Chapter 6: Advanced SQL

Textbook: Chapter
5

Modified from: Database System Concepts, 6th Ed.

©Silberschatz, Korth and Sudarshan
See www.db-book.com for conditions on re-use
Accessing SQL From a Programming
Language
Why do we need to access general-purposed
programming language
◦ Not all queries can be expressed in SQL
◦ None declarative action such as printing a report or
sending queries results to graphical user interface
program to interact with a database server
API (application-program interface) for a program
to interact with a database server
Application makes calls to
◦ Connect with the database server
◦ Send SQL commands to the database server
◦ Fetch tuples of result one-by-one into program
variables
Accessing SQL From a Programming
Language
How to access general-purposed programming language :
◦ Dynamic SQL where general purposed program can connect to the
DB server using collection of function/ methods. The dynamic SQL
allows the program to construct an SQL query as character string at
runtime, submit the query then retrieve the results in a program
variable a tuple at a time.
◦ Embedded SQL the SQL statements are identified at compile time
using a preprocessor. The preprocessor submit the SQL statement
for precompilation and then replaces the SQL statement in the
application program with proper code and function calls before
invoking the programing language complier
Various tools:
◦ JDBC (Java Database Connectivity) works with Java
◦ ODBC (Open Database Connectivity) works with C, C++, C#, and
Visual Basic. Other API’s such as ADO.NET sit on top of ODBC
◦ Embedded SQL
Dynamic vs. Embedded SQL
Dynamic SQL Embedded SQL

code Code with embedded

SQL

Compiler Preprocessor code

Compiler
binary

binary
Library

Library

DBMS DBMS
Java overview
Class is a template that include a mean to create
an object when user ask for new instance and
specifies the parameter, method and variable
An object is an instance of class
A method is invoked(called) on object using this
format:
● objectName.methodName(paramters)
Static method are invoked(called) on class
● ClassName.methodName
Java class are included in a package that one can
import to access the class using import
statement
JDBC
JDBC is a Java API for communicating with
database systems supporting SQL.
JDBC supports a variety of features for querying
and updating data, and for retrieving query
results.
JDBC also supports metadata retrieval, such as
querying about relations present in the
database and the names and types of relation
attributes.
Model for communicating with the database:
◦ Open a connection
◦ Create a “Statement” object
◦ Execute queries using the statement object to send
queries and fetch results
◦ Exception mechanism to handle errors
JDBC- Get Connection and
create a statement object and
You need a connection string in form of URL
Basic Syntax
jdbc:<driverprotocol>:driver connection detail
Example
Dabase JDBC URL
Oracle jdbc:oracle:thin@myserver:1521:univdb
MySQL jdbc:mysql://localhost:3306/univdb
PostgreSQL jdbc:postgresql://localhost/univdb

Connection conn=DriverManager.getConnection(URL ,useid, pwd);

Create a statement object that is used to execute SQL
query
Statement stmt = conn.createStatement();
JDBC Code
public static void JDBCexample(String dbid, String userid, String passwd)
{
try {
Class.forName ("oracle.jdbc.driver.OracleDriver"); // load driver
Connection conn = DriverManager.getConnection( // connect to server
"jdbc:oracle:thin:@db.yale.edu:2000:univdb", userid, passwd);
Statement stmt = conn.createStatement(); // create Statement object
… Do Actual Work ….
stmt.close(); // close Statement and release resources
conn.close(); // close Connection and release resources
}
catch (SQLException sqle) {
System.out.println("SQLException : " + sqle); // handle exceptions
}
}
JDBC- execute and fetch results
Execute SQL query
ResultSet rset = stmt.executeQuery(
"select * from instructor");
Fetch the results
◦ The cursor is initially place before the first row
◦ Use of ResutSet.next() method to move the cursor to the
next row and return true if there more row to process
◦ It can be use in a while loop
while (rset.next())
{
// read data from each row
}
JDBC Code (Cont.)
Update to database
try {
stmt.executeUpdate(
"insert into instructor values(’77987’,
’Kim’, ’Physics’, 98000)");
} catch (SQLException sqle)
{
System.out.println("Could not insert
tuple. " + sqle);
}
;
}
JDBC Code (Cont.)
Execute query and fetch and print results
ResultSet rset = stmt.executeQuery(
"select dept_name, avg (salary)
from instructor
group by dept_name");
while (rset.next()) {

