Building Better Developers

Detailed Notes

It may seem like a beginner question, however we often need to find a value in a database and do something with it. This brief video shows you how to leverage your MySQL/MariaDB database connection to create a query that avoids SQL injection attacks and gets a value based on a lookup (where clause) to pass back to your program.

You can find out more through our online classes at https://school.develpreneur.com and register for free. Registration will add you to our email list and you will periodically receive coupons for courses as well as notifications of the latest releases.

Transcript Text

foreign
[Music]
well welcome back we are continuing
looking at our shorty application we're
going to take a URL and we're going to
do a shortener for it so if you give me
some big nasty thing like for example
this one
I'm going to give you something simpler
like this that you can use to get back
to that now we early on built some
functionality around it and now we're
working on the database side so
specifically this time we're going to
get into basically we're going to do
inserting a record into a table and then
how do you search a table for a record
now last time around let's see I'm going
to clean these up a little bit so we
don't have it all over the place so we
created a table
we created a database whoops don't need
that and we create a database and we
have some nice little utility functions
floating around up as well if I can
click right so what we're going to do
this time this first thing we want to do
is and here's our little thing we're
going to come in
we're going to create our class that
stores our database related stuff set
the database name for it we could
actually put it up here but we're going
to do it this way we're going to go
ahead and connect to our database to
connect we don't need to create a table
because we did it in the past and then
here we just had some extra stuff to
list tables and look at that but now
this time
let's do we're going to do list records
and we're going to give it a table name
oh we're going to give a table name and
I'm gonna have to write this one and the
the table is going to be links
that's what we created
what
if we go all the way up here yep links
with the lowercase
so let's do this first let's create that
and
uh let's see list rows is that what I
called it
I called it records Let's Do List rows
so you're gonna get a little bonus stuff
here uh and let's see here whoop don't
mean that but I do need this
oh open that up
I want it to be the table name
and then here I'm going to just simply
do it this we're going to do select star
from
and then I'm just going to do table name
this is really simple we there are
better ways we can do this but we're
going to go ahead and do it this way
I'll show you the better ways in a
moment
we're going to execute it we're going to
get all the rows we're going to print
each row and we're just going to print
the whole row because we're going to get
possibly a bunch of information
and there we go
so now
if we run list rows right now we've got
that
what we're going to see is nothing let's
do it this way let's do print
uh
rows for the table
and so we have that table but note we
have no rows so
let's create a few and the way we do
that is we're going to have
three values that we're worried about
that ID we if you want to flash back but
we have an ID that just gets Auto
generated so we don't have to worry
about that
the other three values that we have that
we're tracking in our table are original
link code and user ID
code is basically how we're going to get
our link back so what we need to do is
we just need to send the link the code
and the user in it's going to insert
that record
you insert it we've seen this before
we're going to do a little try except
around it but we're going to say hey
insert into links you give it in order
the columns that you're going to be
inserting into which we're going to do
the table names are original link code
and user ID and this is where we're
going to get a little bit smarter about
how we do stuff is we're going to so in
order to avoid
SQL injection attacks and things like
that
there are ways to protect your
parameters a little bit
in this case we're going to do is we're
going to say hey we have
column one two and three which is
original link coding user ID that means
we're going to send value which is a
string so percent s means we're going to
send a string
another string and another string also
comma separated within the sequel
and so now what we're going to do is
we're going to have this basically the
data that we're going to call it we're
going to have a tuple we'll call it that
and we're going to take this link code
and user that we sent those values can
be put into that data which means link
is the first one is going to go to this
percent as code it's going to go to this
one user is going to go to this third
one
we're going to execute it
we're going to grab the ID of the row
that we created which is in this case
just last row ID
because it's going to be whatever the
last row was it was that we did a a some
sort of a transaction on
we're going to go ahead and commit which
we actually want to do that beforehand
let's do it that way and then we're
going to return the new ID
so let's do a very simple record we're
going to come into my ID oh let's do it
before we do list rows
so here we're going to do my DB
and we're going to where do we put that
insert record links
and it's going to be the original link
the code and the user ID so let's go
look over here
and let's see in our little
uh wait Where'd I have it here we go so
let's do this one
so let's say this is my big link
so that's the first value I'm going to
send is my big link and then my user id
I'll just be a one it doesn't really
