Your SlideShare is downloading. ×
Pl sql-ch3
Pl sql-ch3
Pl sql-ch3
Pl sql-ch3
Pl sql-ch3
Pl sql-ch3
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Pl sql-ch3

1,911

Published on

PL/SQL Chapter 3

PL/SQL Chapter 3

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,911
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
80
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1. Chap 3. PL/SQL Security 1 3. PL/SQL SECURITY1. What are the different types of transactions in Oracle? 1. An Oracle table can be manipulated through SQL or PL/SQL statements. 2. An Oracle transaction can be made up of a single SQL sentence or several SQL sentences. 3. This gives rise to Single Query Transactions (SQT) and Multiple Query Transactions (MQT). 4. Both these transactions access Oracle tables. Since Oracle works on a multi-user platform, it is likely that many users will access the data either for viewing or for manipulating it (by using UPDATE, DELETE, INSERT commands) from the same table at the same time. Thus, the Oracle table is a global resource i.e., it is shared by many users.2. What is concurrency control and how is it implemented? 1. An Oracle table can be manipulated through SQL or PL/SQL statements. 2. These transactions can be Single Query Transactions (SQT) or Multiple Query Transactions (MQT). These transactions access Oracle tables. 3. Since Oracle works on a multi-user platform, it is likely that many users will access the data either for viewing or for manipulating it (by using UPDATE, DELETE, INSERT commands) from the same table at the same time. Thus, the Oracle table is a global resource i.e., it is shared by many users. 4. Therefore it is essential that data integrity is maintained and Oracle should permit simultaneous access to the tables without causing damage to the data. 5. The technique employed by Oracle to protect table data when several people are accessing it is called Concurrency Control. This technique is implemented through a method called locking. 6. A lock is a variable associated with a data item that describes the status of the item with respect to the various operations that can be performed on it. Generally, there is one lock for each data item in a database. 3 What are locks? Explain Oracle’s default locking strategy (Implicit locking). 1. Oracle is a multi-user system and several users may access a table at the same time for either viewing it or for manipulating it through INSERT, UPDATE and DELETE commands. 2. In order to maintain the integrity of the database, Oracle uses a technique of concurrency control through the mechanism of locking. 3. Thus, locks are mechanisms to ensure data integrity while allowing maximum concurrent access to data. 4. This locking mechanism is fully automatic and does not require user intervention. 5. The Oracle engine automatically locks table data while executing SQL statements. This type of locking is called Implicit locking. Implicit Locking: Implicit Locking is Oracle’s default locking strategy. Oracle has to decide on two issues: 1. Types of locks to be applied, 2. Level of lock to be applied. Types of Locks: The type of lock to be placed on a resource depends on the operation being performed on that resource. The two types of operations on tables are:mukeshtekwani@hotmail.com Prof. Mukesh N. Tekwani
  2. 2 Chap 3. PL/SQL Security • Read Operations (SELECT statement) • Write Operations (INSERT, UPDATE, DELETE statements) Read operations do not change the underlying table and hence simultaneous read operations can be performed on a table without causing any damage to the table data. Oracle engine places a Shared lock on a table when its data is being viewed. Write operations cause a change in table data due to the INSERT, UPDATE and DELETE commands. Hence, simultaneous write operations can adversely affect the table integrity. Simultaneous write operations will cause loss of data consistency in the table. Therefore, Oracle places an Exclusive lock on a table or parts of a table when data is being written in a table. The rules for locking are as follows: • Data that is being changed cannot be read (write and read cannot be performed concurrently) • Writers wait for other writers if they attempt to update the same rows at the same time. Types of Locks supported by Oracle are: Shared Locks: • This lock is placed on a resource whenever a read operation is being performed. • Multiple shared locks can be placed simultaneously on a resource. Exclusive Locks: • This lock is placed on a resource whenever a write operation (INSERT/UPDATE/DELETE) is being performed. • Only one exclusive lock can be placed on a resource at a time. The first user who acquires an exclusive lock will continue to be the sole owner of the resource and no other user can acquire an exclusive lock on that resource. Levels of Locks: A