System.out.println(rset.getString("dept_name") +
""+
rset.getFloat(2));
}
JDBC Code Details
Getting result fields:
◦ rs.getString(“dept_name”) and
rs.getString(1) equivalent if dept_name is
the first argument of select result.
Dealing with Null values
int a = rs.getInt(“a”);
if (rs.wasNull()) Systems.out.println(“Got
null value”);
Prepared Statement
PreparedStatement pStmt = conn.prepareStatement(
"insert into instructor
values(?,?,?,?)");
pStmt.setString(1, "88877");
pStmt.setString(2, "Perry");
pStmt.setString(3, "Finance");
pStmt.setInt(4, 125000);
pStmt.executeUpdate();
pStmt.setString(1, "88878");
pStmt.executeUpdate();
WARNING: always use prepared statements when taking an
input from the user and adding it to a query
◦ NEVER create a query by concatenating strings
◦ "insert into instructor values(’ " + ID + " ’, ’ " + name + " ’, " + " ’ + dept
name + " ’, " ’ balance + ")“
◦ What if name is “D’Souza”?
SQL Injection
Suppose query is constructed using
◦ "select * from instructor where name = ’" + name + "’"
Suppose the user, instead of entering a name, enters:
◦ X’ or ’Y’ = ’Y
then the resulting statement becomes:
◦ "select * from instructor where name = ’" + "X’ or ’Y’ = ’Y" + "’"
◦ which is:
● select * from instructor where name = ’X’ or ’Y’ = ’Y’
◦ User could have even used
● X’; update instructor set salary = salary + 10000; --
Prepared statement internally uses:
"select * from instructor where name = ’X\’ or \’Y\’ = \’Y’
◦ Always use prepared statements, with user inputs as
parameters
Metadata Features

The java program doesn’t include declaration for

data stored in the database
ResultSet metadata class
E.g.after executing query to get a ResultSet rs:
◦ ResultSetMetaData rsmd = rs.getMetaData();
for(int i = 1; i <= rsmd.getColumnCount(); i++) {
System.out.println(rsmd.getColumnName(i));

System.out.println(rsmd.getColumnTypeName(i));
}
Metadata (Cont)
Database metadata
DatabaseMetaData dbmd = conn.getMetaData();
// Arguments to getColumns: Catalog, Schema-pattern,
Table-pattern,
// and Column-Pattern
// Returns: One row for each column; row has a number of
attributes
// such as COLUMN_NAME, TYPE_NAME
// The value null indicates all Catalogs/Schemas.
// The value “” indicates current catalog/schema
// The value “%” has the same meaning as SQL like clause
ResultSet rs = dbmd.getColumns(null, "univdb", "department",
"%");
while( rs.next()) {
System.out.println(rs.getString("COLUMN_NAME"),
rs.getString("TYPE_NAME");
}
Metadata (Cont)
Database metadata
DatabaseMetaData dbmd = conn.getMetaData();
// Arguments to getTables: Catalog, Schema-pattern,
Table-pattern,
// and Table-Type
// Returns: One row for each table; row has a number of attributes
// such as TABLE_NAME, TABLE_CAT, TABLE_TYPE, ..
// The value null indicates all Catalogs/Schemas.
// The value “” indicates current catalog/schema
// The value “%” has the same meaning as SQL like clause
// The last attribute is an array of types of tables to return.
// TABLE means only regular tables
ResultSet rs = dbmd.getTables (“”, "", “%", new String[] {“TABLES”});
while( rs.next()) {
System.out.println(rs.getString(“TABLE_NAME“));
}
Finding Primary Keys
DatabaseMetaData dmd = connection.getMetaData();
// Arguments below are: Catalog, Schema, and Table
// The value “” for Catalog/Schema indicates current
catalog/schema
// The value null indicates all catalogs/schemas
ResultSet rs = dmd.getPrimaryKeys(“”, “”, tableName);
while(rs.next()){
// KEY_SEQ indicates the position of the attribute in
// the primary key, which is required if a primary key
has multiple attributes
System.out.println(rs.getString(“KEY_SEQ”),
rs.getString("COLUMN_NAME");
}
Transaction Control in JDBC

