DBMS Po

SRIRAM ENGINEERING COLLEGE
Perumalpattu,Thiruvallur District-602 024.
NAME OF THE LAB : CS8481-DATABASE MANAGEMENT SYSTEM
DEPARTMENT : COMPUTER SCIENCE ANDENGINEERING
NAME:
REG_NO:
SRIRAM ENGINEERING COLLEGE
Perumalpattu, Chennai-602 024.
REGISTER NO:
BONAFIDE CERTIFICATE
This is to certify that a bonafide record of work done by

___________________________of _____Semester Computer Science
and Engineering in the _______________________laboratory during the
academic year 2018 -2019 .
Signature of Lab-in-charge Signature of H.O.D
Submitted for the Practical Examination held on ______________.
Internal Examiner External Examiner

TABLE OF CONTENTS
PAGE
EX.NO NAME OF THE PROGRAM
NO
Data Definition Commands, Data Manipulation Commands for inserting,

1
deleting, updating and retrieving Tables and Transaction Control statements
2 Database Querying – Simple queries, Nested queries, Sub queries and Joins
3 Views, Sequences, Synonyms
4 Database Programming: Implicit and Explicit Cursors
5 Procedures and Functions
6 Triggers
7 Exception Handling
Database Design using ER modeling, normalization and Implementation for

8
any application
9 Database Connectivity with Front End Tools
10 Case Study using real life database applications
EXTRA EXPERIMENTS
11 EMBEDDED SQL
DATABASE DESIGN AND IMPLEMENTATION PAY ROLL

12
PROCESSING
QUERIES(output):
EXAMPLE:
SQL>create table std(sno number(5),sname varchar(20),age number(5),sdob
date,sm1 number(4,2),sm2 number(4,2),sm3 number(4,4));
Table created.
SQL>insert into std values(101,’AAA’,16,’03-jul-
88’,80,90,98); 1 row created.
SQL>insert into std values(102,’BBB’,18,’04-aug-
89’,88,98,90); 1 row created.
OUTPUT:
Select * from std;
SNO SNAME AGE SDOB SM1 SM2 SM3
101 AAA 16 03-jul-88 80 90 98
102 BBB 18 04-aug-89 88 98 90
ALTER TABLE WITH ADD:
SQL>create table student(id number(5),name varchar(10),game
varchar(20)); Table created.
SQL>insert into student
values(1,’mercy’,’cricket’); 1 row created.
SYNTAX:
alter table<tablename>add(col1 datatype,col2
datatype..); EXAMPLE:
SQL>alter table student add(age number(4));
SQL>insert into student
values(2,’sharmi’,’tennis’,19);
OUTPUT:
ALTER: select * from
student; ID NAME GAME
1 Mercy Cricket
ADD: select * from
student; ID NAME
GAME AGE
1 Mercy cricket
2 Sharmi Tennis 19
ALTER TABLE WITH MODIFY:
SYNTAX:
Alter table<tablename>modify(col1 datatype,col2 datatype..);
EXAMPLE:
SQL>alter table student modify(id number(6),game varchar(25));
OUTPUT:
MODIFY
desc student;
NAME NULL? TYPE
Id Number(6)
Name
Varchar(20)
Game
Varchar(25) Age
Number(4)
DROP:
SYNTAX: drop table<tablename>;
EXAMPLE:
SQL>drop table
student; SQL>Table
dropped.
TRUNCATE TABLE
SYNTAX: TRUNCATE TABLE <TABLE NAME>;
Example: Truncate table stud;
DESC
Example: desc
emp; Name Null?
Type
--------------------------------- --------
EmpNo NOT NULL
number(5) EName
VarChar(15)
Job NOT NULL Char(10)
DeptNo NOT NULL
number(3) PHONE_NO
number (10)
INSERT operations in TABLE:
SQL> create table Archu (regno number(5), name varchar(20), dept varchar(5));
Table created.
INSERT COMMAND:
TYPE 1:
SQL> insert into Archu values('&regno','&name','&dept');
Enter value for regno: 1
Enter value for name: Archu
Enter value for dept: CSE
old 1: insert into Archu values('&regno','&name','&dept')
new 1: insert into Archu values('1','Archu','CSE')
1 row created.
SQL> /
Enter value for regno: 2
Enter value for name: Dharu
Enter value for dept: ECE
old 1: insert into Archu values('&regno','&name','&dept')
new 1: insert into Archu values('2','Dharu','ECE')
1 row created.
SQL> select * from Archu;

REGNO NAME DEPT
---------- -------------------- ----------
1 Archu CSE
2 Dharu ECE
TYPE 2:
SQL>insert into Archu (regno , name , dept)values (3,'Harshini',EEE);

1 row created.
REGNO NAME DEPT

---------- -------------------- ----------
1 Archu CSE
2 Dharu ECE
3 Harshini EEE
TYPE 3:
SQL> insert into Archu values (4,'Sharchi',IT);

1 row created.

REGNO NAME DEPT
---------- -------------------- ----------
1 Archu CSE
2 Dharu ECE
3 Harshini EEE
4Sharchi IT
DELETE COMMAND:
SQL> delete from Archu where name='Archu';

1 row deleted.
REGNO NAME DEPT
---------- -------------------- ----------
2 Dharu ECE
3 Harshini EEE
4Sharchi CHEM
SQL> delete from Archu;
3 rows deleted.SQL> select * from sub;

no rows selected
SQL>descArchu;
Name Null? Type
----------------------------------------- -------- ----------------------------
REGNO NUMBER(5)
NAME VARCHAR2(20)
DEPT VARCHAR2(20)
TRUNCATE COMMAND:
SQL> truncate table Archu;

Table truncated.
DROP COMMAND:
SQL> drop table Archu;

Table dropped.
Group Function Syntax :

SELECT [column,] group_function(column), ... FROM table [WHERE condition]
[GROUP BY column]
[ORDER BY column];
Q) Compute the total salary, average salary, max salary, min salary of all the employees of the company
Sql> SELECT AVG(salary), MAX(salary), MIN(salary), SUM(salary) FROM employees;
SUM(SALARY) AVG(SALARY) MAX(SALARY) MIN(SALARY)
691400 6461.68224 24000 2100
Q) Find the minimum hiredate and maximum hire date of employees

Sql> SELECT MIN(hire_date), MAX(hire_date) FROM employees;
MIN(HIRE_DATE) MAX(HIRE_DATE)
17-JUN-87 21-APR-00
Q)Find total number of employees in the company;

Sql> SELECT COUNT(*) “Total Employees” FROM employees;
Total Employees
107
Q) Find total number of employees in the department 50;

Sql> SELECT COUNT(*) “Total Employees” FROM employees WHERE department_id = 50;
Total Employees
45
Q)Find the average salary of each department

Sql> SELECT department_id, AVG(salary) FROM employees GROUP BY department_id ;
DEPARTMENT_ID AVG(SALARY)
100 8600
30 4150
7000
90 19333.3333
20 9500
70 10000
110 10150
50 3475.55556
80 8955.88235
40 6500
60 5760
10 4400
Q) Compute the average salary of each job type of each department .

