Thursday, February 24, 2005

TT380 - Week 2 Summary Notes

Okay its the 2nd week of the course and its time to read Hours 4 and 5 of the MySQL course book. So what are these 2 hours about?
  • Hour 4 - Using the MySQL Client
  • Hour 5 - Securing MySQL
  • Hour 4 - Using the MySQL Client
Hour 4 - Using the MySQL Client

In this hour the aim is to become familiar with the following client tools:
  • mysql - Built-in MySQL Monitor
  • mysqladmin - Built-in Administrator tool
  • mysqldump - Built-in backup utility tool
  • phpMyAdmin - 3rd party add-on
  • MySQL-Front - 3rd party add-on
  • MySQLManager - Add-on

MySQL Monitor
This is a command-line utility that is shipped with MySQL. To access this utilty simply enter the following at a command prompt:
mysql
If you have not done anything to the initial installation of your server this simple command will log you into your MySQL server with full blown access permissions. This is due to the default installtion creates a root user with no password. As previously mentioned in other blog entries this is a security risk and MUST BE ADDRESS ASAP.

Once the root user has a valid password, you will still be able to login to the server using the same command, but this time you also include a user and password string. See below for an example of login as the root user:
mysql -u root -p
The above command will prompt you to enter the password for the root user, once this has been entered you have full access once again. Once you have logged into your server you will probably want to access a database, this is acheived by issuing a statement to the server telling it what database you wish to use. See the example statement below for the syntax:
USE databasename;
A full list of commands that are available to you when you are logged in can be displayed using the following:
help;

How to exit the MySQL Monitor
To exit the monitor and ensure maximum security for your server always log-out correctly. This is again a simple process - just type in the following:
exit;

Using mysqladmin
This admin applicatins is used to create and drop databases and viewing the current server status. It should be noted that if you are using this application throught your ISP you may find that you are limited to what commands can be issued. You can obtain help by using the following:
mysqladmin --help

To create a database:
mysqladmin create databasename

To drop (delete) a database:
mysqladmin drop databasename


Using mysqldump
This application allows you to backup your database table structure and also create the relevant DDL scripts that can be used to recreate your entire database scheme. A extreamly useful option of this particular tool is the ability to export the schema to an external DDL file or sql script. This is performed using the following command:
msqldump databasename > filename.sql
I recommend that you always use this function prior to dropping (deleting) a table/database. Like most of the command you can obtain help for this function using the following syntax:
mysqldump --help

phpMyAdmin
This 3rd party add-on provides all the same functions as previously discussed in this blog. It however, requires not only a MySQL server, but also PHP and a web-server. Its very popular in the web-hosting arena, as it allows users to manage their own web-space, database etc. For the purpose of this course namely TT380, I have not installed this locally, but it's on the 'To-do-list'.

MySQL-Front and MySQLManager
These are another two excellent frontend GUI interfaces to allow you to manage your MySQL server. Again I have not installd these and its therefore unfair for me to comment on their uses etc. I do know that some course members are however using them. I instead opted to useanother 3rd party application, DBManager Professional v3.0.2. I have blogged seperately about this particular application.


Hour 5 - Securing MySQL

This hour is aimed at teaching your about securing your installation of MySQL. MySQL is continuosly monitoring 3 key things:
  • Where you are accessing from (your host)
  • Who you are (username and password)
  • What you are allowed to do (your privileges)
When MySQL is installed a database called mysql is automatically created and it has several tables defined within it. This database is used to record all privileges that are set on all users, fields, columns, tables and databases.

The 2 Step Authentication Process
As previously mention MySQL checks 3 things during its authentication process, These are performed in 2 steps:
  • Step 1 -MySQL looks at the host from where you are connecting from and the username and password pair. If the host is allowed to make the connection, your password is correct for the given username and finally the username is assigned as being able to access from the said host MySQl goes onto Step 2. If this step fails an error message is given.
  • Step 2 - MySQL then checks that the command that you are trying to issue is infact allowed to be issued by you on the database, table or field.
It is a common practice for applications to utilise this type of authentication, it allows for different levels of users, basic users can select data to view it whilst others are given great access allowing them to insert and delete data. Working with User Privileges Depending on you set-up will determine what permissions you have.