By default, each SQL statement is treated as a

separate transaction that is committed
automatically
◦ bad idea for transactions with multiple updates
Can turn off automatic commit on a connection
◦ conn.setAutoCommit(false);
Transactions must then be committed or rolled
back explicitly
◦ conn.commit(); or
◦ conn.rollback();
conn.setAutoCommit(true) turns on automatic
commit.
Other JDBC Features
Calling functions and procedures
◦ CallableStatement cStmt1 = conn.prepareCall("{? = call
some function(?)}");
◦ CallableStatement cStmt2 = conn.prepareCall("{call some
procedure(?,?)}");
Handling large object types
◦ getBlob() and getClob() that are similar to the getString()
method, but return objects of type Blob and Clob,
respectively
◦ get data from these objects by getBytes()
◦ associate an open stream with Java Blob or Clob object to
update large objects
● blob.setBlob(int parameterIndex, InputStream inputStream).
ODBC
Open DataBase Connectivity(ODBC) standard
◦ standard for application program to communicate with a database
server.
◦ application program interface (API) to
● open a connection with a database,
● send queries and updates,
● get back results.
Applications such as GUI, spreadsheets, etc. can use ODBC
Was defined originally for Basic and C, versions available for many
languages.
ODBC (Cont.)
Each database system supporting ODBC provides a "driver" library
that must be linked with the client program.
When client program makes an ODBC API call, the code in the library
communicates with the server to carry out the requested action, and
fetch results.
ODBC program first allocates an SQL environment, then a database
connection handle.
Opens database connection using SQLConnect(). Parameters for
SQLConnect:
◦ connection handle,
◦ the server to which to connect
◦ the user identifier,
◦ password
Must also specify types of arguments:
◦ SQL_NTS denotes previous argument is a null-terminated
string.
ODBC Code
int ODBCexample()
{
RETCODE error;
HENV env; /* environment */
HDBC conn; /* database connection */
SQLAllocEnv(&env);
SQLAllocConnect(env, &conn);
SQLConnect(conn, “db.yale.edu", SQL_NTS, "avi",
SQL_NTS, "avipasswd", SQL_NTS);
{ …. Do actual work …
}
SQLDisconnect(conn);
SQLFreeConnect(conn);
SQLFreeEnv(env);
}
ODBC Code (Cont.)
Program sends SQL commands to database by using SQLExecDirect
Result tuples are fetched using SQLFetch()
SQLBindCol() binds C language variables to attributes of the query result
◦ When a tuple is fetched, its attribute values are automatically
stored in corresponding C variables.
◦ Arguments to SQLBindCol()
● ODBC stmt variable, attribute position in query result
● The type conversion from SQL to C.
● The address of the variable.
● For variable-length types like character arrays,
● The maximum length of the variable
● Location to store actual length when a tuple is fetched.
● Note: A negative value returned for the length field indicates null value
Good programming requires checking results of every function call for errors;
we have omitted most checks for brevity.
ODBC Code (Cont.)
Main body of program
char deptname[80];
float salary;
int lenOut1, lenOut2;
HSTMT stmt;
char * sqlquery = "select dept_name, sum (salary)
from instructor
group by dept_name";
SQLAllocStmt(conn, &stmt);
error = SQLExecDirect(stmt, sqlquery, SQL_NTS);
if (error == SQL SUCCESS) {
SQLBindCol(stmt, 1, SQL_C_CHAR, deptname , 80, &lenOut1);
SQLBindCol(stmt, 2, SQL_C_FLOAT, &salary, 0 , &lenOut2);
while (SQLFetch(stmt) == SQL_SUCCESS) {
printf (" %s %g\n", deptname, salary);
}
}
SQLFreeStmt(stmt, SQL_DROP);
ODBC Prepared Statements
Prepared Statement
◦ SQL statement prepared: compiled at the database
◦ Can have placeholders: E.g. insert into account values(?,?,?)
◦ Repeatedly executed with actual values for the placeholders
To prepare a statement
SQLPrepare(stmt, <SQL String>);
To bind parameters
SQLBindParameter(stmt, <parameter#>,
… type information and value omitted for simplicity..)
To execute the statement
retcode = SQLExecute( stmt);
To avoid SQL injection security risk, do not create SQL strings
directly using user input; instead use prepared statements to bind
user inputs
More ODBC Features
Metadata features
◦ finding all the relations in the database and
◦ finding the names and types of columns of a query result or a
relation in the database.
By default, each SQL statement is treated as a separate
transaction that is committed automatically.
◦ Can turn off automatic commit on a connection
● SQLSetConnectOption(conn, SQL_AUTOCOMMIT, 0)}
◦ Transactions must then be committed or rolled back explicitly by
● SQLTransact(conn, SQL_COMMIT) or
● SQLTransact(conn, SQL_ROLLBACK)
ODBC Conformance Levels
Conformance levels specify subsets of the functionality
defined by the standard.
◦ Core
◦ Level 1 requires support for metadata querying
◦ Level 2 requires ability to send and retrieve arrays of
parameter values and more detailed catalog information.
SQL Call Level Interface (CLI) standard similar to ODBC
interface, but with some minor differences.
ADO.NET
API designed for Visual Basic .NET and C#, providing database access
facilities similar to JDBC/ODBC
◦ Partial example of ADO.NET code in C#
using System, System.Data, System.Data.SqlClient;
SqlConnection conn = new SqlConnection(
“Data Source=<IPaddr>, Initial Catalog=<Catalog>”);
conn.Open();
SqlCommand cmd = new SqlCommand(“select * from students”,
conn);
SqlDataReader rdr = cmd.ExecuteReader();
while(rdr.Read()) {
Console.WriteLine(rdr[0], rdr[1]); /* Prints result attributes 1 & 2 */
}
rdr.Close(); conn.Close();
Can also access non-relational data sources such as
◦ OLE-DB, XML data, Entity framework
Embedded SQL
The SQL standard defines embeddings of SQL in a
variety of programming languages such as C, C++, Java,
Fortran, and PL/1,
A language to which SQL queries are embedded is
referred to as a host language, and the SQL structures
permitted in the host language comprise embedded SQL.
The preprocessor process the SQL and replaces them
with host language declaration.
EXEC SQL statement is used to identify embedded SQL
request to the preprocessor
EXEC SQL <embedded SQL statement >;
Note: this varies by language (for example, the Java
embedding uses # SQL { …. }; )
Dynamic vs. Embedded SQL
Dynamic SQL Embedded SQL