Sql> SELECT department_iddept_id, job_id, SUM(salary) FROM employees GROUP BY department_id, job_id order
by(department_id);
DEPT_ID JOB_ID SUM(SALARY)

10 AD_ASST 4400
20 MK_MAN 13000
Queries:
Q1. Create a table called EMP with the following
structure. Name Type
---------- ----------------------
EMPNO NUMBER(6)
ENAME
VARCHAR2(20) JOB
VARCHAR2(10)
DEPTNO NUMBER(3)
SAL NUMBER(7,2)
Allow NULL for all columns except ename and job.
Solution:
1. Understand create table syntax.
2. Use the create table syntax to create the said tables.
3. Create primary key constraint for each table as understand from logical table
structure. Ans:
SQL> create table emp(empno number(6),ename varchar2(20)not null,job
varchar2(10) not null, deptno number(3),sal number(7,2));
Table created.
Q2: Add a column experience to the emp table. experience numeric null allowed.
Solution:
1. Learn alter table syntax.
2. Define the new column and its data type.
3. Use the alter table syntax.
Ans: SQL> alter table emp add(experience
number(2)); Table altered.
Q3: Modify the column width of the job field of emp table.
Solution:
1. Use the alter table syntax.
2. Modify the column width and its data type.
Ans: SQL> alter table emp modify(job
varchar2(12)); Table altered.
SQL> alter table emp modify(job

varchar(13)); Table altered.
Q4: Create dept table with the following

structure. Name Type
------------ ---------------------
DEPTNO NUMBER(2)
DNAME VARCHAR2(10)
LOC VARCHAR2(10)
Deptno as the primarykey
Solution:
1. Understand create table syntax.
2. Decide the name of the table.
3. Decide the name of each column and its data type.
4. Use the create table syntax to create the said tables.
5. Create primary key constraint for each table as understand from logical table
structure. Ans:
SQL> create table dept(deptno number(2) primary key,dname
varchar2(10),loc varchar2(10));
Table created.
Q5: create the emp1 table with ename and empno, add constraints to check the empno
value while entering (i.e) empno > 100.
Solution:
1. Learn alter table syntax.
2. Define the new constraint [columns name type]
3. Use the alter table syntax for adding
constraints. Ans:
SQL> create table emp1(ename varchar2(10),empno number(6)
constraint check(empno>100));
Table created.
Q6: drop a column experience to the emp table.

Solution:
1. Learn alter table syntax. Use the alter table syntax to drop the
column. Ans:
SQL> alter table emp drop column experience; Table altered.
Q7: Truncate the emp table and drop the dept table
Solution:
1. Learn drop, truncate table syntax.
Ans: SQL> truncate table emp; Table truncated.
Using Savepoint and Rollback
Following is the table class,
id name
1 Abhi
2 Adam
4 Alex
INSERT INTO class VALUES(5, 'Rahul');
COMMIT;
UPDATE class SET name = 'Abhijit' WHERE id = '5';
SAVEPOINT A;
INSERT INTO class VALUES(6, 'Chris');
SAVEPOINT B;
INSERT INTO class VALUES(7, 'Bravo');
SAVEPOINT C;
SELECT * FROM class;

SELECT statement is used to show the data stored in the table.
The resultant table will look like,
id name
1 Abhi
2 Adam
4 Alex
5 Abhijit
6 Chris
7 Bravo
ROLLBACK command to roll back the state of data to the savepoint B.
ROLLBACK TO B;
Now our class table will look like,
id name
1 Abhi
2 Adam
4 Alex
5 Abhijit
6 Chris
ROLLBACK command to roll back the state of data to the savepoint A
ROLLBACK TO A;
Now the table will look like,
id name
1 Abhi
2 Adam
4 Alex
5 Abhijit
Queries(OUTPUT):
SQL> select *from cu;

CUSID CUSNAME
---------- ----------
33 df
11 kumar
44 raj
66 bharath
SQL> select *from pt;
PID PNAME
---------- ----------
44 raj
66 pen
55 pencil
99 eraser
SQL> select *from cu inner join pt on cu.cusid=pt.pid;
CUSID CUSNAME PID PNAME

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
SQL> select *from cu left join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
11 kumar
33 df
SQL> select *from cu right join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
SQL> select *from cu right outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
SQL> select *from cu left outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
11 kumar
33 df
SQL> select *from cu full outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
11 kumar
33 df
6 rows selected.
SQL> create table pt1(pidinteger,pname char(10));
Table created.
SQL> alter table pt1 modify pid integer primary key;
Table altered.
SQL> select *from cu;
CUSID CUSNAME
---------- ----------
33 df
11 kumar
44 raj
66 bharath
SQL> select *from pt;
PID PNAME
---------- ----------
44 raj
66 pen
55 pencil
99 eraser
SQL> select *from cu inner join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
SQL> select *from cu left join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
11 kumar
33 df
SQL> select *from cu right join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
SQL> select *from cu right outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
SQL> select *from cu left outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
11 kumar
33 df
SQL> select *from cu full outer join pt on cu.cusid=pt.pid;

---------- ---------- ---------- ----------
44 raj 44 raj
66 bharath 66 pen
55 pencil
99 eraser
11 kumar
33 df
6 rows selected.
SQL> create table pt1(pidinteger,pname char(10));
Table created.
SQL> alter table pt1 modify pid integer primary key;
Table altered.
SQL> create table pt2(cid integer primary key,cname char(10),pid integer,
2 constraintfk foreign key(pid) references pt1(pid));
Table created.
SQL> create table pt2(cid integer primary key,cname char(10),pid integer,
2 constraintfk foreign key(pid) references pt1(pid));
Table created.
SQL> select *from customer;
ID NAME AGE
---------- ---------- ----------
11 kumar 30
12 raj 34
13 mom 56
SQL> select *from productt;

ID PNAME PRICE
---------- ---------- ----------
11 pencil 1000
15 pen 2000
22 eraser 4000
55 kite 100
SQL> select a.id,b.pname from customer a,productt b where a.id=b.id;
ID PNAME
---------- ----------
11 pencil
SQL> select b.id,b.pname from customer a,productt b where a.id>12;
ID PNAME
---------- ----------
11 pencil
15 pen
22 eraser
55 kite
SQL> select id from customer where id in (select id from productt where id>10);
ID
----------
11
SQL> select a.id,b.pname from customer a,productt b where a.id=any(select b.id
2 fromproductt where id>12);
ID PNAME
---------- ----------
11 pencil
SQL> select id from customer where id in (select id from productt where id>10);
ID
----------
11
SQL> select id from customer where id=any(select id from productt where id>10);
ID
----------
11
SQL> select b.pname from productt b where exists(select a.id,b.id from

2 customer a,productt b where a.id=b.id);
PNAME
----------
pencil
pen
eraser
kite
SQL> select b.pname from productt b where b.id in(select a.id from customer a wh
ere a.id=b.id);
PNAME
----------
pencil
Subqueries with the INSERT Statement
Syntax:
1. INSERT INTO table_name (column1, column2, column3....)
2. SELECT *
3. FROM table_name
4. WHERE VALUE OPERATOR
QUERIES(OUTPUT):
INDEX:
SQL> create table Cstomer(ID number(3),Name char(10),Age number(4));
Table created.
SQL> insert into Cstomer(ID,Name,Age)values(&ID,'&Name',&Age);

Enter value for id: 11
Enter value for name: Vena
Enter value for age: 20
old 1: insert into Cstomer(ID,Name,Age)values(&ID,'&Name',&Age)
new 1: insert into Cstomer(ID,Name,Age)values(11,'Vena',20)
1 row created.
SQL> /
Enter value for name: Abi
new 1: insert into Cstomer(ID,Name,Age)values(12,'Abi',23)
1 row created.
SQL> /
Enter value for name: Akshaya
new 1: insert into Cstomer(ID,Name,Age)values(13,'Akshaya',25)
1 row created.
SQL> /
Enter value for name: Prasha
new 1: insert into Cstomer(ID,Name,Age)values(14,'Prasha',26)
1 row created.
SQL> /
Enter value for name: Meena
new 1: insert into Cstomer(ID,Name,Age)values(15,'Meena',24)
1 row created.
SQL> select *from Cstomer;
ID NAME AGE
---------- ---------- ----------
11 Vena 20
12 Abi 23
13 Akshaya 25
14 Prasha 26
15 Meena 24
SQL> create index i1 ON Cstomer(ID);
Index created.
SQL> create index i2 ON Cstomer(ID,Name);
Index created.
SQL> drop index i2;
Index dropped.
SQL> drop index i1;
Index dropped.
VIEWS:
SQL> create view v1 as select ID from Cstomer;
View created.
SQL> select *from v1;
ID
----------
11
12
13
14
15
SQL> create view v2 as select ID,Name from Cstomer;
View created.
ID NAME
---------- ----------
11 Vena
12 Abi
13 Akshaya
14 Prasha
15 Meena
SQL>
SQL> create index i1 ON Cstomer(ID);
Index created.
SQL> create index i2 ON Cstomer(ID,Name);
Index created.
SQL> drop index i2;
Index dropped.
SQL> drop index i1;
Index dropped.
SQL> create view v1 as select ID from Cstomer;
View created.
ID
----------
11
12
13
14
15
SQL> create view v2 as select ID,Name from Cstomer;
View created.
ID NAME
---------- ----------
11 Vena
12 Abi
13 Akshaya
14 Prasha
15 Meena
SQL> update v2 set Name='Nivi' where ID=11;
1 row updated.
ID NAME
---------- ----------
11 Nivi
12 Abi
13 Akshaya
14 Prasha
15 Meena
SQL> delete from v2 where ID=13;
1 row deleted.
ID NAME
---------- ----------
11 Nivi
12 Abi
14 Prasha
15 Meena
SQL> drop view v2;
View dropped.
SEQUENCE:
SQL> create table Stable(Id number(3),name char(5));
Table created.
SQL> create sequence S1 start with 1 increment by 1 minvalue 1 maxvalue 20;
Sequence created.
SQL> insert into Stable values(S1.nextVal,'Ram');
1 row created.
SQL> insert into Stable values(S1.nextVal,'Mani');
1 row created.
SQL> select *from Stable;
ID NAME
---------- -----
1 Ram
2 Mani
SYNONYM:
SQL> create synonym sy1 for Stable;
Synonym created.
SQL> create synonym sy2 for exam4@orcl.Stable;
Synonym created.
SQL> select synonym_name,table_owner,table_name from DBA_synonyms where