table can be decomposed into rows and a row can be decomposed into fields. So we can design a locking system which can lock the individual fields of a record. Thus, more than one user can work on a single record in a table – i.e., each user can be working on a different field of the same record, at the same time. However, Oracle does not provide a field level lock. The three levels of locking provided by Oracle are: • Row level • Page level • Table level The level of locking to be used is decided by the Oracle engine; this depends on the presence or absence of the WHERE condition in the SQL statement. The rules are as follows: • If the WHERE clause evaluates to only a single row in the table, a row level lock is used. • If the WHERE clause evaluates to a set of data, a page level lock is used. • If there is no WHERE clause (i.e., the entire table is being accessed by the query), a table level lock is used. Prof. Mukesh N Tekwani mukeshtekwani@hotmail.com
  3. Chap 3. PL/SQL Security 3 4 What is Exclusive locking? What is the need for exclusive locking? What are the various techniques for exclusive locking? Exclusive Locks: • This lock is placed on a resource whenever a write operation (INSERT/UPDATE/DELETE) is being performed. • Only one exclusive lock can be placed on a resource at a time. The first user who acquires an exclusive lock will continue to be the sole owner of the resource and no other user can acquire an exclusive lock on that resource. Need for exclusive locking: Although the Oracle engine has a default locking strategy, explicit locking is often needed. The following example explains the need for explicit locking: Consider two client computers (Client A and Client B) are entering sales orders. Each time a sales order is prepared, the QOH of the product must be updated in the PRODUCTS_MSTR table. If client A fires an UPDATE command on a record of the PRODUCTS_MSTR table, then Oracle will implicitly lock the record so that no further data manipulation can be done by any other user till the lock is released. The lock will be released only when Client A fires a COMMIT or a ROLLBACK command. In the mean time, if Client B tries to view the same record, the Oracle engine will display the old data for the record as the transaction for that record has not been completed by Client A. Thus, Client B is viewing wrong information. In such a situation, Client A must explicitly lock the record so that no other user can access the record even for viewing purposes till client A completes his transaction. Such a lock that is applied by the user on a row, page or the entire table is called an explicit lock. Explicit locking is user-defined strategy and it always overrides Oracle’s default locking strategy. Tables and rows can be explicitly locked by using either the SELECT…FOR UPDATE statement or the LOCK TABLE statement. The SELECT…FOR UPDATE statement: This statement is used for acquiring exclusive row-level locks. This statement informs the Oracle engine that data currently being used needs to be updated. It is followed by UPDATE statements with a WHERE clause. Example 1: Two clients A and B are recording the transactions performed in a bank for a particular account number simultaneously. Client A fires the statement: Client A> SELECT * FROM ACCT_MSTR WHERE ACCT_NO = ‘SB7’ FOR UPDATE; When the above SELECT statement is fired, Oracle’s engine locks the record SB7. This lock will be released only when Client A issues the COMMIT or ROLLBACK command. Now Client B fires a SELECT statement which points to record SB7 which has already been locked by Client A. Client B> SELECT * FROM ACCT_MSTR WHERE ACCT_NO = ‘SB7’ FOR UPDATE;mukeshtekwani@hotmail.com Prof. Mukesh N. Tekwani
  4. 4 Chap 3. PL/SQL Security The Oracle engine ensures that Client B’s SQL statement waits for lock to be released on ACCT_MSTR by a COMMIT or ROLLBACK statement. In order to avoid unnecessary waiting time, a NOWAIT option can be used to inform Oracle engine to terminate the SQL command if the record has already been locked. In this case Oracle engine generates a message for Client B stating that the resource is busy. So in order not to wait for an uncertain period, Client B can issue the following query: Client B> SELECT * FROM ACCT_MSTR WHERE ACCT_NO = ‘SB7’ FOR UPDATE NOWAIT; The SELCT… FOR UPDATE clause cannot be used with the following: • DISTINCT and GROUP BY clauses. • SET OPERATORS and GROUP functions. Using the LOCK TABLE statement: Oracle’s default locking strategy can be overridden by creating a lock in a specific mode. This is done with the LOCK TABLE clause: LOCK TABLE <tablename> [,<tablename>]… In {ROW SHARE | ROW EXCLUSIVE | SHARE UPDATE | SHARE | SHARE ROW EXCLUSIVE | EXCLUSIVE } [NOWAIT ] In this syntax: • <tablename> indicates the names of the tables / views to be locked. • IN decides what