Design Pattern & Database – Computer Science

Twitter - Quiz Tutors
Design Pattern & Database - Computer Science. Facebook - Quiz Tutors

Relational Databases Sql, Unified Modeling Language, Cross Site Scripting, Design Pattern

The key terms of this chapter include Design Principle, Design Pattern, Language, Injection, Data, Site Script, Password, Encryption, Html.

What is the difference between Design Principles and Design Patterns?

Design principles – well-proven, higher-level abstractions, language-independent
Design patterns – lower level, more specific, language-dependent

Design Patterns

proven reusable soln (prescription) to a commonly occurring problem

Name all design patterns discussed in class

DAO Design Pattern
Dependency Injection Pattern
MVC Pattern

DAO Design Pattern

Decoupling database (persistence) and rest of application
– adding a layer of abstraction (Data Access Object)
Business Object –Uses–> DAO –Encapsulates–>Data Source


behavioral design pattern – subscription mech to notify multiple objects about any events happening that the object is observing
– get notified when state changed
Subject = object being watched
ex: Action/Event interface

SQl Injection

Insert malicious sql code into sql query through web app user input
– break database

Solution to SQL injection

User PrepareStatement and PrepareStatement.setString
setString sanitizes input before inserting to sql query

Cross-site Scripting (XSS)

Injection attack
inserting html code into user input
loading malicious script inserted into html

How to safely store credentials

Store representation of credentials instead of actual value
Encryption or hashing


scrambling text using a key (private key)
encrypted msg –private key–> decrypted msg
Not good for storing credentials – two-way function


better way of storing credentials
one-way function
– scrambles plain text –> fix-sized msg digest (hashed message)
stores hash
– hash code does not reveal a password
fixed algorithm to produce hash – always produce same hash with same password

Dictionary attack

attacker has commonly used passwords and the corresponding hash
given hash —> can look up dictionary –> password


refer to different types of similar objects (undergrads, grads) as one type (students)
useful for lists

Object-Oriented Analysis and Design (OOAD)

Analysis – problem modeling
Design – solution modeling

Unified Modeling Language (UML)

Used for OOAD
Class Diagram
– updated for each iteration
– overview of software system

What makes a design good?

High cohesion (focused) & low coupling (loose dependency)


runs only once before all the tests


for functional testing of RESTful API

What is the purpose of cookies?

save state since RESTful is stateless
– session management: logging in, shopping carts
– personalization
– tracking

Continuous Delivery

frequently deploy changes of software functionalities to clients
automated deployments

build pipeline

steps to move development to production

Continuous Integration

integrate changes to a repository (on Github) to deployment (Heroku) frequently (mult times a day)