I'm creating a database application in Oracle Application Express (Apex) by using the application builder and i have a quick question regarding forms and reports. I know how to create basic forms and reports but im aiming to do something a little more tricky. I basically want the user to be presented with a form with the fields username and password , and after inputting the username and password i want the form to crosscheck the username and password inputted against a 'Student' table that i created with SQL and if it exists then i want the application to then bring up a report with the relevant field containing this data.
For example a user inputs 'hello' as their username and 'letmein' as the password through the form and then if it exists in the student table the application will then allow them to see the whole row of data for their specific student account only. The reason i want to do it this way is that i want the students to only be able to see their specific row of data and not any other student rows inserted in the 'Student' table obviously due to privacy reasons.
I tried to use the query on form option when creating a new page for the application but it only lets me as the developer put in the query statement and i cant do this because it has to be unique to what ever the user inputs in the 'Username' and 'Password' field on the form themselves.
Hope it makes sense as i have tried to explain in the best way possible and i have honestly been searching for a good few hours trying to find the solution but i feel their is limited Oracle Application Express material available on sites like YouTube which i normally always refer to when learning something new. I have also looked in the Oracle Application Express user docs but their is nothing that i can find that helps me to achieve the results im looking for.
If you already have a login page where a user is entering their username and password, the APP_USER value should be populated as part of your application session. Your report, therefore, can just be
SELECT *
FROM student
WHERE username = :APP_USER
APEX will bind whoever the currently logged in user is automatically.
Customized USER Based Content in Oracle APEX
This is how I approached the implementation of the OP and a demonstration of the results. I created two custom user accounts: "RICHARD" and "KAPLAN". After logging into the application pages of this demo, the user will find a report as well as customized text associated to their account information.
This example uses the APEX Standard User Authentication Scheme. This should also work with other custom authorization methods.
I also added a student name so that it would match the login name (identified by the reserved variable/item name: APP_USER). The user login name does not necessarily have to be the same as the student name. Other approaches can be accomplished such as by providing a suitable "translation" column inside the STUDENT table between student name, id and login name.
This page was created to demonstrate how to call session based item values and also schema/table based references.
User Greeting
This section is an HTML region. The page source is plain text with some HTML tags and also a substitution variable for the APP_USER value:
Hello There, &APP_USER. How are you today?<br>
Your student ID number is: &P12_SID. <br>
Welcome to your virtual classroom.
Class Student List
A REPORT content type stored in a page region. This list is a report output of information for all students stored in my sample database:
SELECT *
FROM STUDENT;
Student Query Using Filter Criteria
Hidden Page Item Approach
SELECT *
FROM STUDENT
WHERE ID = :P12_SID;
which requires...
SELECT *
FROM STUDENT
WHERE NAME = :APP_USER;
Elsewhere in the application, where any query requires an item value to filter by STUDENT.ID, instead refer to the defined page item: P12_SID. In this example, the "SID" (Student ID) value is passed between pages as a HIDDEN FIELD ITEM.
By assigning hidden typed page items to query operations, these assigned data values become reusable throughout a page's content. Enabling the PROTECTED FIELD setting for the hidden page item also prevents users from spoofing other student id values to gain access to another student's records.
Using a PL/SQL Function to Restrict User Access
You have now seen the STUDENT.NAME and STUDENT.ID value accessed by the application login value.
Enrollment Confirmation Page
The following tables were used to develop the output for this report. These other supporting tables came from another Stack Overflow post with oddly similar structures and requirements. Could this schema be part of a class assignment?
Schema DDL Source Code
STUDENT_ENROLLMENT: This table contains the association of multiple id values that connect a STUDENT record to a CLASS record.