code Code with embeded

SQL

Compiler Preprocessor code

Compiler
binar
y
binar
Library y

Library

DBMS DBMS
Embedded SQL (Cont.)
Variables used as above must be declared within DECLARE
section, as illustrated below. The syntax for declaring the
variables, however, follows the usual host language syntax.
EXEC SQL BEGIN DECLARE SECTION
int credit-amount ;
EXEC-SQL END DECLARE SECTION;
▶ Variables of the host language can be used within embedded
SQL statements. They are preceded by a colon (:) to
distinguish from SQL variables (e.g., :credit_amount )
Before executing any SQL statements, the program must first
connect to the database. This is done using:
EXEC-SQL connect to server user user-name using
password;
Here, server identifies the server to which a connection is to
be established.
 Embedded SQL (Cont.)
▶ To write an embedded SQL query, we use the
declare c cursor for <SQL query>
statement. The variable c is used to identify the query
▶ Example:
▶ From within a host language, find the ID and name of
students who have completed more than the number of
credits stored in variable credit_amount in the host langue
▶ Specify the query in SQL as follows:
EXEC SQL
declare c cursor for
select ID, name
from student
where tot_cred > :credit_amount
END_EXEC
Embedded SQL (Cont.)
The open statement for our example is as follows:
EXEC SQL open c ;
This statement causes the database system to
execute the query and to save the results within
a temporary relation. The query uses the value
of the host-language variable credit-amount at
the time the open statement is executed.
The fetch statement causes the values of one
tuple in the query result to be placed on host
language variables.
EXEC SQL fetch c into :si, :sn END_EXEC