For example if you are connecting to your ISP hosting, the chances are you will only have a single user account and one database. Your users will however, have full control allowing you to create, delete, insert as you please on you won database. On the other hand if you are running a local server for say an internal intranet, then you mau have several users and several databases. Running your own server will almost certainly require you to add, amend and even delete users. So let us now look at how you can do just that!

How to Add Users
Adding users is very easy using DBManager Professional or a similar third-party application, however, its also very easy to do via a command-line using the GRANT command. You need to access the MySQL monitor using the root user. Once logged into the server you could use a command similar to the following to create a new user:
GRANT privileges
ON databasename.tablename
TO username@host
IDENTIFIED BY 'password';
Obviously the privileges given would depend on the users role, a complete list of these will follow this section. The example above uses both databasename and tablename, this would allow you to restrict the users privileges to that particular table, as opposed to allowing privileges across the entire databasename [replace .tablename with .*]. The username and host I think are like the password - self explanatory.

However, an additional wildcard is available to you; using % rather than the host would give way to a very large host list.

The other way is to use an INSERT command statement.

Removing Privileges
At times it is necessary to revoke certain users privileges, again this is easierly done via any of the previously mentions third-party applications. And again its just as easy to issue the command straight from a command-line. The syntax for this command is as follows:
PEVOKE privileges
ON databasename.tablename
FROM username@hostname;
As with before the privileges to be revoked would depend on the user, the databasename/tablename and hostname again can also be dealt with like those mention in the GRANT command above. Changes to the privileges table take immediate effect but as a safe measure and for the sake of a few extra keystrokes it's advised to issue a FLUSH PRIVILEGES; command statement.

To completely remove a user from the database for example, when an employee leaves the company, you would need to issue a special DELETE statement to remove the said user from the user table in the mysql database. So what's this special DELETE statement that I have to issue to delete a user completely I hear you say! The statement below will do just that for you:
DELETE FROM mysql.user
WHERE User='username'
AND Host != 'localhost';
That should delete the user specific [replace username with the relevant username] who is connected via localhost from the main mysql.user table.

My Conclussion
Well once again we come to the end of this weeks study from the course book. Please feel free to post any comments. I will attempt to answer any questions to the best of my ability.

All the best Jayson

Posted by at 2 comments:

TT380 - Week 1 Summary Notes

Okay its the first week of the course and its time to read Hours 1 to 3 of the MySQL course book. So whats these 3 hours about?

  • Hour 1 - Introduction to MySQL
  • Hour 2 - Understanding Database Terminology
  • Hour 3 - Learning the Database Design Process

Hour 1 - Introduction to MySQL What is MySQL?

MySQL [pronounced my ess que ell] is probably the most widely used Open Source Database. It is used for personal web-site, corporate intranets and large multi-national high traffic web applications. MySQL is a relational database management system (RDBMS). It is a very fast, robust and easy to use system compared to counter-parts like Oracle. MySQL is also FREE to use in most cases, but a commercial version does exsist.

Depending on the version of MySQL that you use will depend on whether certain standard relational database features are available to you. I believe that Pre version 4.x of MySQL lack the ability to use the following standard features:
  • transaction support
  • foreign keys
  • sub-selects within queries

What is a Relational Database?
A relational database is collection of tables which are made up from coloumn and rows. The tables relate to each other through specific values contained in certain columns.


Hour 2 - Understanding Database Terminology What makes a Database?
A database created using MySQL creates three seperate files on the servers filesystem. These three files contain the table definations, the data and the indexes used.

Tables
The table is the largest element of a database and in order of creation its second inline after the database it's self. There are several types of tables but that will be learnt later in the book/course/blog.

Fields
These give structure to your tables and provide a place to store your data. A table can contain a maximum of 3,398 fields, but it is unlikely that any well design database would have this many in a single table. Defining fields is possibly the most important part of designing an effective and efficient database. Fields can be assigned default values. When a record is created any default values are automatically entered into the relevant fields.

Records
A record is an entry in the tables. A record may be complete or incomplete. Incomplete may or may not mean empty it all depends of how you defined your fields. Records that contain all fields with valid data are seen as important if you want to maintain accuracy within your data.

Keys
Keys are a powerful element of your tables and records. Keys are used to link tables together. These are defined by assiging them to fields when creating your tables. MySQL have to types of keys; Primary and Unique. A unique key means just that no other field can contain the same data. A primary key is similar must also contain unique values, but it is also used to link tables together. Each table can only have one primary key, but it's allowed various unique keys.