other locks on the same resource can exist simultaneously. E.g., if there is an exclusive lock on the table, no other user can update rows on the table. It can have the following values: o EXCLUSIVE – Query is allowed on the locked resource but other activities are not permitted o SHARE – Queries are allowed on the table but does not allow updates on the table o ROW EXCLUSIVE – this lock is acquired when using the commands UPDATE, INSERT, or DELETE. o SHARE EXCLUSIVE – they are used to look at the whole table, to carry out selective updates, and to allow other users to look at rows in the table but not lock the table or update the rows. • NOWAIT – Indicates that the Oracle engine should immediately return to the user with a message, if the resources are busy. If this clause is omitted the Oracle engine will wait till the resources available. RELEASING LOCKS: Locks are released under the following circumstances: • The transaction is completed successfully using the COMMIT verb. • A ROLLBACK is performed. • A ROLLBACK to a savepoint will release locks after the specific savepoint. But row-level locks are not released by rolling back to a savepoint. 5 What are the important properties of a transaction that a DBMS must ensure? There are four important properties of transactions that a DBMS must ensure to maintain data in the face of concurrent access and system failures: Prof. Mukesh N Tekwani mukeshtekwani@hotmail.com
  5. Chap 3. PL/SQL Security 5 1. Users should be able to regard the execution of each transaction as atomic: either all actions are carried out or none are. Users should not have to worry about the effect of incomplete transactions (say, when a system crash occurs). 2. Each transaction, run by itself with no concurrent execution of other transactions, must preserve the consistency of the database. This property is called consistency, and the DBMS assumes that it holds for each transaction. Ensuring this property of a transaction is the responsibility of the user. 3. Users should be able to understand a transaction without considering the effect of other concurrently executing transactions, even if the DBMS interleaves the actions of several transactions for performance reasons. This property is sometimes referred to as isolation: Transactions are isolated, or protected, from the effects of concurrently scheduling other transactions. 4. Once the DBMS informs the user that a transaction has been successfully completed, its effects should persist even if the system crashes before all its changes are reflected on disk. This property is called durability. The acronym ACID is sometimes used to refer to the four properties of transactions that we have presented here: atomicity, consistency, isolation and durability. 6 Write a simple program to increase the salary of employees whose salaries are less than the average salary by 10 percent. The program re-computes and prints out the average salary if it exceeds 50000 after the above update. DECLARE avg_salary NUMBER; BEGIN SELECT avg(salary) INTO avg_salary FROM employee; UPDATE employee SET salary = salary*1.1 WHERE salary < avg_salary; SELECT avg(salary) INTO avg_salary FROM employee; IF avg_salary > 50000 THEN dbms_output.put_line (‘Average Salary is ‘ | | avg_salary); END IF; END; / 7 Display the employee number for those employees whose salary is greater than their supervisor’s salary. DECLARE emp_salary NUMBER; emp_super_salary NUMBER; emp_ssn CHAR (9); emp_superssn CHAR (9); CURSOR salary_cursor IS SELECT ssn, salary, superssn FROM employee; BEGIN OPEN salary_cursor; LOOP FETCH salary_cursor INTO emp_ssn, emp_salary, emp_superssn;mukeshtekwani@hotmail.com Prof. Mukesh N. Tekwani
  6. 6 Chap 3. PL/SQL Security EXIT WHEN salary_cursor%NOTFOUND; IF emp_superssn is NOT NULL THEN SELECT salary INTO emp_super_salary FROM employee WHERE ssn = emp_superssn; IF emp_salary > emp_super_salary THEN dbms_output.put_line(emp_ssn); END IF; END IF; END LOOP; IF salary_cursor%ISOPEN THEN CLOSE salary_cursor; IF salary_cursor%ISOPEN THEN CLOSE salary_cursor; END; / 8 Write a program segment that gets a list of all the employees, increments each employee’s salary by 10 percent, and displays the old and the new salary. DECLARE v_fname employee.fname%TYPE; v_minit employee.minit%TYPE; v_lname employee.lname%TYPE; v_address employee.address%TYPE; v_salary employee.salary%TYPE; CURSOR EMP IS SELECT ssn, fname, minit, lname, salary FROM employee; BEGIN OPEN EMP; LOOP FETCH EMP INTO v_ssn, v_fname, v_minit, v_lname, v_salary; EXIT WHEN EMP%NOTFOUND; dbms_output.putline(‘SSN:’ | | v_ssn | | ‘Old salary :’ | | v_salary); UPDATE employee SET salary = salary*1.1 WHERE ssn = v_ssn; COMMIT; dbms_output.putline(‘SSN:’ | | v_ssn | | ‘New salary :’ | | v_salary*1.1); END LOOP; CLOSE EMP; END; / Prof. Mukesh N Tekwani mukeshtekwani@hotmail.com

×