In addition to the coursework and programming labs, the program included challenging real-world projects where I have applied the skills experienced in class.
Junglebooks is a book company which has a database consisting of books, authors, orders and customers. In this project a database diagram is given and a database is created according to the diagram. Fictitiously, we are working with an application programmer who is building a client application using .NET. We are asked to create queries for different forms of the application. For example, The Cheap Books form displays available books below a certain price. The user enters 15 in the txtUnitPrice form field. Return ISBN, title and publisher in order by title. The sample code would be … 4 JungleBooks
6 Large Orders page from JungleBooks The Large Orders page is a report displaying the largest number of items sold per order. Display the Order ID, Customer ID and Name along with the total number of items they ordered. Display the record with the largest quantity first. Alias as: “Order ID’, ‘Cust ID’, ‘Customer’ and ‘# of items’.
7 Search for Customers by Credit Card page from JungleBooks The Search For Customers by Credit Card page allows the user to search for Customers by the last four digits of their credit card number. The user inputs ‘’7889” in the txtLastFourDigits form field. Return all information from the Customer table. Alias as: ‘ID’, ‘Name’, ‘CurrentAddress’, ’CardType’, ‘CardNumber’, ‘Expires’. In case you have different customers using the same credit card, order by Customer ID in ascending order.
8 Library The Library Database is created to support the principal functions of a lending library’s day-to-day operations. This database has been used for a couple of projects: Create queries against the Library Database that returns a number of results which uses string concatenations, different types of joins, UNION statements, CASE statements, Execution plan, date manipulation, and aggregate functions. Design back-end stored procedures that satisfy some of the functionalities of Library operations such as Add Adult, Add Juvenile, Check in a Book, Check out a Book, Add Book, Renew Membership, Change Juvenile to Adult, Update Adult. The procedures incorporated input validations and provides adequate error handling using TRY/CATCH.
10 Sample Library Query 1 Write and execute a query that returns member_no, firstname, lastname and sum of fine_paid for members who have paid the highest fines to date. Members should only appear once in the list. Display the highest fine first. If more than one member has paid the same amount display the records in order by member_no.
11 Sample Library Query 2 Using joins and a UNION clause, write a query to retrieve a single list of members both adult and juvenile, who have reserved ISBN number 288. The list must include the ISBN, title, member_no and name (i.e.: Smith, John) of each member who has the reservation. Additionally, the list should indicate whether the member is an adult or a juvenile. Output the records by name.
12 Sample Library Stored Procedure 1 Add A Juvenile member
13 Sample Library Stored Procedure 2 Check Out Item
14 PiggyBank The PiggyBank Database simulates bank operations such as Overdraft Accounts, Customer and Accounts relationships, and Transactions. This database has been used for a couple of projects: Create an Entity Relationship Diagram given some specifications such as Overdraft Fees, Error Information when a transaction fails, Login Failures, and Customer/Account relationships. Design back-end stored procedures, DDL/DML triggers, parameterized stored procedures that select from views. Some of the actions created are Create/Update Customer, Create Checking/Savings Accounts, Deposit/Withdrawal Procedures, Simulate ATM Balances, Customer Account History (bank statements) and Use of Overdraft Accounts.
18 PiggyBank Stored Procedure Selecting from a view Example
19 DBA Practicals The DBA Practicals project are numerous examples and questions relating to Designing, Troubleshooting, Tuning and Optimizing Database Servers using Microsoft SQL Server 2005 Here are some of the topics that I have worked on
20 DBA Practicals – Securing a SQL Server Solution
You can mitigate code-injection attacks by doing the following:
Constrain and sanitize input data - You can check for known good data by validating for type, length, format, and range.
Use type-safe SQL parameters for data access – For example, you can use parameters with stored procedures or dynamically constructed SQL command strings.
Use an account that has restricted permissions in the database – Grant execute permissions to stored procedures in the database and do not provide direct table access.
Avoid disclosing database error information – Do not disclose detailed error messages to the user.
2. You can use SQL Server 2005 Surface Area Configuration tool to minimize the surface attack area for SQL services and components quickly.
3. You can secure the sa login by Using Windows Authentication Mode instead of Mixed Mode; disable the sa login (Status page under the Login Properties of sa); and assign a strong sa password.
4. To implement the principle of least privilege for Notification Services service accounts, a specific user account should be created with only the privileges that are needed to run Notification Services. If Notification Services is only running on the local server then use a local user account. If Notification Services is running on the network then use a domain user account. Using an administrator account, the Local Service account, or the Network Service account are not recommended.
5. When upgrading to SQL Server 2005, xp_cmdshell does not run anymore because it is disabled on new installations. It can be enabled from Surface Area Configuration for Features tool or by running sp_configure.
21 DBA Practicals – For XML Explicit Example Results: Results:
22 Reporting Services In the Reporting Services Project I have created SSRS Reports against the Library Database. Here is a list of some of the reports created:
23 Reporting Services – Most Active Members Design a “Most Active Members” (# of checkouts/loans per member) with report parameters for calendar month and calendar year. Use just the loanhist table for this report- however if you include current loans (from the loan table), 1 point EC will be granted.