matter what it is I mean it does in the
long run right now it doesn't but then
I'm going to give it uh this is going to
be my ID one two three four five six
I want
so let's do
one two three four five six and those
are all strings actually that
string doesn't have to be because it'll
convert it actually we'll see let's go
check that if I don't make that a string
if I make that a number
and note it's bright python if you
haven't noticed we can swap double in
single quotes as we want if I come in
here and I do a DB create boom now I see
rows for the table the ID is one here's
that big long URL
here's the resulting or the code that
I'm looking for and then the user ID
so
that gives us the first part of our
question that we're working on this time
is actually getting set up for how do I
search a table for record so now what I
want to do because what we're going to
end up doing
is in the retrieve in the navigate
we're going to give it a URL
and then it's going to need to spit out
what was the what was the bigger you
know you get the short URL what's the
bigger one so what we're going to do
here is sort of the same
is we're going to get
one that we're going to call
call it retrieve link
and all we need to do here is send it
the code we could send a user as well
we're going to send it the code for now
so this was going to be a little
different we don't need a new I uh
well let's call this
result
and let's just call this link not found
and then here
we want to select
the original link because that's all we
really care about now
from
whoops
different lengths and it's not K SQL is
not case sensitive by the way
and then we're going to do where
or code
equals percent s
and now
our Tuple is just the code
let's see and then we want to
this time this is like we're doing with
the listing so now we're going to
execute it and instead we're going to do
is rows equals cursor
Dot fetchall
should be one and actually we could do
that we can say fetch one
because it better be just one row
and so let's do this row equals that
and then we're going to do let's see
Crystal close we're going to return the
result
in here
the result
is going to be able to let's just call
it fetch one zero
I'm going to take that first item out
well let's do it this way we're going to
do this
um let's do this first because we're
going to clean this up a little bit
so retrieve White
and we're going to present the result so
we're going to come here we don't need
to insert a record again
so we're going to do list rows which is
great
and then let's do this let's do
first let's retrieve blank four
uh what do we call that one two three
four five six
and then
print that
so we're just going to call this search
one
and then we're going to do search two
let's do it this way
let's just pick a different number
and let's see what we get from these two
so now
we have an error in our SQL syntax
uh data table equals
code
oh I need to do it sort of like this
um
it's like this I think it's
going to do
if that works there we go
so
uh let's see let me do it this way it
says a little easier to read
so the first time we come through we
search
and guess what
would get the uh
oh here's rows for the table I'm sorry
then we come back and we're going to get
the result which is this one because we
used one two three four five six and
we're gonna get that link back Second
Time Around we got none we didn't get
anything there was no record found
so where did we do that in the retrieve
um so it did link not found
oh
here it's going to be so
that would be if something totally broke
but otherwise we came through and it
says hey there was nothing found what we
can do here
is
um
we can say if
result
then result equals result zero so let me
sort of clean this up a little bit if we
do that now we get just the full bone
link back
so what we've been able to do is we've
shown a little bit extra we've gone the
extra mile a little bit here we've shown
how to insert a record and how to get a
record back we're basically doing it
just you know whatever value you want to
look on look for we're going to do it
and this is for directly
we're going to get that record back now
we could do rows
instead of fetch one we could do fetch
all
in which case then we would want to do
something like let's do rows
equals that and we could do four row in
rows
result equals row and that assumes that
there's going to be one
and if we do it this way
oh and row
now we get this so now we're going to
come out and it says that in this case
if nothing's found it's just going to
leave that original result which says
link not found otherwise we're going to
get our link out and there's other
things you do you could do select star
and get all the data like we did with
our select but this gives us use that
where and now we can get some
information out and we can see how to
wheel and deal with such information as
well so that takes care of us this time
we're going to come back answer a few
more questions as we continue working
forward on our application thank you for
your time and we'll catch you again next
time around
hello this is Rob with developmentor
also known as building better developers
wanted to announce that we have
school.developmentor.com feel free to
check it out if you like any of this
information any of the content that
we've sent and you would like to see
more you can come out you can enroll for
free we have free courses we've got
places for you to get better at just
learning a technology or how to's you
can work on your business skills we can
help you with becoming a better
developer as encoding and things like
that a lot of the stuff you've seen on
YouTube we also have out at
school.develop anywhere always have it a
little more of a educational format and
a way for you to track your progress as
you move forward becoming a better
developer
thank you