Repeated calls to fetch get successive tuples in

the query result
Embedded SQL (Cont.)
A variable called SQLSTATE in the SQL
communication area (SQLCA) gets set to
‘02000’ to indicate no more data is
available
The close statement causes the
database system to delete the temporary
relation that holds the result of the
query.
EXEC SQL close c ;
Note: above details vary with language.
For example, the Java
embedding defines Java iterators to step
through result tuples.
Embedded SQL (Cont.)
EXEC SQL BEGIN DECLARE SECTION
int credit-amount ;
int iD;
char name [30];
char SQLSTATE [20];
EXEC-SQL END DECLARE SECTION;
EXEC SQL open c ;
EXEC SQL //Specify the query in SQL
declare c cursor for
select ID, name
from student
where tot_cred > :credit_amount
END_EXEC
While (SQLSTATE!=“2000”) {
EXEC SQL fetch c into :iD, :name END_EXEC
}
EXEC SQL close c ;
The variable c (used in the cursor declaration) is used to identify the
query
Updates Through Embedded
SQL
● Embedded SQL expressions for database modification (update, insert,
and delete) for example
● Can update tuples fetched by cursor by declaring that the cursor is for
update
EXEC SQL
declare c cursor for
select *
from instructor
where dept_name = ‘Music’
for update
● We then iterate through the tuples by performing fetch operations on
the cursor (as illustrated earlier), and after fetching each tuple we
execute the following code:
EXEC SQL
update instructor
set salary = salary + 1000
where current of c
Query
Embedded SQL queries are normally defined when the program is written
In rare situation queries can be written at runtime, for example a application
interface may allow the user to specify selection condition on one or more
attribute of relation and construct a where clause of SQL query at runtime.
A query string can be constructed and prepared at runtime
EXEC SQL PREPARE < query_name> FROM : <variable>
and a cursor can be opened on the query name
SQLJ
JDBC is overly dynamic, errors cannot be caught
by compiler
SQLJ: embedded SQL in Java
◦ #sql iterator deptInfoIter ( String dept name, int avgSal);
deptInfoIter iter = null;
#sql iter = { select dept_name, avg(salary) from instructor
group by dept name };
while (iter.next()) {
String deptName = iter.dept_name();
int avgSal = iter.avgSal();
System.out.println(deptName + " " + avgSal);
}
iter.close();
Extensions to SQL
Functions and Procedures
SQL:1999 supports functions and procedures
◦ Functions/procedures can be written in SQL itself, or
in an external programming language (e.g., C, Java).
◦ Functions written in an external languages are
particularly useful with specialized data types such as
images and geometric objects.
● Example: functions to check if polygons overlap, or to
compare images for similarity.
◦ Some database systems support table-valued
functions, which can return a relation as a result.
SQL:1999 also supports a rich set of
imperative constructs, including
◦ Loops, if-then-else, assignment
Many databases have proprietary procedural
extensions to SQL that differ from SQL:1999.
SQL Functions
Define a function that, given the name of a department,
returns the count of the number of instructors in that
department.
create function dept_count (dept_name varchar(20))
returns integer
begin
declare d_count integer;
select count (* ) into d_count
from instructor
where instructor.dept_name = dept_name
return d_count;
end
The function dept_count can be used to find the
department names and budget of all departments with
more that 12 instructors.
select dept_name, budget
from department
where dept_count (dept_name ) > 12
 SQL functions (Cont.)
Uses the syntax
create function function_name (parameter type)
Parameter: are inputs from user
returns -- indicates the variable-type that is returned
(e.g., integer)
return -- specifies the values that are to be returned
as result of invoking the function
Compound statement: begin … end
◦ May contain multiple SQL statements between begin and end.
SQL function are in fact parameterized views that
generalize the regular notion of views by allowing
parameters.
Table Functions
SQL:2003 added functions that return a relation as a result
Example: Return all instructors in a given department
create function instructor_of (dept_name char(20))
returns table (
ID varchar(5),
name varchar(20),
dept_name varchar(20),
salary numeric(8,2))
return table
(select ID, name, dept_name, salary
from instructor
where instructor.dept_name =
instructor_of.dept_name)
Usage
select *
from table (instructor_of (‘Music’))
SQL Procedures
The dept_count function could instead be written as procedure:
create procedure dept_count_proc (in dept_name varchar(20),
out d_count integer)
begin
select count(*) into d_count
from instructor
where instructor.dept_name = dept_count_proc.dept_name
end
Procedures can be invoked either from an SQL procedure or from
embedded SQL, using the call statement.
declare d_count integer;
call dept_count_proc( ‘Physics’, d_count);
Procedures and functions can be invoked also from dynamic SQL
SQL:1999 allows more than one function/procedure of the same
name (called name overloading), as long as the number of arguments
differ, or at least the types of the arguments differ
Language Constructs for Procedures &
Functions

SQL supports constructs that gives it almost all the

power of a general-purpose programming language.
◦ Warning: most database systems implement their own
variant of the standard syntax below.
Compound statement: begin … end,
◦ May contain multiple SQL statements between begin and
end.
◦ Local variables can be declared within a compound
statements
While and repeat statements:
◦ while boolean expression do
sequence of statements ;
end while
◦ repeat
sequence of statements ;
until boolean expression
end repeat
Language Constructs (Cont.)
For loop
◦ Permits iteration over all results of a query
Example: Find the budget of all departments

declare n integer default 0;

for r as
select budget from department
do
set n = n + r.budget
end for
Language Constructs (Cont.)
Conditional statements (if-then-else)
SQL:1999 also supports a case statement similar to C case
statement
Example procedure: registers student after ensuring classroom
capacity is not exceeded
◦ Returns 0 on success and -1 if capacity is exceeded
◦ See book (page 177) for details
Signaling of exception conditions, and declaring handlers for
exceptions
declare out_of_classroom_seats condition
declare exit handler for out_of_classroom_seats
begin
…
.. signal out_of_classroom_seats
end
◦ The handler here is exit -- causes enclosing begin..end to be exited
◦ Other actions possible on exception
 External Language Routines
SQL:1999 permits the use of functions and procedures written
in other languages such as C or C++
Declaring external language procedures and functions

create function dept_count(dept_name varchar(20))

returns integer
language C
external name ‘/usr/avi/bin/dept_count’

