11/1/12 Notes

IT 231 -- 11/1/12

Review Questions

What does a one-to-many relationship do for you?
Ans: Suppose that the primary model is Student and the secondary model is Award. The one-to-many relationship gives for each Student object @s, an array @s.awards that contains all the awards that @s obtained. For each Award object @a, the one-to-many relationship gives @a.student, which is the student to which the award belongs.
Suppose you have the one-to-many relationship with primary model Flight and secondary model Passenger.
1. If @p represents a passenger, give an expression that returns the flight number on which that passenger is booked.
2. If @f represents a flight, give an expression that returns the array of all passengers booked on that flight.
3. If @f represents a flight, give an expression that returns the number of passengers booked on that flight.
4. If @f represents a flight, write ERB for a view that lists the names of all the passengers on the flight in a paragraph. The names should be separated by commas.
5. If the photo of passenger @p has the filename @p.photo and the photo is stored in assets/images, write ERB code to display an HTML table of the passenger names and photos of all passengers on the flight @f.
Build Example 32.5 (PetSalon Example).

Searching and Sorting

Sometimes you want to display only some of the information in a database.

Try out the following ActiveRecord method calls in Example 26 (DisplayGradeData Example). Replace the controller line

@a = GradeRecord.all

a line similar to one of the following.

# Find all of the rows in the database. An array is returned.
@a = GradeRecord.find(:all)
@a = GradeRecord.all

# Find first student in database.  A GradeRecord object is returned.
@gr = GradeRecord.find(:first)
@gr = GradeRecord.first

# Find last student in database.  A GradeRecord object is returned.
@gr = GradeRecord.find(:last)
@gr = GradeRecord.last

Here are some various finds with conditions.

# Find all grade records with credit_hours >= 2.
@a = GradeRecord.find(:all, :conditions => 'credit_hours >= 2')

# Find the student with stud_id == 3423.
@a = GradeRecord.find(:all, :condition => 'stud_id = 3423')

# Shortcut for previous statement.
@a = GradeRecord.where(:stud_id => 3423)

# Previous statement using a dynamic finder.
@a = GradeRecord.find_all_by_stud_id(3423)
@gr = GradeRecord.find_by_stud_id(3423)

# Sort by grade.
@a = GradeRecord.find(:all, :order => 'grade')

# Sort by descending grade.
@a = GradeRecord.find(:all, :order => 'grade desc')

# Sort by grade, with secondary sort on student_id.
# Sorting by stud_id only matters when there is a tie for grade.
@a = GradeRecord.find(:all, :order => 'stud_id, grade')

You can include both :conditions and :order within the same find statement.
See Example 27 (FindGradeData Example).

Crptypographic Hash Functions

A hash function is a one-way encryption procedure that takes an arbitrary character string (called the plaintext message) and converts it to a fixed-size bit string called the hash value or digest.
The ideal hash function has these properties:
1. it is easy to compute the hash value for a message,
2. it is infeasible to find a message that has the given hash value,
3. it is infeasible to modify a message without changing its hash,
4. it is infeasible to find two different messages with the same hash.
Important: A cryptographic hash is completely different than a Ruby Hash object.
A Wikipedia article on cryptographic hash functions
Three popular algorithms for producing hashes are MD5, SHA1, and SHA2.

They can be carried out in Ruby as follows:

message = "the quick brown fox jumped over the lazy dog"

require 'digest/md5'
h1 = Digest::MD5.hexdigest message

require 'digest/sha1'
h2 = Digest::SHA1.hexdigest message

require 'digest/sha2'
h3 = Digest::SHA2.hexdigest message

Try this with IRB. Notice that the hashes h1, h2, and h3 are expressed in base 64.
Also notice that the change of a single character in the message completely changes the hash.
Modern password protection systems never store passwords directly in the database. They always store a cryptographic hash of the password instead. When a user enters a password p, the hash of p is compared with the hash of the password stored in the password table.
Cryptographic hashes can also be used for digital signatures.

Maintaining State

HTTP by itself is a stateless technology.
This means that neither the HTML page nor the controller can remember the values of variables during previous submissions of that same page.
Client-server systems, including Ruby on Rails, have three ways of maintaining state:
1. By passing parameters back to the controller (via params).
2. By storing it in the database.
3. By storing it in a session variable on the server.
The session variable stores data by key. It is available across all browser instances for a user. It is maintained until all browser instances are closed.
One problem with storing the session variable on the server is that modern databases for large corporations often use server farms of multiple servers. Storing the session variable on the server is problematic with multiple servers.
By default, Rails stores the session variable as a cookie on the client machine's harddrive.
The Rails programmer has the option of switching the session variable to the Rails database instead.
The following statement stores data in the session variable using the key :info:
To retrieve data from the session variable:
A session variable can be used to remember if the user is logged in. If the user is not logged in, redirect the page to the login page.
Do this tutorial: Implementing a Login Page for a Website.