Transcript Segments

0.42

foreign

18.89

[Music]

27.3

well welcome back we are continuing

30.24

looking at our shorty application we're

32.64

going to take a URL and we're going to

35.04

do a shortener for it so if you give me

36.78

some big nasty thing like for example

39.36

this one

41.34

I'm going to give you something simpler

43.62

like this that you can use to get back

46.02

to that now we early on built some

50.34

functionality around it and now we're

51.84

working on the database side so

53.399

specifically this time we're going to

55.68

get into basically we're going to do

57.3

inserting a record into a table and then

59.219

how do you search a table for a record

62.82

now last time around let's see I'm going

65.22

to clean these up a little bit so we

66.96

don't have it all over the place so we

68.88

created a table

70.799

we created a database whoops don't need

73.02

that and we create a database and we

75.659

have some nice little utility functions

77.28

floating around up as well if I can

80.04

click right so what we're going to do

81.84

this time this first thing we want to do

83.58

is and here's our little thing we're

85.439

going to come in

86.52

we're going to create our class that

89.4

stores our database related stuff set

92.159

the database name for it we could

94.02

actually put it up here but we're going

95.159

to do it this way we're going to go

96.659

ahead and connect to our database to

98.34

connect we don't need to create a table

100.2

because we did it in the past and then

102.54

here we just had some extra stuff to

104.64

list tables and look at that but now

107.1

this time

108.659

let's do we're going to do list records

112.979

and we're going to give it a table name

115.2

oh we're going to give a table name and

117.299

I'm gonna have to write this one and the

118.979

the table is going to be links

122.939

that's what we created

128.039

what

129.36

if we go all the way up here yep links

130.8

with the lowercase

133.2

so let's do this first let's create that

140.28

and

143.099

uh let's see list rows is that what I

145.44

called it

146.94

I called it records Let's Do List rows

151.56

so you're gonna get a little bonus stuff

153.36

here uh and let's see here whoop don't

156.18

mean that but I do need this

159.36

oh open that up

161.519

I want it to be the table name

164.879

and then here I'm going to just simply

167.22

do it this we're going to do select star

170.94

from

172.92

and then I'm just going to do table name

175.98

this is really simple we there are

178.86

better ways we can do this but we're

180.239

going to go ahead and do it this way

181.08

I'll show you the better ways in a

182.34

moment

183.12

we're going to execute it we're going to

184.86

get all the rows we're going to print

186.3

each row and we're just going to print

187.86

the whole row because we're going to get

189.3

possibly a bunch of information

191.659

and there we go

194.099

so now

195.36

if we run list rows right now we've got

197.879

that

199.14

what we're going to see is nothing let's

202.379

do it this way let's do print

206.64

208.08

rows for the table

211.98

and so we have that table but note we

215.159

have no rows so

217.56

let's create a few and the way we do

220.319

that is we're going to have

222.54

three values that we're worried about

224.04

that ID we if you want to flash back but

227.34

we have an ID that just gets Auto

229.26

generated so we don't have to worry

230.76

about that

231.72

the other three values that we have that

233.94

we're tracking in our table are original

235.44

link code and user ID

238.2

code is basically how we're going to get

240.959

our link back so what we need to do is

244.56

we just need to send the link the code

246.659

and the user in it's going to insert

248.34

that record

249.659

you insert it we've seen this before

251.939

we're going to do a little try except

253.5

around it but we're going to say hey

255.36

insert into links you give it in order

258

the columns that you're going to be

259.68

inserting into which we're going to do

261.12

the table names are original link code

263.46

and user ID and this is where we're

265.44