CREATE TABLE "STUDENT_ENROLLMENT"
( "CONFIRMATION_ID" NUMBER(10,0) NOT NULL ENABLE,
"STUDENT_ID" NUMBER(10,0) NOT NULL ENABLE,
"CLASS_ID" NUMBER(10,0) NOT NULL ENABLE,
"ENROLL_DATE" DATE NOT NULL ENABLE,
"SEMESTER_ID" NUMBER(10,0) NOT NULL ENABLE,
CONSTRAINT "STUDENT_ENROLLMENT_PK" PRIMARY KEY ("CONFIRMATION_ID") ENABLE
)
/
ALTER TABLE "STUDENT_ENROLLMENT" ADD CONSTRAINT "STUDENT_ENROLLMENT_FK"
FOREIGN KEY ("STUDENT_ID")
REFERENCES "STUDENT" ("ID") ENABLE
/
ALTER TABLE "STUDENT_ENROLLMENT" ADD CONSTRAINT "STUDENT_ENROLLMENT_FK2"
FOREIGN KEY ("CLASS_ID")
REFERENCES "CLASS" ("ID") ENABLE
/
ALTER TABLE "STUDENT_ENROLLMENT" ADD CONSTRAINT "STUDENT_ENROLLMENT_FK3"
FOREIGN KEY ("SEMESTER_ID")
REFERENCES "SEMESTER" ("ID") ENABLE
/
SEMESTER_SUBJECT: This table connects a given class season-year and the subjects that are offered
CREATE TABLE "SEMESTER_SUBJECT"
( "ID" NUMBER NOT NULL ENABLE,
"SEMESTER_ID" NUMBER NOT NULL ENABLE,
"SUBJECT_ID" NUMBER NOT NULL ENABLE,
PRIMARY KEY ("ID") ENABLE,
CONSTRAINT "SEM_SUB_UQ" UNIQUE ("SEMESTER_ID", "SUBJECT_ID") ENABLE
)
/
ALTER TABLE "SEMESTER_SUBJECT" ADD FOREIGN KEY ("SEMESTER_ID")
REFERENCES "SEMESTER" ("ID") ENABLE
/
ALTER TABLE "SEMESTER_SUBJECT" ADD FOREIGN KEY ("SUBJECT_ID")
REFERENCES "SUBJECT" ("ID") ENABLE
/
CLASS: This table contains information about what class (organized by subject) is offered for each semester-year period.
CREATE TABLE "CLASS"
( "ID" NUMBER NOT NULL ENABLE,
"NAME" VARCHAR2(40) NOT NULL ENABLE,
"SEMESTER_SUBJECT_ID" NUMBER NOT NULL ENABLE,
PRIMARY KEY ("ID") ENABLE
)
/
ALTER TABLE "CLASS" ADD FOREIGN KEY ("SEMESTER_SUBJECT_ID")
REFERENCES "SEMESTER_SUBJECT" ("ID") ENABLE
/
SEMESTER: This is a small dimensional field. The combination name of academic season and year resolve to a unique id value. To assist with the potential use of these values in List of Value queries, a SORT_ID value is included since the correct ordering of these values is not alpha-numeric.
CREATE TABLE "SEMESTER"
( "ID" NUMBER NOT NULL ENABLE,
"SORT_ID" NUMBER,
"NAME" VARCHAR2(20) NOT NULL ENABLE,
PRIMARY KEY ("ID") ENABLE
)
/
Example Output for User Customized Enrollment Reports
This is the output demo for user/student RICHARD
This is the output demo for user/student KAPLAN
The SQL Query Used to Define the Enrollment Report
select STUDENT.NAME as "STUDENT NAME",
STUDENT_ENROLLMENT.CONFIRMATION_ID as "CONF ID",
SEMESTER.NAME as "SEMESTER YEAR",
SUBJECT.SUBJECT_NAME as SUBJECT,
CLASS.NAME as "CLASS NAME",
STUDENT_ENROLLMENT.ENROLL_DATE as "ENROLL DATE"
from SUBJECT SUBJECT,
CLASS CLASS,
SEMESTER_SUBJECT SEMESTER_SUBJECT,
SEMESTER SEMESTER,
STUDENT STUDENT,
STUDENT_ENROLLMENT STUDENT_ENROLLMENT
where SEMESTER_SUBJECT.SEMESTER_ID = SEMESTER.ID
and SEMESTER_SUBJECT.SUBJECT_ID = SUBJECT.ID
and SEMESTER_SUBJECT.ID = CLASS.SEMESTER_SUBJECT_ID
and STUDENT_ENROLLMENT.SEMESTER_ID = SEMESTER_SUBJECT.SEMESTER_ID
and STUDENT_ENROLLMENT.CLASS_ID = CLASS.ID
and STUDENT_ENROLLMENT.STUDENT_ID = STUDENT.ID
and STUDENT_ENROLLMENT.STUDENT_ID = :P2_SID
NOTE: the "Student ID" parameter, P2_SID is populated by the redirect command associated with the navigation button on P12 (the demo start page). P2_SID is also a hidden, protected page item.
Connecting the Start Page to the Enrollment Report
Use a navigation link, preferably a BUTTON type (but it doesn't matter).
Choose the action of: "REDIRECT" to the page in the application for the enrollment report.
Set the TARGET page item for STUDENT_ID to the value set for the item STUDENT_ID derived in the START page. Remember, session attribute APP_USER and page item STUDENT_ID are not the same, but their relation is defined by how the application authentication scheme is set up and also the structure of the STUDENT information table.
Closing Comments
It isn't clear what has already been attempted to customize the user experience based on non-user-selectable values. Still, speaking of this solution in a general sense is a useful guide in APEX design and functionality.
If queries and their presentation through report pages are involved, the developer can take a session property, such as a "user name" and apply it into a report SQL query definition, either directly or through the use of "page items".
