Lecture 17: Using SQL from Java

8 March 2010

Back to regular lectures after last week’s guest speakers.

The next set of lectures are about ways to integrate access to domain-specific languages into general-purpose programming languages. This issue of cross-language integration arises in a variety of settings, and often the power and features of a language become diluted or lost when upon mixing with another.

As a running example we’ll use database access through SQL, as driven from a general-purpose language like Java.

This lecture covered some of the context for cross-language working, notably the security risks of HTML/Javascript/SQL injection, both malicious and inadvertent. Various examples: SQL for SkyServer; Google Buzz XSS vulnerability.

Basic SQL access from Java, via JDBC/ODBC. Structured SQL treated as flat strings; some additional structure through prepared strings.

Link: Slides.


Have a look at these two tutorials on database access in Java and C#.

You don’t need to work through every detail, but the key is to see how these languages provide control of SQL.

Twitter have a Scala library called Querulous for connecting to databases:

Look at the basic usage examples to see what Scala language features they use to simplify construction of correct SQL.