table_na
me='Stable';
no rows selected
SQL> select*from sy1;
ID NAME
---------- -----
1 Ram
2 Mani
SQL> delete from Stable where ID=1;
1 row deleted.
SQL> delete from Stable where ID=2;
1 row deleted.
SQL> select*from sy1;
no rows selected
SQL> drop table Stable;
Table dropped.
SQL> drop synonym sy1;
Synonym dropped.
Output:
Implicit cursor Program:
Select * from customers;
+----+----------+-----+-----------+----------+
| ID | NAME | AGE | ADDRESS | SALARY |
+----+----------+-----+-----------+----------+
| 1 | Ramesh | 32 | Ahmedabad | 2000.00 |
| 2 | Khilan | 25 | Delhi | 1500.00 |
| 3 | kaushik | 23 | Kota | 2000.00 |
| 4 | Chaitali | 25 | Mumbai | 6500.00 |
| 5 | Hardik | 27 | Bhopal | 8500.00 |
| 6 | Komal | 22 | MP | 4500.00 |
+----+----------+-----+-----------+----------+
DECLARE
total_rowsnumber(2);
BEGIN
UPDATE customers
SET salary = salary + 500;
IF sql%notfound THEN
dbms_output.put_line('no customers selected');
ELSIF sql%found THEN
total_rows := sql%rowcount;
dbms_output.put_line( total_rows || ' customers selected ');
END IF;
END;
When the above code is executed at the SQL prompt, it produces the following result −
6 customers selected
PL/SQL procedure successfully completed.
If you check the records in customers table, you will find that the rows have been updated −
Select * from customers;
+----+----------+-----+-----------+----------+
| ID | NAME | AGE | ADDRESS | SALARY |
+----+----------+-----+-----------+----------+
| 1 | Ramesh | 32 | Ahmedabad | 2500.00 |
| 2 | Khilan | 25 | Delhi | 2000.00 |
| 3 | kaushik | 23 | Kota | 2500.00 |
| 4 | Chaitali | 25 | Mumbai | 7000.00 |
| 5 | Hardik | 27 | Bhopal | 9000.00 |
| 6 | Komal | 22 | MP | 5000.00 |
+----+----------+-----+-----------+----------+
Explicit Cursors:
Program:
Following is a complete Program: to illustrate the concepts of explicit cursors &minua;
DECLARE
c_idcustomers.id%type;
c_namecustomers.name%type;
c_addrcustomers.address%type;
CURSOR c_customers is
SELECT id, name, address FROM customers;
BEGIN
OPEN c_customers;
LOOP
FETCH c_customers into c_id, c_name, c_addr;
EXIT WHEN c_customers%notfound;
dbms_output.put_line(c_id || ' ' || c_name || ' ' || c_addr);
END LOOP;
CLOSE c_customers;
END;
When the above code is executed at the SQL prompt, it produces the following result −
1 Ramesh Ahmedabad
2 Khilan Delhi
3 kaushik Kota
4 Chaitali Mumbai
5 Hardik Bhopal
6 Komal MP
OUTPUT:
Procedures Programs:
Program1:
To display the content using procedure:
SQL> CREATE OR REPLACE PROCEDURE greetings
2 AS
3 BEGIN
4 dbms_output.put_line('Hello World!');
5 END;
6 /
Procedure created.
SQL> execute greetings;
Hello World!
Program2:
To find the minimun number using procedure:
SQL> DECLARE
2 a number;
3 b number;
4 c number;
6 PROCEDUREfindMin(x IN number, y IN number, z OUT number) IS
7 BEGIN
8 IF x < y THEN
9 z:= x;
10 ELSE
11 z:= y;
12 END IF;
13 END;
15 BEGIN
16 a:= 23;
17 b:= 45;
18 findMin(a, b, c);
19 dbms_output.put_line(' Minimum of (23, 45) : ' || c);
20 END;
21 /
Minimum of (23, 45) : 23
Program3:
To find the square root of the specified number using procedure:
a)SQL> DECLARE
2 a number;
3 PROCEDUREsquareNum(x IN OUT number) IS
4 BEGIN
5 x := x * x;
6 END;
7 BEGIN
8 a:= 23;
9 squareNum(a);
10 dbms_output.put_line(' Square of (23): ' || a);
11 END;
12 /
Square of (23): 529
PROGRAM FOR ARMSTRONG NUMBER
SQL> set serveroutput on;
SQL> declare
2 a number;
3 b number;
4 i number;
5 begin
6 i:=&num;
7 a:=i;
8 b:=0;
9 while a>0
10 loop
11 b:=b+power(mod(a,10),3);
12 a:=trunc(a/10);
13 end loop;
14 if b=i then
15 dbms_output.put_line(i||'IS AN ARMSTRONG NUMBER');
16 else
17 dbms_output.put_line(i||'IS NOT AN ARMSTRONG NUMBER');
18 end if;
19 end
;
20 /
Enter value for num:
123 old 6: i:=&num;
new 6: i:=123;
123 IS NOT AN ARMSTRONG NUMBER

SQL> /
Enter value for num:
407 old 6: i:=&num;
new 6: i:=407;
407IS AN ARMSTRONG NUMBER

PROGRAM FOR MULTIPLICATION TABLE:
SQL> declare
2 a number;
3 b number;
4 i number;
5 n number;
6 s number;
7 begin
8 a:=&ulimit;
9 b:=&llimit;
10 n:=&n;
11 for i in a..b
loop 12 s:=i*n;
13 dbms_output.put_line(i||'*'||n||'='||s);
14 end loop;
15 end
;
16 /
Enter value for ulimit:
1 old 8: a:=&ulimit;
new 8: a:=1;
Enter value for llimit:
10 old 9: b:=&llimit;
new 9: b:=10;
Enter value for n:
5
old 10: n:=&n;
new 10: n:=5; 1*5=5
2*5=10
3*5=15
4*5=20
5*5=25
6*5=30
7*5=35
8*5=40
9*5=45
10*5=50

PL/SQL PROGRAM FOR BONUS CALCULATION

SQL> declare
2 salary number;
3 bonus number;
4 begin
5 salary:=&sa;
6 if salary>5000 then
7 bonus:=salary*0.5;
8 else
9 bonus:=0;
10 end if;
11 dbms_output.put_line(bonus);
12 End;
13 /
Enter value for sa: 10000 old 5:

salary:=&sa;
new 5: salary:=10000;
5000

Function Programs:
Program 1: (To mulitply the given value with 1000)
SQL> CREATE OR REPLACE FUNCTION F1(N NUMBER) RETURN NUMBER IS
2 K NUMBER;
3 BEGIN
4 K:=N*1000;
5 RETURN K;
6 END;
7 /
Function created.
SQL> select F1(5) from dual;
F1(5)
----------
5000
SQL> select *from dual;
SQL> create table res(num number(30),MARK1 number(20),MARK2 number(20),REPORT number(30));
Table created.
SQL> insert into res(num,mark1,mark2,report) values(1,100,200,300);
1 row created.
SQL> insert into res(num,mark1,mark2,report) values(2,50,50,300);
1 row created.
SQL> select *from res;

