Learning Journal 4 | Linux

Home Recent Questions Learning Journal 4 | Linux


Order Now mail

Q1: In groups of up to 3, develop an ER diagram for Assignment 2. The ER diagram summarises your database design and provides a foundation for your implementation, hence it is important to get it right. You will have the opportunity to get some quick feedback from the tutor in Week 12’s lab.

Q2: Consider an SQL statement:

SELECT id, firstname, department

FROM employees

WHERE firstname=’david’ AND id=939

a. What is this statement trying to search from the database?

b. Assume that the firstname and id fields are being gathered from user-supplied input, and suppose the user respond with:

firstname: david’; drop table employees --


What will be the effect?

c. Now suppose the user responds with:

firstname: ’ or 1=1 --

id: 939

What will be the effect?

Q3: Consider the parts department of a plumbing contractor. The department maintains an inventory database that includes parts information (part number, description, color, size, number in stock, etc.) and information on vendors from whom parts are obtained (name, address, pending purchase orders, closed purchase orders, etc.). In an RBAC system, suppose that roles are defined for an accounts payable clerk, an installation foreman, and a receiving clerk. For each role, indicate which items should be accessible for read-only and read-write access.

Similar Posts