Indexes
An index in a database can be compared to an index at the back of a book. It provides a reference to important and key information. Primary keys are automatically indexed but any other field can be manually indexed. Indexing can greatly improve the speed of your web application, but caution should be used. It's recommended that you only index fields that contain values that would be used in a search criteria.


Hour 3 - Learning the Database Design Process Table

Types Relational Databases as you can guess by it name, establish relationships between the tables it contains. There are various forms that these relationships can manafest in:
  • One to One
  • One to Many
  • Many to Many
One to One Relationship
This type of relationship is when a key in one table only appears once in another. An example is if Table A contained a persons name and Table B contained their date of birth. This is because a person can only have one birthday.

One to Many Relationship
This type of relationship is where a key in one table may appear many times in another. An example is Table A contains car manufactures and Table B contains models. This is because a car manufacture can have serveral models of cars.

Many to Many Relationship
This type of relationship normally causes issues in well design databases. It is therefore common to break-down a many to many relationship into several one to many relationships. This type of relationship doesn't make it easy to establish true relationship between tables, and when drawn out may even look like tables have no relationship.

Normalisation
This was another topic for this hour, but I have decided to give this its own blog entry as I feel it is an important topic and warrants more space. If nothing else it will give me chance to understand the topic better myself. Sorry you will just have to continue reading my blogs - I will try and get this one out very soon mind!


My Conclusion

Well folks thats the end of the first weeks study! There was a lot of reading involved, some from the course book, of which I have summarised here, the rest of the reading was from the course study guide and the rest and probably the heaviest load was from various articles that were/are posted on the WWW.

(Note the use of WWW and not Internet. Sorry thats just from other courses - people tend to refer to the two as being the same and they are not infact.)

If you have any comments please feel free to post them and I will attempt to answer any questions to the best of my ability.

All the best Jayson

Posted by at 1 comment:

TT380 Databases within Website Design

This is the the 4th short course offered by the Open University, that makes up their Certificate in Web Application Development. This particular course concentrates on the use of MySQL and ColdFusion for devlivering dynamic database contents to your web application.

The course uses two course books along with online conferences and weekly study guides. The course books used are:

  • SAMS Teach Yourself MySQL in 24 Hours
  • SAMS Teach Yourself ColdFusion Express in 24 Hours

The course requires you to complete and submit 3 computer marked assessment and a final ECA project which normal consist of several parts; a report and some coding; obviously the full requirements for this ECA are NOT ALLOWED to be discussed in detail thus I am unable to comment any further.

For the duration of the course you are given restricted access to an OU server thats hosts an installation of MySQL and ColdFusion. Due to the permission restrictions imposed on this server, I would recommend the installation and configuration of your own local servers. You would require the following:

  • A web server
  • ColdFusion Server
  • MySQL Server
  • ODBC data sources

For my own installation I decided to opt for the following configuration, namely because of the fact that it would allow me to continue with my development after the course had finished without the need to purchase any applications/software.

  • A web server - OpenSA (an apache web server).
  • ColdFusion Server - I Choose to install a newer version from the web due to limited ODBC data source support in ColdFusion Express, which comes on the accompanying CD-ROM. My installation is ColdFusion MX 7 Developer Edition.
  • MySQL Server - I used the version that was distributed by the OU.

The course is scheduled for 12 weeks and is divided into weekly topics. The current weekly schedule is listed below:


As the weeks pass I shall upload relevant notes for each of the topics

All the best Jayson
Posted by at 107 comments:

My OU Courses

As this Blog is going to be a haven for comments, thoughts etc for the courses that I have taken with the Open University I thought it appropriate to include a page that summaries what courses I have taken, that are in progress and also those I have planned.



Courses Already Passed
  • T183 Design and the Web
  • TT280 Web Basics: Design, Development and Management
  • TT281 The Client Side of Application Development

Courses Awaiting Results
  • T187 Vandalism in Cyberspace: Understanding and Combating Malicious Software
  • TT282 The Server-side of Application Development

Current Courses

Scheduled Courses
  • TT381 Open Source Development Tools - Starts May 2005
  • TT382 Web Server Management, Performance and Tuning - Start Oct 2005
Posted by at 1 comment:

My Blog Site-Map

Welcome to my blogger Site-Map - every page that I create will be manually listed in here and hopefully it will be ease the location of the entry you are looking for.

Posted by at
Subscribe to: Comments (Atom)