NUM MARK1 MARK2 REPORT
---------- ---------- ---------- ----------
1 100 200 300
2 50 50 300
Program 2:(To calculate average of mark to the student)
SQL> create or replace function pro(no number) return number is
2 numres.num%type;
3 m1 res.MARk1%type;
4 m2 res.MARk2%type;
5 p number;
6 begin
7 select num, MARk1, MARk2 into num, m1, m2 from res where num=no;
8 p:=(m1+m2)/2;
9 return p;
10 end pro;
11 /
Function created.
SQL> select pro(1) from res;
PRO(1)
----------
150
150
SQL> select pro(2) from res;
PRO(2)
----------
50
50
Program3: (Factorial calcuation using Recursive Functions)
The following program calculates the factorial of a given number by calling itself recursively:
SQL> DECLARE
2 num number;
3 factorial number;
5 FUNCTION fact(x number)
6 RETURN number
7 IS
8 f number;
9 BEGIN
10 IF x=0 THEN
11 f := 1;
12 ELSE
13 f := x * fact(x-1);
14 END IF;
15 RETURN f;
16 END;
17
18 BEGIN
19 num:= 6;
20 factorial := fact(num);
21 dbms_output.put_line(' Factorial '|| num || ' is ' || factorial);
22 END;
23 /
Factorial 6 is 720

Output Programs:
Program 1: (row level trigger for the customers table and perform inset and update operations)
SQL> create table customers(id number,name char(50),age number(20),address varchar(20),salary number(30));
Table created.
SQL>
1 row created.
SQL> insert into customers(id,name,age,address,salary) values(12,'kumar',20,'wes st',5000);
1 row created.
SQL> select *from customers;
ID NAME AGE ADDRESS SALARY
---------- -------------------------------------------------- ---------- -------------------- ----------
11 ram 12 no st 1000
12 kumar 20 wesst 5000
SQL> CREATE OR REPLACE TRIGGER display_salary_changes
2 BEFORE DELETE OR INSERT OR UPDATE ON customers
3 FOR EACH ROW
4 WHEN (NEW.ID > 0)
5 DECLARE
6 sal_diff number;
7 BEGIN
8 sal_diff := :NEW.salary - :OLD.salary;
9 dbms_output.put_line('Old salary: ' || :OLD.salary);
10 dbms_output.put_line('New salary: ' || :NEW.salary);
11 dbms_output.put_line('Salary difference: ' || sal_diff);

12 END;
13 /
Trigger created.
SQL> INSERT INTO CUSTOMERS (ID,NAME,AGE,ADDRESS,SALARY)
2 VALUES (7, 'Kriti', 22, 'HP', 7500.00 );
Old salary:
New salary: 7500
Salary difference:
1 row created.
---------- -------------------------------------------------- ---------- ---- ---------------- ----------
11 ram 12 no st 1000
7 Kriti 22 HP 7500
SQL> UPDATE customers
2 SET salary = salary + 500
3 WHERE id = 11;
Old salary: 1000
New salary: 1500
Salary difference: 500
1 row updated.

---------- -------------------------------------------------- -- -------- ------------------ -- ----------
11 ram 12 no st 1500
7 Kriti 22 HP 7500
Program 2: Restriction to Deleting Trigger
This trigger is preventing to deleting row
SQL> CREATE or REPLACE TRIGGER trg1
2 AFTER
3 DELETE ON customers
4 FOR EACH ROW
5 BEGIN
6 IF :old.id = 11 THEN
7 raise_application_error(-20015, 'You can't delete this row');
8 END IF;
9 END;
10 /
Trigger created.
SQL> delete from customers where id= 11;
delete from customers where id= 11
ERROR at line 1:
ORA-04098: trigger 'EXAM05.TRG1' is invalid and failed re-validation

Output:
PROGRAM 1:
SQL> create table customers(id integer,name char(10),address varchar(10));
Table created.
SQL> insert into customers(id,name,address) values(11,'kumar','north st');
1 row created.
SQL> insert into customers(id,name,address) values(12,'kumar','north st');
1 row created.
ID NAME ADDRESS
---------- ---------- ----------
11 kumar north st
12 kumar north st
SQL> DECLARE
2 c_idcustomers.id%type := 8;
3 c_namecustomers.name%type;
4 c_addrcustomers.address%type;
5 BEGIN
6 SELECT name, address INTO c_name, c_addr
7 FROM customers
8 WHERE id = c_id;
10 DBMS_OUTPUT.PUT_LINE ('Name: '|| c_name);
11 DBMS_OUTPUT.PUT_LINE ('Address: ' || c_addr);
12 EXCEPTION
13 WHEN no_data_found THEN
14 dbms_output.put_line('No such customer!');

15 WHEN others THEN
16 dbms_output.put_line('Error!');
17 END;
18 /
No such customer!
The above program displays the name and address of a customer whose ID is given. Since there is no customer with
ID value 8 in our database, the program raises the run-time exception NO_DATA_FOUND, which is captured in
EXCEPTION block.
PROGRAM 2:
SQL> DECLARE
2 c_idcustomers.id%type := &cc_id;
3 c_namecustomers.name%type;
4 c_addrcustomers.address%type;
6 -- user defined exception
7 ex_invalid_id EXCEPTION;
8 BEGIN
9 IF c_id<= 0 THEN
10 RAISE ex_invalid_id;
11 ELSE
12 SELECT name, address INTO c_name, c_addr
13 FROM customers
14 WHERE id = c_id;
16 DBMS_OUTPUT.PUT_LINE ('Name: '|| c_name);
17 DBMS_OUTPUT.PUT_LINE ('Address: ' || c_addr);
18 END IF;
19 EXCEPTION
20 WHEN ex_invalid_id THEN
21 dbms_output.put_line('ID must be greater than zero!');
22 WHEN no_data_found THEN
23 dbms_output.put_line('No such customer!');
24 WHEN others THEN
25 dbms_output.put_line('Error!');
26 END;
27 /
Enter value for cc_id: -3
old 2: c_idcustomers.id%type := &cc_id;
new 2: c_idcustomers.id%type := -3;
ID must be greater than zero!
The above program display the result as ID must be greater than zero when we enter negative no
OUTPUT:
EXERCISES:
FIRST NORMAL FORM:
SQL>create type address as object(sno number(5),
2 sname varchar2(20),
3 city varchar2(20),
4 state varchar2(20));
Type created.
SQL>create table Employees(eno number(3) primary key,
2 enmae varchar2(20),
3 eadd address,
4 sal number(7,2))
SQL> /
Table created.
SQL> desc employees
Name Null? Type
----------------------------------------- -------- --------------------------
ENO NOT NULL NUMBER(3)
ENMAE VARCHAR2(20)
EADD ADDR
SAL NUMBER(7,2)
SQL> insert into employees values(&eno,'&enmae',address(&sno,'&sname','&city','&state'),&sal);
Enter value for eno: 001
Enter value for enmae: anbu
Enter value for sno: 12
Enter value for sname: Ist street
Enter value for city: chennai
Enter value for state: tamilnadu

Enter value for sal: 10000
old 1: insert into employees values(&eno,'&enmae',address(&sno,'&sname','&city','&state'),&sal)
new 1: insert into employees values(001,'anbu',address(12,'Ist street','chennai','tamilnadu'),10000)
1 row created.
SQL> /
Enter value for enmae: balu
Enter value for sname: car street
Enter value for city: madurai
Enter value for state: tamilnadu
new 1: insert into employees values(002,'balu',address(13,'car street','madurai','tamilnadu'),10000)
1 row created.
SQL> /
Enter value for enmae: chiru
Enter value for sname: 9th street
Enter value for city: hyderabad
Enter value for state: andhra pradesh
new 1: insert into employees values(003,'chiru',address(10,'9th street','hyderabad','andhra pradesh')
1 row created.
SQL> select * from employees;