going to get a little bit smarter about

267.3

how we do stuff is we're going to so in

270.54

order to avoid

272.54

SQL injection attacks and things like

274.8

that

276.12

there are ways to protect your

279.06

parameters a little bit

280.62

in this case we're going to do is we're

282.72

going to say hey we have

284.78

column one two and three which is

287.28

original link coding user ID that means

289.62

we're going to send value which is a

291.24

string so percent s means we're going to

292.86

send a string

294.06

another string and another string also

296.4

comma separated within the sequel

299.04

and so now what we're going to do is

300.419

we're going to have this basically the

302.28

data that we're going to call it we're

303.36

going to have a tuple we'll call it that

305.94

and we're going to take this link code

307.8

and user that we sent those values can

310.5

be put into that data which means link

312.78

is the first one is going to go to this

314.46

percent as code it's going to go to this

316.56

one user is going to go to this third

318.72

one

320.22

we're going to execute it

322.139

we're going to grab the ID of the row

324.72

that we created which is in this case

327.84

just last row ID

331.259

because it's going to be whatever the

332.759

last row was it was that we did a a some

336.24

sort of a transaction on

338.039

we're going to go ahead and commit which

339.36

we actually want to do that beforehand

343.139

let's do it that way and then we're

345.12

going to return the new ID

347.52

so let's do a very simple record we're

350.34

going to come into my ID oh let's do it

351.9

before we do list rows

354.06

so here we're going to do my DB

357.419

and we're going to where do we put that

360.06

insert record links

361.74

and it's going to be the original link

364.44

the code and the user ID so let's go

366.36

look over here

369.9

and let's see in our little

373.199

uh wait Where'd I have it here we go so

375.479

let's do this one

378.539

so let's say this is my big link

384.3

so that's the first value I'm going to

385.62

send is my big link and then my user id

388.62

I'll just be a one it doesn't really

390

matter what it is I mean it does in the

392.46

long run right now it doesn't but then

394.62

I'm going to give it uh this is going to

397.38

be my ID one two three four five six

402.479

I want

404.039

so let's do

406.259

one two three four five six and those

408.6

are all strings actually that

410.88

string doesn't have to be because it'll

412.8

convert it actually we'll see let's go

415.44

check that if I don't make that a string

417.36

if I make that a number

419.46

and note it's bright python if you

421.62

haven't noticed we can swap double in

423.539

single quotes as we want if I come in

425.699

here and I do a DB create boom now I see

429.3

rows for the table the ID is one here's

432.18

that big long URL

434.58

here's the resulting or the code that

437.639

I'm looking for and then the user ID

439.86

441.12

that gives us the first part of our

443.819

question that we're working on this time

445.58

is actually getting set up for how do I

448.38

search a table for record so now what I

450.78

want to do because what we're going to

452.28

end up doing

453.3

is in the retrieve in the navigate

457.02

we're going to give it a URL

459.12

and then it's going to need to spit out

461.099

what was the what was the bigger you

464.039

know you get the short URL what's the

465.3

bigger one so what we're going to do

466.68

here is sort of the same

469.5

is we're going to get

471.78

one that we're going to call

475.62

call it retrieve link

485.4

and all we need to do here is send it

487.68

the code we could send a user as well

489.479

we're going to send it the code for now

491.819

so this was going to be a little

492.66

different we don't need a new I uh

495.06

well let's call this

497.22

result

499.919

and let's just call this link not found

504.24

and then here

506.28

we want to select

509.4

the original link because that's all we

511.86

really care about now

515.94

from

517.919

whoops

519.599

different lengths and it's not K SQL is

522.719

not case sensitive by the way

524.58