create procedure dept_count_proc(in dept_name varchar(20),

out count integer)
language C
external name ’ /usr/avi/bin/dept_count_proc’
External Language Routines
(Cont.)
Benefits of external language
functions/procedures:
◦ more efficient for many operations, and more
expressive power.
Drawbacks
◦ Code to implement function may need to be loaded
into database system and executed in the database
system’s address space.
● risk of accidental corruption of database structures
● security risk, allowing users access to unauthorized data
◦ There are alternatives, which give good security at the
cost of potentially worse performance.
◦ Direct execution in the database system’s space is
used when efficiency is more important than security.
Security with External Language Routines
To deal with security problems, we can do on of
the following:
◦ Use sandbox techniques
● That is, use a safe language like Java, which cannot be used
to access/damage other parts of the database code.
◦ Run external language functions/procedures in a
separate process, with no access to the database
process’ memory.
● Parameters and results communicated via inter-process
communication
Both have performance overheads
Many database systems support both above
approaches as well as direct executing in
database system address space.
Triggers
Triggers
A trigger is a statement that is executed automatically
by the system as a side effect of a modification to the
database.
To design a trigger mechanism, we must:
◦ Specify the conditions under which the trigger is to be
executed.
◦ Specify the actions to be taken when the trigger executes.
Triggers introduced to SQL standard in SQL:1999,
but supported even earlier using non-standard syntax
by most databases.
◦ Syntax illustrated here may not work exactly on your
database system; check the system manuals
Triggering Events and Actions in
SQL
Triggering event can be insert, delete or update
Triggers on update can be restricted to specific attributes
◦ For example, after update of takes on grade
◦ Or when inventory level of an item drops below certain value automatically place an order
Values of attributes before and after an update can be referenced
◦ referencing old row as : for deletes and updates
◦ referencing new row as : for inserts and updates
Triggers can be activated before an event, which can serve as extra constraints.
For example, convert blank grades to null.
create trigger setnull_trigger before update of takes
referencing new row as nrow
for each row
when (nrow.grade = ‘ ‘)
begin atomic
set nrow.grade = null;
end;
Trigger Example
E.g. time_slot_id is not a primary key of timeslot, so we cannot create a
foreign key constraint from section to timeslot.
Alternative: use triggers on section and timeslot to enforce integrity
constraints
create trigger timeslot_check1 after insert on section
referencing new row as nrow
for each row
when (nrow.time_slot_id not in (
select time_slot_id
from time_slot)) /* time_slot_id not present in time_slot */
begin
rollback
end;
Trigger Example Cont.
create trigger timeslot_check2 after delete on timeslot
referencing old row as orow
for each row
when (orow.time_slot_id not in (
select time_slot_id
from time_slot)
/* last tuple for time slot id deleted from time slot */
and orow.time_slot_id in (
select time_slot_id
from section)) /* and time_slot_id still referenced from section*/
begin
rollback
end;
Trigger to Maintain credits_earned
value
create trigger credits_earned after update of takes on
(grade)
referencing new row as nrow
referencing old row as orow
for each row
when nrow.grade <> ’F’ and nrow.grade is not null
and (orow.grade = ’F’ or orow.grade is null)
begin atomic
update student
set tot_cred= tot_cred +
(select credits
from course
where course.course_id= nrow.course_id)
where student.id = nrow.id;
end;
Statement Level Triggers
Instead of executing a separate action for each
affected row, a single action can be executed for all
rows affected by a transaction
◦ Use for each statement instead of for each row
◦ Use referencing old table or referencing new table to
refer to temporary tables (called transition tables) containing
the affected rows
◦ Can be more efficient when dealing with SQL statements that
update a large number of rows
When Not To Use Triggers
Triggers were used earlier for tasks such as
◦ Maintaining summary data (e.g., total salary of each department)
◦ Replicating databases by recording changes to special relations
(called change or delta relations) and having a separate process
that applies the changes over to a replica
There are better ways of doing these now:
◦ Databases today provide built in materialized view facilities to
maintain summary data
◦ Databases provide built-in support for replication
Encapsulation facilities can be used instead of triggers in
many cases
◦ Define methods to update fields
◦ Carry out actions as part of the update methods instead of
through a trigger
When Not To Use Triggers
(Cont.)
Risk of unintended execution of triggers,
for example, when
◦ Loading data from a backup copy
◦ Replicating updates at a remote site
◦ Trigger execution can be disabled before such
actions.
Other risks with triggers:
◦ Error leading to failure of critical transactions
that set off the trigger
◦ Cascading execution
Agenda
• Continue chapter 5 of the book
• Recursion
• Advanced aggregate feature
• OLAP
Recursive Queries
Recursion in SQL
SQL:1999 permits recursive view definition
Example: find which courses are a prerequisite, whether