ENO ENMAE EADD(SNO, SNAME, CITY, STATE) SAL
---------- ---------- ------------------------------------------------------------
1 anbu ADDR(12, 'Ist street', 'chennai', 'tamilnadu') 10000
2 balu ADDR(13, 'car street', 'madurai', 'tamilnadu') 10000
3 chiru ADDR(10, '9th street', 'hyderabad', 'andhra pradesh') 15000
Normalizing the table to 1NF:
SQL> create table en1 as select eno, ename ,sal from employees;
Table created.
SQL> alter table en1 add primary key(eno);
Table altered.
SQL> desc en1
Name Null? Type
----------------------------------------- -------- ----------------------------
ENAME VARCHAR2(15)
SAL NUMBER(7,2)
SQL> create table en2 as select eno,eadd from employees;
Table created.
SQL> alter table en2 add foreign key(eno) references en1(eno);
Table altered.
SQL> desc en2
Name Null? Type
----------------------------------------- -------- ----------------------------
ENO NUMBER(3)
EADD ADDR
Normalizing to 1NF:
employee
Eno Ename Eadd Sal
1NF
Emp1 emp2
Eno Ename Sal Eno eadd
SECOND NORMAL FORM:
SQL> create table empproject(eno number(3) primary key,
2 ename varchar2(20),
3 pno number(3) unique,
4 pname varchar2(20),
5 hours number(3));
Table created.
SQL> desc empproject
Name Null? Type
----------------------------------------- -------- ----------------------------
ENAME VARCHAR2(20)
PNO NUMBER(3)
PNAME VARCHAR2(20)
HOURS NUMBER(3)
SQL> insert into empproject values(&eno,'&ename',&pno,'&pname',&hours);
Enter value for ename: raja

Enter value for pno: 12
Enter value for pname: compilers
Enter value for hours: 12
old 1: insert into empproject values(&eno,'&ename',&pno,'&pname',&hours)
new 1: insert into empproject values(101,'raja',12,'compilers',12)
1 row created.
SQL> /
Enter value for ename: ragu
Enter value for pname: atm
new 1: insert into empproject values(102,'ragu',13,'atm',24)
1 row created.
SQL> /
Enter value for ename: sunil
Enter value for pname: robotics
new 1: insert into empproject values(103,'sunil',14,'robotics',15)
1 row created.
SQL> select * from empproject;
ENO ENAME PNO PNAME HOURS
---------- -------------------- ---------- -------------------- ----------

101 raja 12 compilers 12
102 ragu 13 atm 24
103 sunil 14 robotics 15
SQL>create table ep1 as select eno,ename from empproject;
Table created.
SQL>alter table ep1 add primary key(eno);
Table altered.
SQL> desc ep1;
Name Null? Type
----------------------------------------- -------- ----------------------------
ENAME VARCHAR2(20)
SQL>create table ep2 as select pno,pname from empproject;
Table created.
SQL>alter table ep3 add primary key(pno);
Table altered.
SQL> desc ep2
Name Null? Type
----------------------------------------- -------- ----------------------------
PNO NOT NULL NUMBER(3)
PNAME VARCHAR2(20)
SQL>create table ep3 as select eno,pno,hours from empproj;
Table created.
SQL>alter table ep3 add primary key(eno);
Table altered.
SQL>alter table ep3 add unique(pno);

Table altered.
SQL> desc ep3
Name Null? Type
----------------------------------------- -------- ----------------------------
PNO NUMBER(3)
HOURS NUMBER(3)
Normalizing to 2NF:
Eno Ename pno pname hours
 2NF
Ep1
en Ename
o
Ep2
pn Pname
o
Ep3
en pno Hours
o
THIRD NORMAL FORM:
SQL>create table empdept (eno number(3) primary key,
2 ename varchar2(20),
3 sal number(7),
4 dno number(3),
5 dname varchar2(20));
Table created.
SQL> desc empdept
Name Null? Type
----------------------------------------- -------- ----------------------------
ENAME VARCHAR2(20)
SAL NUMBER(7)
DNO NUMBER(3)
DNAME VARCHAR2(20)
SQL> insert into empdept values(&eno,'&ename',&sal,&dno,'&dname');
Enter value for ename: ravi
Enter value for dno: 1
Enter value for dname: cse
old 1: insert into empdept values(&eno,'&ename',&sal,&dno,'&dname')
new 1: insert into empdept values(101,'ravi',10000,1,'cse')
1 row created.
SQL> /
Enter value for ename: ragu
Enter value for dno: 2
Enter value for dname: eee
old 1: insert into empdept values(&eno,'&ename',&sal,&dno,'&dname')
new 1: insert into empdept values(102,'ragu',20000,2,'eee')
1 row created.
SQL> select * FROM EMPDEPT;

ENO ENAME SAL DNO DNAME
---------- -------------------- ---------- ---------- --------------------
101 ravi 10000 1 cse
102 ragu 20000 2 eee
SQL>create table ed1 as select eno,ename,sal,dno from empdept;
Table created.
SQL>alter table ed1 add primary key(eno);
Table altered.
SQL> desc ed1
Name Null? Type
----------------------------------------- -------- ----------------------------
ENAME VARCHAR2(20)
SAL NUMBER(7,2)
DNO NUMBER(3)
SQL>create table ed2 as select dno,dname from empdept;
Table created.
SQL>alter table ed2 add primary key(dno);
SQL> desc ed2
Name Null? Type
DNO NOT NULL NUMBER(3)
DNAME VARCHAR2(20)
SQL>alter table ed1 add foreign key(dno) references ed2(dno);
Table altered.
Normalizing to 3NF:
Empdept
En enam Sal dno dnam

o e e

 3NF
Ed1
en enam sal dno

o e
Ed2
Dn Dname
o
OUTPUT:
Programs:
FORM 1:
Private Sub OK_Click()
If Text1.Text = "admin" Then
If Text2.Text = "admin" Then
MsgBox "welcome to user"
Form2.Show
Else
MsgBox " incorrect password"
End If
Else
MsgBox "incorrect User name"
End If
Text1.Text = ""
Text2.Text = ""
End Sub
Private Sub CANCEL_Click()
End
End Sub
FORM 2:
Private Sub PATIENTDETAIL_Click()

Form3.Show
End Sub
Private Sub STAFFDETAIL_Click()
Form4.Show
End Sub
Private Sub HOME_Click()
Form1.Show
End Sub
FORM 3:
Dim DB As Database
Dim RS As Recordset
Private Sub Form_Load()
Set DB = OpenDatabase("patientdsn", False, False, "ODBC;UID=secit1;PWD=secit1;")
Set RS = DB.OpenRecordset("select * from patient")
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End Sub
Private Sub CLEAR_Click()

Text1.Text = ""
Text2.Text = ""
Text3.Text = ""
Text4.Text = ""
Text5.Text = ""
End Sub
Private Sub DELETE_Click()

RS.DELETE
MsgBox "the record is deleted"
RS.MoveNext
If RS.EOF Then
MsgBox "no more records"
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End If
End Sub

Form2.show
End Sub
Private Sub FIRST_Click()

RS.MoveFirst
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End Sub

Form1.Show
End Sub
Private Sub INSERT_Click()

RS.MoveLast
RS.AddNew
RS(0) = Text1.Text
RS(1) = Text2.Text
RS(2) = Text3.Text
RS(3) = Text4.Text
RS(4) = Text5.Text
MsgBox "record is inserted"
RS.UPDATE
End Sub
Private Sub LAST_Click()

RS.MoveLast
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End Sub
Private Sub NEXT_Click()

RS.MoveNext
If RS.EOF Then
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End If
End Sub
Private Sub PREVIOUS_Click()

RS.MovePrevious
If RS.BOF Then
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
End If
End Sub
Private Sub UPDATE_Click()

RS.Edit
RS(0) = Text1.Text
RS(1) = Text2.Text
RS(2) = Text3.Text
RS(3) = Text4.Text
Text5.Text = RS(4)
RS.UPDATE
MsgBox "the record is updated"
End Sub
FORM 4 :
Dim DB As Database
Dim RS As Recordset
Private Sub Form_Load()
Set DB = OpenDatabase("staffdsn", False, False, "ODBC;UID=secit1;PWD=secit1;")
Set RS = DB.OpenRecordset("select * from staff")
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End Sub
Private Sub CLEAR_Click()