and then we're going to do where

528.839

or code

531.66

equals percent s

537.48

and now

538.98

our Tuple is just the code

546

let's see and then we want to

550.26

this time this is like we're doing with

552.24

the listing so now we're going to

553.44

execute it and instead we're going to do

556.14

is rows equals cursor

560.22

Dot fetchall

562.8

should be one and actually we could do

564.42

that we can say fetch one

567.959

because it better be just one row

571.92

and so let's do this row equals that

575.58

and then we're going to do let's see

577.86

Crystal close we're going to return the

579.36

result

581.399

in here

583.14

the result

586.32

is going to be able to let's just call

589.26

it fetch one zero

592.38

I'm going to take that first item out

593.88

well let's do it this way we're going to

595.08

do this

595.86

um let's do this first because we're

597.6

going to clean this up a little bit

599.16

so retrieve White

601.98

and we're going to present the result so

604.08

we're going to come here we don't need

605.82

to insert a record again

608.1

so we're going to do list rows which is

610.019

great

612.839

and then let's do this let's do

618.779

first let's retrieve blank four

622.74

uh what do we call that one two three

624.48

four five six

627.3

and then

632.64

print that

634.5

so we're just going to call this search

635.7

one

640.019

and then we're going to do search two

641.64

let's do it this way

644.76

let's just pick a different number

648.899

and let's see what we get from these two

652.56

so now

654.12

we have an error in our SQL syntax

663.24

uh data table equals

667.26

code

674.459

oh I need to do it sort of like this

678.12

680.82

it's like this I think it's

683.399

going to do

686.1

if that works there we go

688.44

690.86

uh let's see let me do it this way it

693.54

says a little easier to read

695.04

so the first time we come through we

697.2

698.339

and guess what

699.66

would get the uh

702.779

oh here's rows for the table I'm sorry

704.579

then we come back and we're going to get

706.32

the result which is this one because we

708.899

used one two three four five six and

710.579

we're gonna get that link back Second

712.38

Time Around we got none we didn't get

713.88

anything there was no record found

716.519

so where did we do that in the retrieve

720.06

um so it did link not found

723.48

724.86

here it's going to be so

726.959

that would be if something totally broke

728.88

but otherwise we came through and it

730.8

says hey there was nothing found what we

732.48

can do here

734.76

737.22

739.74

we can say if

742.38

result

744.72

then result equals result zero so let me

749.16

sort of clean this up a little bit if we

751.2

do that now we get just the full bone

754.38

link back

755.82

so what we've been able to do is we've

759.06

shown a little bit extra we've gone the

760.56

extra mile a little bit here we've shown

761.64

how to insert a record and how to get a

764.459

record back we're basically doing it

766.86

just you know whatever value you want to

768.6

look on look for we're going to do it

770.459

and this is for directly

772.44

we're going to get that record back now

774.06

we could do rows

777

instead of fetch one we could do fetch

778.68

all

779.82

in which case then we would want to do

783.36

something like let's do rows

788.519

equals that and we could do four row in

791.459

rows

793.68

result equals row and that assumes that

796.139

there's going to be one

798.06

and if we do it this way

801.3

oh and row

804.6

now we get this so now we're going to

807.66

come out and it says that in this case

810.139

if nothing's found it's just going to

812.459

leave that original result which says

814.079

link not found otherwise we're going to

816.54

get our link out and there's other

818.76

things you do you could do select star

820.139

and get all the data like we did with

821.88

our select but this gives us use that

825.779

where and now we can get some

827.339

information out and we can see how to

829.86

wheel and deal with such information as

832.139

well so that takes care of us this time

834.3

we're going to come back answer a few

835.44