directly or indirectly, for a specific course
with recursive rec_prereq(course_id, prereq_id) as (
select course_id, prereq_id
from prereq
union
select rec_prereq.course_id, prereq.prereq_id,
from rec_rereq, prereq
where rec_prereq.prereq_id = prereq.course_id
)
select ∗
from rec_prereq;
This example view, rec_prereq, is called the transitive
closure of the prereq relation
Note: 1st printing of 6th ed erroneously used c_prereq in place of
rec_prereq in some places00
The Power of Recursion
Recursive views make it possible to write queries, such as
transitive closure queries, that cannot be written without
recursion or iteration.
◦ Intuition: Without recursion, a non-recursive non-iterative
program can perform only a fixed number of joins of
prereq with itself
● This can give only a fixed number of levels of managers
● Given a fixed non-recursive query, we can construct a
database with a greater number of levels of
prerequisites on which the query will not work
● Alternative: write a procedure to iterate as many times
as required
● See procedure findAllPrereqs in book
The Power of Recursion
Computing transitive closure using iteration, adding
successive tuples to rec_prereq
◦ The next slide shows a prereq relation
◦ Each step of the iterative process constructs an extended
version of rec_prereq from its recursive definition.
◦ The final result is called the fixed point of the recursive
view definition.
Recursive views are required to be monotonic. That is, if
we add tuples to prereq the view rec_prereq contains all of
the tuples it contained before, plus possibly more
Example of Fixed-Point
Computation
Advanced Aggregation
Features
Ranking
Ranking can be done using basic SQL aggregation, but
resultant query is very inefficient
select ID, (1 + (select count(*)
from student_grades B
where B.GPA > A.GPA)) as s_rank
from student_grades A
order by s_rank;
Ranking
Ranking is done in conjunction with an order by specification.
Suppose we are given a relation
student_grades(ID, GPA)
giving the grade-point average of each student
Find the rank of each student.
select ID, rank() over (order by GPA desc) as s_rank
from student_grades
An extra order by clause is needed to get them in sorted
order
select ID, rank() over (order by GPA desc) as s_rank
from student_grades
order by s_rank
Ranking may leave gaps: e.g. if 2 students have the same top
GPA, both have rank 1, and the next rank is 3
◦ dense_rank does not leave gaps, so next dense rank would
be 2
Ranking (Cont.)
Ranking can be done within partition of the data.
“Find the rank of students within each department.”
select ID, dept_name,
rank () over (partition by dept_name order by GPA
desc)
as dept_rank
from dept_grades
order by dept_name, dept_rank;
Multiple rank clauses can occur in a single select clause.
Ranking is done after applying group by clause/aggregation
Can be used to find top-n results
◦ More general than the limit n clause supported by many
databases, since it allows top-n within each partition
Ranking (Cont.)
Other ranking functions:
◦ percent_rank (within partition, if partitioning is done)
◦ cume_dist (cumulative distribution)
● fraction of tuples with preceding values
◦ row_number (non-deterministic in presence of duplicates)
SQL:1999 permits the user to specify nulls first or nulls
last
select ID,
rank ( ) over (order by GPA desc nulls last) as
s_rank
from student_grades
Ranking (Cont.)
For a given constant n, the ranking the function ntile(n) takes
the tuples in each partition in the specified order, and divides
them into n buckets with equal numbers of tuples.
E.g.,
select ID, ntile(4) over (order by GPA desc) as quartile
from student_grades;
Windowing
Fixed window can be coded in SQL but moving window is a
challenge
Used to smooth out random variations.
E.g., moving average: “Given sales values for each date,
calculate for each date the average of the sales on that day,
the previous day, and the next day”
Window specification in SQL:
◦ Given relation sales(date, value)
select date, sum(value) over
(order by date between rows 1 preceding and 1
following)
from sales
Windowing
Examples of other window specifications:
◦ between rows unbounded preceding and current
◦ rows unbounded preceding
◦ range between 10 preceding and current row
● All rows with values between current row value –10 to
current value
◦ range interval 10 day preceding
● Not including current row
◦ range between 10 preceding and 2
following
Windowing (Cont.)
Can do windowing within partitions
E.g., Given a relation transaction (account_number, date_time,
value), where value is positive for a deposit and negative for a
withdrawal
◦ “Find total balance of each account after each transaction
on the account”
select account_number, date_time,
sum (value) over
(partition by account_number
order by date_time
rows unbounded preceding)
as balance
from transaction
order by account_number, date_time
OLAP
Data Analysis and OLAP
Online Analytical Processing (OLAP)
◦ Interactive analysis of data, allowing data to be summarized
and viewed in different ways in an online fashion (with
negligible delay)
Data that can be modeled as dimension attributes and
measure attributes are called multidimensional data.
◦ Measure attributes
● measure some value
● can be aggregated upon
● e.g., the attribute number of the sales relation
◦ Dimension attributes
● define the dimensions on which measure attributes (or
aggregates thereof) are viewed
● e.g., attributes item_name, color, and size of the sales
relation
Example sales relation

... ... ... ...