Text1.Text = ""
Text2.Text = ""
Text3.Text = ""
Text4.Text = ""
Text5.Text = ""
Text6.Text = ""
End Sub
Private Sub DELETE_Click()

RS.DELETE
MsgBox "the record is deleted"
RS.MoveNext
If RS.EOF Then
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End If
End Sub
Private Sub EXIT_Click()

Form2.show
End Sub
Private Sub FIRST_Click()

RS.MoveFirst
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End Sub
Private Sub INSERT_Click()
RS.MoveLast
RS.AddNew
RS(0) = Text1.Text
RS(1) = Text2.Text
RS(2) = Text3.Text
RS(3) = Text4.Text
RS(4) = Text5.Text
RS(5) = Text6.Text
MsgBox "record is inserted"
RS.UPDATE
End Sub
Private Sub LAST_Click()

RS.MoveLast
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End Sub
Private Sub NEXT_Click()

RS.MoveNext
If RS.EOF Then
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End If
End Sub
Private Sub PREVIOUS_Click()

RS.MovePrevious
If RS.BOF Then
Else
Text1.Text = RS(0)
Text2.Text = RS(1)
Text3.Text = RS(2)
Text4.Text = RS(3)
Text5.Text = RS(4)
Text6.Text = RS(5)
End If
End Sub
Private Sub UPDATE_Click()
RS.Edit
RS(0) = Text1.Text
RS(1) = Text2.Text
RS(2) = Text3.Text
RS(3) = Text4.Text
RS(4) = Text5.Text
RS(5) = Text6.Text
RS.UPDATE
MsgBox "the record is updated"
End Sub
OUTPUT:
Form 1:
Form 2:
Form 3:
Form 4 :
Ex.No:10 Case Study using real life database applications
(Secure Mobile Database Applications: A Case Study)
Abstract.
case study of a secure mobile database application. In particular, we design, implement

and evaluate a mobile database application for an electronic announcement board. We identify a
set of security issues and apply appropriate techniques to satisfy the corresponding security
requirements.
Introduction
Mobile devices are gradually becoming commonplace. The computational and

networking power of mobile devices is constantly increasing and new technologies are
integrated into them to support new functionalities and services. On the other hand, the field of
databases and more generally data management is also expanded with new services and
applications. Several modern database management systems support small-footprint databases
that can be executed on mobile devices and admit disconnected computing and synchronization
with a central database. We call an application that comprises a server with a central database
and a number of autonomous mobile clients with replicated parts of the database a mobile
database application.
One of the most important issues of modern computing systems is the pro-vision of sufficient
security and privacy guarantees for the user data. Security issues of mobile devices are discussed
in recent works In the field of databases and database management systems, security is a well
studied subject.. More recently, issues about privacy in database. However in the case of a mobile
database application there are additional security challenges due to the distributed nature of the
application and the hardware constraints of mobile devices.
Achieving a sufficient level of security for such a platform is an important problem which has to
be addressed.
For example, data privacy and confidentiality is identified in as one of the critical open issues and
research directions in mobile databases.
In this work, we consider mobile database applications and focus on the security issues that arise
in this context. For this aim we present a case study of a secure mobile database application. In
particular, we design, develop and test an electronic announcement board. A database server is
used for the central storage of all application data, while small-footprint relational databases are
used on the mobile clients. We identify a set of security issues and show how to handle these
issues on the prototype mobile application.
The rest of the paper is organized in the following way. The mobile database application is
described in Section 2. Security techniques are presented. The implementation and the test
platform are described presents possible attacks and how they are faced by the application and
Section 6 contains a final discussion.
The Mobile Database Application
We consider the following mobile database application (MDA): An electronic announcement board
where authorized users can publish and/or read announcements. There are two types of users
of the announcement board, author users and read-only users. The rights of a user are
determined by its type: An author user has the right to create new announcements and to
modify or delete announcements authored by himself. A read-only user has the right to read all
announcements. The announcements are centrally stored in a database server and the users,
author users and read-only users, can use mobile devices to perform their application related
operations remotely. The core of the application is build on mobile database technology. As
shown in Figure 1, the application uses the client-server model. From the user’s point of view
there are two main application components: An authoring tool for authoring announcements and
a viewer to access all announcements. Moreover, if the announcements are in- tended for public
access, then read-only access can also be provided through a web interface.
Read-Only Client
Authoring ClientConcepts and the mobile platform
In this work, we define a mobile database as a small-footprint database that is installed on a

mobile device. Most commonly the local database is a replica of a part of a central database that
is installed at a server computer.
Major database management system (DBMS) vendors like Oracle, IBM and Microsoft, are
providing mobile extensions for their database servers. We have chosen a Pocket PC with
Windows Mobile 5.0 and SQL Server 2005 Mobile Edition as the computing platform for our mobile
application. However, corresponding technologies of other vendors could also be used.
Motivation
In a mobile database application a part or a replica of the database is locally installed on the
mobile device. This is a significant difference compared to a conventional client-server
application where all data is centrally stored in a database server. The approach with a mobile
database provides the necessary autonomy to the mobile device to work independently from the
central database. The client application can work with the mobile database asynchronously, and
needs to connect to the central database only when it is necessary to synchronize. This approach
has several advantages compared to a conventional approach where the clients do not use local
storage:
–Flexibility and Reliability: Asynchronous operation makes the application

more flexible and tolerant to network failures.
–Efficiency: Except the synchronization steps, for all other operations the
client has immediate access to the data since it is locally stored on the
mobile device.
–Enhanced security: Disconnected computing reduces the total time that the
mobile device is exposed to potential attacks over the network.
–Energy efficiency: The mobile device has to operate its network system,
hardware and software, only during the synchronization operations.
–Reduced fees for network usage: This holds in the case where the usage of
the communication link is charged. If the network link up-time is charged
then the benefits are obvious. However, even if only the network traffic is charged, the
decentralized approach of a mobile database can still reduce network fees. In this case
the cost decrease is achieved by reducing the traffic volume between the mobile
device and the server.
Architecture
The architecture of the mobile database application (MDA) is shown in Figure 2. The
application uses the client-server model1. The server-side of the application has three
main components: A central database, a server agent and a web server. The central
database provides the central storage place for all announcements. The server agent
connects the central database with the web server. The web server provides the end-
point of the communication link that is used to transfer data between the mobile and
the central database.
Application
Client Server
Server Agent
Database
Mobile
Client Web Server
Database Agent LIN-- Server

-K
The architecture of the application
The client-side has also three main components: The client application, the client agent
and the mobile database. The client agent is responsible for the communication
between the mobile database and the central database and between the client
application and the mobile database. The client application is a mobile application with
a graphical user interface (GUI) that provides the necessary interface to the users for
using the application. The mobile database is a local small-footprint database on the
mobile device which replicates an appropriate part of the central database.
The mobile database application has to use a communication link between the client
and the server. The only requirement for the communication link is that it must
support the secure hypertext transfer protocol (https). There are currently several
different options for providing the communication link.
1 Note that due to the existence of an agent at both endpoints of the communication
link, one could also argue that the actual application has three tiers. We prefer to
classify it as a conventional two-tier client-server application because in the mobile
database application the agents (middle tier) are transparent to the user and almost
transparent even to the application developer.most important are Wireless Network,
Bluetooth, GPRS and 3G. At both endpoints of the communication link are agents of
the mobile database management system. We tested our application with a wireless
network connection and with a Bluetooth connection.
Security Issues and Techniques
In this Section, we describe the security-related techniques that are applied in the
mobile database application.
Secure network connection
The mobile database and the central database have to be synchronized at specific
times. The synchronization is implemented in the system software of the mobile
database and is performed over the http protocol. Using http has the significant
advantage of using a widely available protocol and possibly the dis- advantage that its
performance may be lower than a proprietary protocol for the database
synchronization operation. We have selected the secure http protocol (https) to
perform the necessary synchronization operations between the mobile and the central
database. More precisely we use https with server and client authentication. This
choice assures:
–Confidentiality of the data that is transferred.
–Authentication of the server computer.
–Authentication of the client computer. Even though client

authentication worked on the mobile platform we did not manage
to apply it within the synchronization process of the mobile
database. We believe that this is due to a shortage of the current
system software and that will be overcome in the forthcoming
versions.
Encrypted local database
The local database on the mobile device is encrypted and each time the user opens the
mobile database, he has to enter his password. In case the mobile device is stolen or
violated by an intruder, the data that is stored on the local database is not readable.
The encryption algorithm is part of SQL Server Mo- bile Edition and unfortunately we
were not able to find documentation for the specific algorithm. We assume that the
vendor does not simply rely on obscurity and that the encryption is based on one of the
established symmetric key encryption algorithms. If the build-in encryption
algorithm of the mobile database is considered insufficient, it is of course possible to
implement this feature within the client application.
User authentication at the database server
The synchronization of the small-footprint database that is installed on the mobile
device with the central database is performed with database replication technology.
For this purpose, there is an appropriate publication at the database server. A
publication is the meta-data package of information about which data is replicated.
The mobile database uses the publication of the database server for the
synchronization operation. In order to connect to the publication an appropriate user
account on the database server has to be used. This means that the application user
has to be authenticated at the database server.
Authentication at the web server

