSQL.
What is the purpose of the RETURN statement in functions?
To define a function’s result or to terminate the function without returning a value.
RETURN can also be used to yield results in PL/pgSQL.
What type of integrity does custom integrity refer to?
Application-dependent, complex constraints based on multiple conditions.
Examples include constraints on exam attempts or salary adjustments.
What is the syntax to create a Stored Procedure in PL/pgSQL?
CREATE [ OR REPLACE ] PROCEDURE <functionname>(<parameters>) AS \$\$ <functionbody> \$\$ LANGUAGE plpgsql;</functionbody></parameters></functionname>
The procedure can be executed manually using the CALL keyword.
What is the basic loop structure in PL/pgSQL?
LOOP … END LOOP;
This creates an endless loop that must be exited using a condition.
What is a trigger in the context of databases?
A database object that automatically executes a specified function in response to certain events.
Triggers can enforce complex integrity rules and automate tasks.
What is custom integrity in database management?
Custom integrity refers to specific rules that ensure data validity and consistency based on defined conditions.
Examples include enforcing maximum exam attempts or ensuring prerequisites for degree programs.
What is the role of application code in ensuring custom integrity?
Application code is used to enforce custom integrity rules directly within the application logic.
It is important to not trust client-side validation.
What are stored procedures and functions used for in custom integrity?
Stored procedures/functions are custom code used to ensure data integrity by executing complex logic on the database side.
An example is verifying bank transfer conditions.
What is a trigger in SQL?
A trigger is a stored function that automatically executes in response to certain events on a table.
Supported events include INSERT, UPDATE, and DELETE.
What types of events can trigger an action in SQL?
Triggers can respond to the following events:
* INSERT
* UPDATE
* DELETE
* TRUNCATE
TRUNCATE is specific to PostgreSQL and is a fast way to delete all rows.
What does the BEFORE trigger event do?
The BEFORE trigger is executed before the event operation to check conditions and potentially abort the operation.
Example: Checking if bank balance is sufficient for a transfer.
What does the AFTER trigger event do?
The AFTER trigger is executed after the event operation to perform additional actions, such as updating statistics.
This can improve performance by avoiding complex aggregations.