... ... ... ...
Data Cube
● A data cube is a multidimensional generalization of a cross-tab
● Can have n dimensions; we show 3 below
● Cross-tabs can be used as views on a data cube
Cross Tabulation of sales by item_name and color

The table above is an example of a cross-tabulation (cross-tab), also

referred to as a pivot-table.
◦ Values for one of the dimension attributes form the row headers
◦ Values for another dimension attribute form the column headers
◦ Other dimension attributes are listed on top
◦ Values in individual cells are (aggregates of) the values of the
dimension attributes that specify the cell.
Hierarchies on Dimensions
● Hierarchy on dimension attributes: lets dimensions to be viewed
at different levels of detail
● E.g., the dimension DateTime can be used to aggregate by hour of
day, date, day of week, month, quarter or year
Relational Representation of
Cross-tabs
● Cross-tabs can be represented
as relations
● We use the value all is used
to represent aggregates.
● The SQL standard actually
uses null values in place of
all despite confusion with
regular null values.
 Cross Tabulation With
Hierarchy
● Cross-tabs can be easily extended to deal with hierarchies
● Can drill down or roll up on a hierarchy
Extended Aggregation to Support OLAP
The cube operation computes union of group by’s on
every subset of the specified attributes
Example relation for this section
sales(item_name, color, clothes_size, quantity)
E.g. consider the query
select item_name, color, size, sum(number)
from sales
group by cube(item_name, color, size)
This computes the union of eight different groupings
of the sales relation:
{ (item_name, color, size), (item_name, color),
(item_name, size), (color, size),
(item_name), (color),
(size), ()}
where ( ) denotes an empty group by list.
For each grouping, the result contains the null value
for attributes not present in the grouping.
Online Analytical Processing
Operations
Relational representation of cross-tab that we saw earlier, but
with null in place of all, can be computed by
select item_name, color, sum(number)
from sales
group by cube(item_name, color)
The function grouping() can be applied on an attribute
◦ Returns 1 if the value is a null value representing all, and
returns 0 in all other cases.
select item_name, color, size, sum(number),
grouping(item_name) as item_name_flag,
grouping(color) as color_flag,
grouping(size) as size_flag,
from sales
group by cube(item_name, color, size)
Online Analytical Processing
Operations
Can use the function decode() in the select clause to replace
such nulls by a value such as all
◦ E.g., replace item_name in first query by
decode( grouping(item_name), 1, ‘all’, item_name)
Extended Aggregation
(Cont.)
The rollup construct generates union on every prefix of specified
list of attributes
E.g.,
select item_name, color, size, sum(number)
from sales
group by rollup(item_name, color, size)
Generates union of four groupings:
{ (item_name, color, size), (item_name, color), (item_name), ( )
}
Rollup can be used to generate aggregates at multiple levels of a
hierarchy.
E.g., suppose table itemcategory(item_name, category) gives the
category of each item. Then
select category, item_name, sum(number)
from sales, itemcategory
where sales.item_name = itemcategory.item_name
group by rollup(category, item_name)
would give a hierarchical summary by item_name and by category.
Extended Aggregation
(Cont.)
Multiple rollups and cubes can be used in a single group by
clause
◦ Each generates set of group by lists, cross product of sets
gives overall set of group by lists
E.g.,
select item_name, color, size, sum(number)
from sales
group by rollup(item_name), rollup(color, size)
generates the groupings
{item_name, ()} X {(color, size), (color), ()}
= { (item_name, color, size), (item_name, color),
(item_name),
(color, size), (color), ( ) }
Online Analytical Processing
Operations
Pivoting: changing the dimensions used in a cross-tab is
called
Slicing: creating a cross-tab for fixed values only
◦ Sometimes called dicing, particularly when values for
multiple dimensions are fixed.
Rollup: moving from finer-granularity data to a coarser
granularity
Drill down: The opposite operation - that of moving from
coarser-granularity data to finer-granularity data
End of Chapter 5