As already noted, the communication between the mobile database and the central
database is performed over https. At the server side the communication link is handled
by a web server. Hence, it is possible to take advantage of standard web server
authentication and require the user to authenticate at the web interface level. This
requirement is very important since it provides protection for the mobile database
agent that is executed at the server side within the web server. Without web server
authentication every network user would be able to contact the server-side agent by
simply using the appropriate URL.
Server-side mobile agent account
Both endpoints of the communication link are handled by mobile database agents.
During a synchronization process, the agent operations on the server-side can either
be executed by the default agent account of the server’s operating system or in the
context of a dedicated account of the server’s operating system. We use a dedicated
operating system account for the execution of the agent service. The account has been
granted the minimum permissions that are necessary for its role. This decision
satisfies the common security rule of granting minimum sufficient permissions.
Separate user accounts for the authoring and the read-only application
In case a user has to use the application both as an author of announcements and as a
reader of all announcements we can either assign two accounts to the user, an
authoring account and a read-only account, or grant both functionalities to a unique
user account. Even though the security of the application would not be lowered by
using a unique account, we preferred to use two separate, dedicated accounts. This
approach reflects in a more natural way the structure of the application.
Application provided security
For authoring operations, each user has access only to his own data. A set of database
triggers implemented in the database server, check that the data manipulation
operations of the user are valid. This check prevents all users from accidental or
malicious modifications of data for which they have no authoriza- tion. More precisely,
an author
–can create new announcements that are signed with his name,
–can delete or update announcements that are signed with his

name, and
–has no access to announcements created/signed by other users.
The above functionality resembles in a loose sense the virtual private database
technology (VPD) of Oracle.
The read-only client
The read-only part of the MDA is implemented as a separate client application. The
read-only client provides access for viewing all announcements. We apply certain
techniques to assure the security of the central database:
–The publisher of the database server that is used for the

synchronization of the read-only application is defined to be read-
only. Consequently it is not possible to apply any modification to
the central database from the read-only application.
–Read-only clients have no access to the main table of the central

database. Instead the read-only clients read the announcements
from a replicated in- stance of the main table. A set of database
triggers implemented in the database server keeps the replicated
table always updated. In case an accidental or malicious
modification of the data in the replicated table would occur, it
would have no effect on the main table of the application.
Communication between the servers
The announcements are also available over http as a web page. A dynamic web page
with aspx code gives a list of the announcements. The web server must have access to
the database in order to read the data. For this reason we have to deal with a common
security issue in database-driven web sites: Choosing the appropriate database
account that the web server is using to access the database. We created a specific
account in the database that has only one permission: To perform a select on the
replicated announcements table. This decision too, applies the principle of granting the
minimum sufficient permissions.
Client-side data encryption
We also tested a common but very important feature, that of encrypting the user data
in the database. Even though this feature is not directly relevant to the
announcements application, we consider it very important for secure mobile database
applications and more generally for secure database applications. The user gives a
password to the client application and all his critical data is encrypted at the client-
side before it is permanently stored in the database. This encryption guarantees the
confidentiality of the data against any database user including the local database
administrators. The approach is very simple: The client application applies a symmetric
key encryption algorithm, for example AES, and stores the encrypted data into the
database. When the user reads the data, he provides his password and the data is
decrypted. We verified this approach and it works transparently as soon as the user
has given his password. A shortage of the current mobile platform was that some
library functions, like for example the function ”PasswordDeriveBytes”, were not
provided by .NET Compact Framework v2.0. We overcame this problem by providing a
hand-coded implementation of the required function that was absent.
Implementation
Development
The development platform for the MDA was Visual Studio 2005 with cross com-
pilation for Windows Mobile 5.0 and the .NET Compact Framework v2.0. The
application is implemented in C# and the development follows the approach described
in [4].
Testing
The mobile database application (MDA) has first been tested on a Windows Mobile
Emulator and then on a real Pocket PC with Windows Mobile 5.0.
1. MDA on a Windows Mobile emulator. To execute MDA on an

emulator, we used Visual Studio to start the emulator and to
install the application on the emulator. The emulator works as a
real Windows Mobile Pocket PC. The network connection for the
emulator is provided by ActiveSync. We tested all operations of
the mobile application and they worked well.
2. MDA on a Pocket PC with Windows Mobile 5.0 (Figure 3). In this

case we use Visual Studio and ActiveSync to install the MDA on
the mobile device. The mobile application can use any of the
available communication options for the synchronization. For
example Wireless Network, Bluetooth, GPRS, 3G. The only
requirement is that the communication link must support the
https protocol. We tested the application with a Wireless Network
connection and a Bluetooth connection. All operations and
security features of the
Visual
Studio 2005
ActiveSyn
c
Pocket PC
Device
SQL Server
2005
IIS
mobile application worked well. The mobile application on a Pocket PC with Windows
Mobile 5.0
Resistance in Attacks
The overall security of the MDA is achieved by ensuring:
–Security for the mobile device
–Security for the central computer
–Security for the communication link
–Security for application specific issues
We examine the tolerance of the mobile database application against a com-

prehensive set of threats/attacks. We can distinguish the following types of threats:
–Threats from any user with access to the communication link
–Threats from a read-only user of the application
–Threats from an author user of the application

We consider a set of specific threats/attacks for the MDA and discuss how each threat
is faced by our approach:
–Attack on the communication link: Eavesdropping of network traffic of the

application or a fake client or server node. The security of the communication link is
assured with the usage of the https protocol.
• Eavesdropping for example with a sniffer: In https all traffic is encrypted and
hence, the confidentiality of the packet contents is protected.
• Fake client or server node: Using both the client and the server authentication
features of https (features that are provided by the Secure Sock- ets Layer - SSL)
assures the legitimacy of both the client and the server nodes. As already noted,
in the current version of the mobile database software, the client authentication
of https did not work properly within the synchronization process.
– Attack against the mobile device: The encryption of the mobile database
ensures the confidentiality of the local data in case the mobile device is stolen
or attacked.
• Stolen device: The local database that is installed on the mobile device is
encrypted and hence, if the device is stolen, the application data is not readable.
We note again, that the encryption is a feature of SQL Server Mobile and that we
were not able to find any documentation about the encryption algorithm that is
used.
• Network attack: The mobile database admits the client application to work while
the mobile device is disconnected. The mobile device has to enable its network
connection only during the synchronization operation of the mobile database.
However, even during the short period that the portable device uses its network
connection it can become the target of malicious software. In Windows Mobile
there is currently no build-in firewall but there are third-party products that can
cover this shortage. In any case the data that is stored in the mobile database is
encrypted and cannot be read.
– Attack against the server: The server computer where the server part of
the application is executed must permit network access, in particular incoming
connection requests, to its web server. Hence the server computer can become
the target of attacks against the web server. We apply common security
techniques to protect the server. Discussing these techniques is beyond the scope
of this paper. There are numerous sources for security of computing systems
offering web services.
Attack against the MDA: An important threat for any multi-user application comes from
the registered users of the application.
Attack from a read-only user: A read-only user can read all announcements. If a
read-only user attempts to modify the contents of the database he will not succeed.
First, the GUI of the client application does not provide this feature. This prevents
unintentional attempts to modify data. Now, if a user intentionally uses some
proprietary software or a low-level database utility to modify the application data, he
will still fail because the publication at the database server is read-only. Finally, even if
any data would be modified (in some way that we did not predict), the change would
concern not the real database table, but a replicated table, that is used for the read-
only services.
• Attack from an author user: An author user has more permissions than a read-
only user. We consider what will happen if an author user attempts to perform
operations for which his is not authorized. In this case too, the GUI prevents
unintentional users attempts to perform illegal operations. For the case that
user intentionally attempts to modify data of other users by using some
proprietary software or a low-level database utility, a set of triggers in the
database server prohibits the unauthorized operationsDiscussion
Conclusion:
Developing a secure mobile database application is an important task. Our