If there is a need to use these parameters elsewhere within the application, navigation elements such as "region buttons" have the ability to transfer derived parameters from one page to the next.
Related
Im working on an angular project, and just created a static tasks tab using angular cdk's drag and drop module, i have two lists, one for pending tasks, and one for completed tasks.
My tasks table:
CREATE TABLE IF NOT EXISTS public.tasks
(
id integer NOT NULL DEFAULT nextval('tasks_id_seq'::regclass),
name text COLLATE pg_catalog."default" NOT NULL,
"isComplete" boolean NOT NULL DEFAULT false,
description text COLLATE pg_catalog."default" DEFAULT 'No Description'::text,
CONSTRAINT tasks_pkey PRIMARY KEY (id)
)
The way im trying to do this is by a button that takes the drag & drop component data (json format), then a handler that deletes all records in that table, and then sends it through a post request to the rest api.
The question is : How do i go about making an sql request that takes json input and posts it to the table in seperate records?
Check json_to_record(json) function:
https://www.postgresql.org/docs/current/functions-json.html
I would like to design a database where the city name MUST exist in all the available locales (languages). I currently serve these locales:
en, fr, it and es.
My initial thought is to save the name inside the cities table but instead of having one name field, I'd have name-en, name-fr, name-es and name-it.
Thus, the city of London would be saved like this inside the cities table:
My second thought is that it'd be more production-appropriate to have a table of all served locales so that once we add a new locale it'd appear on the website automatically as an extra option. Thus, I made this ERD:
Which means that the many-to-many between City and Locale would generate the following table:
So far so good, but I'm not sure how to FORCE that once a new city is added it MUST has it's name available in all locales. Or is that only possible using backend code?
Note:
This is a hiring assignment, so I don't have specific business rules just to think of a smart and scalable solution.
Thanks.
In your first solution, you can use a check constraint:
alter table t add constraint check_all_names
check (name_en is not null and name_fr is not null and name_es is not null and name_it is not null);
The second is basically not possible with a well-designed data model in SQL. Why?
To insert into city_locales you need a valid city_id.
By definition, you cannot have a valid city_id until you have all locales.
Further, constraints generally need to be true as rows are inserted. You cannot insert one row into city_locales and have the constraint be true (assuming you have more than one locale).
One way around this would be to have a flag on the cities table that specifies if all locales are created. You can update the number of locales using a trigger. Or, you can use a view and calculate the flag on the fly.
For example, I want to specify that an 'Email' column must contain an # symbol in order to be valid. Is it possible to do this?
You do this using a check constraint:
alter table t add constraint chk_t_email check (email like '%#%' and email is not null);
Of course, this is just an illustration. An email has many other rules as well. However, more comprehensive validation could be asked in another question.
I want to create a database for ecommerce web application using mongoDB
I am not able to get the idea how to set primary key for it as for every entry it automatically create id which is unique so I can use it as primary key
In mongoDB terminal
db.department.findOne({dep_name :"clothing"})
{ "_id" : ObjectId("5277d82f658d9f107b7ae64e"), "dep_name" : "clothing" }
For the department clothing the dep_id is ObjectId("5277d82f658d9f107b7ae64e")
and while creating category of men,women,kids the dep_id will remain same and at the same time other object id will get created which act as cat_id(unique for men,women,kids).
I am not getting idea how to get dep_id where dep_name is clothing and insert the dep_id for the new collection which will have fields ObjectId(automatically created),dep_id,cat_name.
Apart from it if this seems not to be good idea for creating database for ecommerce web application then suggest what will be the best
If I understand your question correctly you are asking how, for
example, to insert a document in a "category" collection that contains
a "dep_id" field containing the _id of a department such as
"clothing"?
Here is an example of how you would do that using the mongo shell:
clothing = db.department.findOne({dep_name: "clothing"})
db.category.insert({dep_id: clothing._id, cat_name: "women"})
Does this answer your question?
Bruce
I run a forum which I built myself. Ok so all users have the opportunity to delete themselves.
But all their threads and posts will remain. But right now where it should say their username it's just blank.
How should I handle this?
Should I make a new user and call it e.g. "deleted user" and assign all threads/posts to that ID when they delete themselves?
Or should I just check if the user ID exist if not print e.g. "deleted user" as username?
What's the smartest way? Any other ways tell me.
Thanks!
p.s (i'm not a native english speaker, looked up some fancy words on a online dictionary)
I would suggest not actually deleting the user. You could simply add a column to the users table such as:
ALTER TABLE users ADD COLUMN (is_active TINYINT(1) NOT NULL DEFAULT 1);
Then when you "delete" a user, simply mark them as inactive:
UPDATE users SET is_active = 0 WHERE users.id = 7;
For user listings, and account access you would check the is_active status. For displaying of data such as posts and what not, you'd not care about their active status, youd just grab the name from the table.