24 Reporting Services – Adult Member Detail, Part 1 “Adult Member Detail” report. Details about adult members: name, address, total number of active checkouts (loan table), with a drill down option for total fines assessed, total fines paid, total fines waived, and total due (for now- use loanhist only for this fine information). Please also include a hyperlink (drill through) to a second report showing any dependants and that displays each juvenile’s checkout/fine information (also via drill down). (Note: address information here is not necessary as it will be the same as the sponsoring adult in the Library database).
25 Reporting Services – Adult Member Detail, Part 2
26 Reporting Services – ‘Kids Club’ Report Design a “Kids Club” report. There is a special reading club (among many other such efforts) for 7 year olds, 8 year old, and 9 year olds. Design a report that displays all juvenile library members that belong within these three groups. Please distinguish between the three groups on the report by utilizing conditional expressions to implement an appropriate color scheme, and be sure to explain this scheme to the user in a legend. Creativity in naming such groups, and decorating the report would be appreciated. Please be sure that this report calculates a birthday by the given date- and not the datetime of the given birthdate.
27 Reporting Services – Current Fines for Overdue Books “Current Fines for Overdue Books.” A report for all overdue books, member name, and current fines due against books that have not been checked in (use the Loan table – don’t worry about fine information in the Loan History table) Calculate these fines as 25 cents per day.
28 BlockFlix BlockFlix is our Final Group Project where I was honored to be Project Manager. This database implemented almost all I have experienced in the program. A Presentation was conducted by the group upon Graduation. The following are some of the specifications for the project: The Database will be used to track inventory of movies, customers and their membership types, and payments by customers. Show a demo of inserting an XML file containing new releases into the database showing Title, Genre, Rating, up to 3 actors, 2 producers, etc. Each store has an individual database to keep track of local sales information which is uploaded to the central database nightly via snapshot replication. Create reports for upper management and marketing department for lost/damaged movies, most rented movies, most active customers, list of customers in each membership type, etc. Research details in how to stream online video rentals and propose how to implement this for SQL Server 2005 as well as SQL Server 2008. Details on implementing partitioning, high availability, hardware considerations, users, groups, logins, permissions, roles, encryption, certificates, and application security features
31 BlockFlix – Credit Card Encryption Code Sensitive Data Encryption: Credit card number – Encrypted Real card number – Not Directly Stored Only BFManager role can get the real number Encrypted card number is stored with symmetric / asymmetric keys protection.
32 BlockFlix – High Cost Hardware Proposal Central Database: 4 Dell PowerEdge 2950 III Rack Server (Configured N+1 Clusters) 2 Quad-Core Intel Xeon Processors 5400 series at 3.33GHz 8GB 667MHz Dual Ranked DIMMs Microsoft Windows Server 2008 Datacenter x64 bit Microsoft SQL Server 2005 Enterprise Edition Dell PowerVault NX1950 6.75TB (450GB x 15 Serial Attached SCSI Hot Plug Hard Drives) RAID 1+0 Configuration Store Database: 3 Dell PowerEdge 840 (Configured for Database Mirroring) Implemented with High Safety Mode - Witness Server for Automatic Failover CENTRAL DATABASE – N + 1 Cluster STORE DATABASE - Database Mirroring – High Safety mode with Automatic Failover
33 BlockFlix – Video Streaming SQL Server 2005 supports standard binary large object (BLOB) through varbinary(max) datatype. Issues with the varbinary(max) datatype in SQL Server 2005 was performance, maintaining transactional consistency between data, managing backup and restore and scalability issues. In SQL Server 2008, they introduced a new feature called, filestream. FILESTREAM: An attribute/property to set on varbinary column so that the data is stored on the file system. (Binary data is stored as individual files outside the database.) Transact SQL statements apply Limitation of 2GB file size on the varbinary(max) column removed Filestream data is secured like other data, by granting permissions at the table or column levels. Filestreams stored in the filestream groups.
SQL Server 2005 supports standard binary large object (BLOB) through varbinary(max) datatype.
Issues with the varbinary(max) datatype in SQL Server 2005 was performance, maintaining transactional consistency between data, managing backup and restore and scalability issues.
In SQL Server 2008, they introduced a new feature called, filestream.
34 About Me Graduated with a Bachelors in Electrical Engineering, I have pursued the Information Technology field in 1996. At the time, I have become a Certified Novell Engineer and worked with a CTS Group and Nat Sherman Inc. in the New York City. Since then, I moved to Los Angeles and joined VivoRx Inc. in 1999. During this time, I obtained MCSE status. As a Systems Administrator, I have been working for VivoRx, AmCyte, and ReNeuron for almost 9 years. In this position I acquired the necessary skills to manage an IT infrastructure of a small biotech company. Although my primary responsibilities include maintaining servers, backups, and workstations in a Windows environment, I have implemented databases in SQL Server for scientists to use in scientific analysis. I have created functions, stored procedures, triggers, and other database objects in the back end, and designed forms and reports in MS Access for the front end application. ReNeuron closed its Santa Monica branch in May of 2008 due to the economic slowdown. After looking for new opportunities in IT, I have decided to update my skills in SQL and enroll in the SetFocus SQL Masters Program. I am looking for a SQL Database Administrator position where I can use my skills I have experienced with SetFocus in combination with my technical background with Windows Systems. I have a passion of working as database developer and currently pursuing learning programming languages such as .NET, which goes hand-in-hand with SQL.