experience with developing and testing the application is satisfactory in several
aspects. The efforts to implement the mobile database application were reason- able,
it works reliably and it is efficient and user-friendly. For the security of a mobile
database application, our case study showed that there are sufficient tools and
techniques available to provide a security level comparable to the security level of
conventional platforms. The few shortages that we faced are most likely technical
issues that should be overcome in the forthcoming versions of the system software of
the mobile platforms. Finally, an important issue is the lack of appropriate
documentation for certain encryption algorithms that are used within the system
software of mobile platforms.
OUTPUT PROGRAM :
import java.io.*;
import java.sql.*;
public class jdeg
{
public static void main(String args[])throws IOException
{
BufferedReader br =new BufferedReader(new InputStreamReader(System.in));
String rollno,nam,dep,mark;
System.out.println("enter the values(rno,name,dept,marks) to insert into the table");
rollno=br.readLine();
nam=br.readLine();
dep=br.readLine();
mark=br.readLine();
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection con =DriverManager.getConnection("jdbc:odbc:stu");
Statement st = con.createStatement();
st.executeUpdate("insert into student
values('"+rollno+"','"+nam+"','"+dep+"','"+mark+"')");
ResultSet rs=st.executeQuery("select * from student");
System.out.println();
System.out.println();
System.out.println("RNO\tNAME\tDEPT\tMARKS");
while(rs.next())
{
System.out.print(rs.getString("rno")+"\t");
System.out.print(rs.getString("name")+"\t");
System.out.print(rs.getString("dept")+"\t");
System.out.println(rs.getString("marks")+"\t");
}
}
catch (Exception e)
{
System.out.println(e);
}
}
}
OUTPUT:
D:\jdk1.3\bin>edit jdeg.java
D:\jdk1.3\bin>javac jdeg.java
D:\jdk1.3\bin>java jdeg
Enter the values(rno,name,dept,mark)to insert into the table
67
murugan
cse
77
RntName Dept mark

1 saran cse 99
2 arun mech 87
97 sethil cse 88
45 ssd dec 55
97 senthil cse 88
67 murugan cse 77
D:\jdk1.3\bin>
OUTPUT:
SQL>create table emp(eno number primary key,enamr varchar(20),age number,addr varchar(20),

DOB date,phno number(10));
Table created.
SQL>create table salary(eno number,edesig varchar(10),basic number,da number,hra number,pf

number,mc number,met number,foreign key(eno) references emp);
Table created.
TRIGGER to calculate DA,HRA,PF,MC
SQL> create or replace trigger employ

2 after insert on salary
3 declare
4 cursor cur is select eno,basic from salary;
5 begin
6 for cur1 in cur loop update salary set
7 hra=basic*0.1,da=basic*0.07,pf=basic*0.05,mc=basic*0.03 where hra=0;
8 end loop;
9 end;
10 / Trigger created.
PROGRAM FOR FORM 1

Private Sub emp_Click() Form 2.Show End
Sub Private
Sub exit_Click() Unload Me
End Sub Private Sub salary_Click() Form3.Show
End Sub
PROGRAM FOR FORM 2
Private Sub add_Click()
Adodc1.Recordset.AddNew MsgBox "Record added"
End Sub Private Sub clear_Click() Text1.Text = "" Text2.Text = "" Text3.Text = "" Text4.Text = ""
Text5.Text = "" Text6.Text = ""
End Sub Private Sub delte_Click() Adodc1.Recordset.Delete MsgBox "Record Deleted" If
Adodc1.Recordset.EOF = True
Then Adodc1.Recordset.MovePrevious End If
End
Sub Private Sub exit_Click() Unload Me
End Sub
Private Sub main_Click() Form1.Show
End Sub
Private Sub modify_Click() Adodc1.Recordset.Update End Sub
PROGRAM FOR FORM 3
Private Sub add_Click()
Adodc1.Recordset.AddNew MsgBox "Record added" End Sub
Private Sub clear_Click() Text1.Text = ""
Text2.Text = "" Text3.Text = "" Text4.Text = "" Text5.Text = "" Text6.Text = "" End Sub
Private Sub delte_Click()
Adodc1.Recordset.Delete MsgBox "Record Deleted" If Adodc1.Recordset.EOF = True
Then Adodc1.Recordset.MovePrevious End If
End Sub
Private Sub exit_Click() Unload Me
End Sub
Private Sub main_Click() Form1.Show
End Sub Private Sub modify_Click()
Adodc1.Recordset.Update End Sub
Output:

DBMS Po

Uploaded by

Copyright:

Available Formats

DBMS Po

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DBMS Po

Uploaded by

Copyright:

Available Formats

SRIRAM ENGINEERING COLLEGE

Perumalpattu,Thiruvallur District-602 024.

NAME OF THE LAB : CS8481-DATABASE MANAGEMENT SYSTEM

DEPARTMENT : COMPUTER SCIENCE ANDENGINEERING

This is to certify that a bonafide record of work done by

Signature of Lab-in-charge Signature of H.O.D

Submitted for the Practical Examination held on ______________.

Internal Examiner External Examiner

Data Definition Commands, Data Manipulation Commands for inserting,

3 Views, Sequences, Synonyms

4 Database Programming: Implicit and Explicit Cursors

5 Procedures and Functions

Database Design using ER modeling, normalization and Implementation for

9 Database Connectivity with Front End Tools

10 Case Study using real life database applications

DATABASE DESIGN AND IMPLEMENTATION PAY ROLL

SQL>create table std(sno number(5),sname varchar(20),age number(5),sdob

date,sm1 number(4,2),sm2 number(4,2),sm3 number(4,4));

SQL>insert into std values(101,’AAA’,16,’03-jul-

88’,80,90,98); 1 row created.

SQL>insert into std values(102,’BBB’,18,’04-aug-

89’,88,98,90); 1 row created.

Select * from std;

SNO SNAME AGE SDOB SM1 SM2 SM3

101 AAA 16 03-jul-88 80 90 98

102 BBB 18 04-aug-89 88 98 90

ALTER TABLE WITH ADD:

SQL>create table student(id number(5),name varchar(10),game

varchar(20)); Table created.

SQL>insert into student

values(1,’mercy’,’cricket’); 1 row created.

alter table<tablename>add(col1 datatype,col2

SQL>alter table student add(age number(4));

SQL>insert into student

ALTER: select * from

student; ID NAME GAME

ADD: select * from

ALTER TABLE WITH MODIFY:

Alter table<tablename>modify(col1 datatype,col2 datatype..);

SQL>alter table student modify(id number(6),game varchar(25));

NAME NULL? TYPE

SYNTAX: drop table<tablename>;

SYNTAX: TRUNCATE TABLE <TABLE NAME>;

Example: Truncate table stud;

emp; Name Null?

EmpNo NOT NULL

Job NOT NULL Char(10)

DeptNo NOT NULL

INSERT operations in TABLE:

SQL> select * from Archu;

SQL>insert into Archu (regno , name , dept)values (3,'Harshini',EEE);

REGNO NAME DEPT

SQL> insert into Archu values (4,'Sharchi',IT);

SQL> select * from Archu;

SQL> delete from Archu where name='Archu';

SQL> delete from Archu;

3 rows deleted.SQL> select * from sub;

SQL> truncate table Archu;

SQL> drop table Archu;