Wednesday, April 23, 2008

MySQL and stored procedures

Takeaway: Some people resisted using MySQL because it had no support for stored procedures. But starting with MySQL 5.0, that changed--now you can do stored procedures in this popular open source database.


MySQL is "The World's Most Popular Open Source Database," at least according to the MySQL Web site. But in spite of this popularity many corporations are resistant to adopting MySQL. There are several reasons for this, from the misguided belief that open source is the software equivalent of a child's wood shop project to the belief that nothing free is ever good. There was, however, one valid complaint against MySQL—unlike its shrink-wrapped counterparts, such as Oracle or DB2, MySQL doesn't support stored procedures.

Make that past tense—the latest developer release, MySQL 5.0, does support stored procedures. If you're not familiar with stored procedures, they are collections of SQL commands and program logic stored on the database server. These stored procedures can then be invoked by application programs thus eliminating the need for programmers with varying degrees of skill to create their own SQL.

Advantages
Stored procedures allow most database access logic to be separated from the application logic. One of the indirect benefits of using stored procedures is that application code becomes smaller and easier to understand. Another advantage of stored procedures is that the SQL can be "pre-compiled" increasing the speed of the application. Because stored procedures contain program logic, more processing can take place on the database server, which can reduce the amount of bandwidth consumed sending data back to the application. Also, when implementing an n-tier application, stored procedures are used to separate the data layer from the server layer.

Security can be another advantage of stored procedures. Applications can be granted execute privileges to the stored procedures, while being unable to access the tables directly. Unfortunately, at this time, MySQL doesn't support "GRANT EXECUTE". That means unless the application has the authority to access a table, then calling a stored procedure that accesses the same table won't work either. It's a good bet that this feature is pretty high up on the "to do" list for a future release.

Standards
Unlike either of the shrink-wrapped Oracle or Microsoft relational databases, which do not follow the current SQL:2003 syntax for stored procedures, MySQL and IBM's DB2 do conform to the syntax. Theoretically this means that, if the database structure is the same, stored procedures written for one will run on the other.

Supported SQL statements
Even though the paint isn't quite dry on MySQL's support of stored procedures, there's enough to get many tasks done, as Table A shows. In addition, the MySQL stored procedure documentation indicates that there may be future compatibility for Oracle's PL/SQL and SQL Server's T-SQL. My general impression of stored procedure support is that it is proceeding slowly in order to avoid any missteps that often plague large software development projects.
Table A
Statement Description
CREATE PROCEDURE Creates a stored procedure, which is stored in the proc table in the MySQL database.
CREATE FUNCTION Creates a user-defined function, essentially a stored procedure that returns data.
ALTER PROCEDURE Alters a previously defined stored procedure that was created using the CREATE PROCEDURE statement.
It does not affect related stored procedures or stored functions.
ALTER FUNCTION Alters a previously defined stored function that was created using the CREATE FUNCTION statement. It does not affect related stored procedures or stored functions.
DROP PROCEDURE Removes one or more stored procedures from MySQL's proc table.
DROP FUNCTION Removes one or more stored functions from MySQL's proc table.
SHOW CREATE PROCEDURE Returns the text of a previously defined stored procedure that was created using the CREATE PROCEDURE statement. This statement is a MySQL extension to the SQL:2003 specification.
SHOW CREATE FUNCTION Returns the text of a previously defined stored function that was created using the CREATE FUNCTION statement. This statement is a MySQL extension to the SQL:2003 specification.
SHOW PROCEDURE STATUS Returns the characteristics of a previously defined stored procedure; including name, type, creator, creation date, and modification date. This statement is a MySQL extension to the SQL:2003 specification.
SHOW FUNCTION STATUS Returns the characteristics of a previously defined stored function; including name, type, creator, creation date, and modification date. This statement is a MySQL extension to the SQL:2003 specification.
CALL Invokes a previously defined stored procedure that was created using the CREATE PROCEDURE statement.
BEGIN ... END Contains a group of multiple statements for execution.
DECLARE Used to define local variables, conditions, handlers, and cursors.
SET Used to alter the values of both local variables and global server variables.
SELECT ... INTO Used to store the indicated columns directly into variables.
OPEN Used to open a cursor.
FETCH Retrieves the next row using the specified cursor and advances the cursor one row.
CLOSE Used to close and open cursor.
IF An if-then-else-end if condition statement.
CASE ... WHEN A case statement conditional construct.
LOOP A simple looping structure; exiting is performed using the LEAVE statement.
LEAVE Used to exit IF, CASE, LOOP, REPEAT and WHILE statements.
ITERATE Used within loops to restart at the beginning of the loop.
REPEAT A loop with the conditional test at the end.
WHILE A loop with the conditional test at the beginning.
RETURNS Returns a value from a stored function.
Stored procedure statements supported in MySQL 5.0

It is important to remember that support of stored procedures in the current incarnation of MySQL isn't as mature as Oracle, SQL Server or DB2. Also remember that it's more important to have a small number of features that work well rather than a ton of features that are, for lack of a better word, flaky. I know that it's an odd concept, but maybe the folks in the open source community have struck upon an idea that was somehow missed by the rest of the world.

Sunday, April 13, 2008

Java 推荐读物与源代码阅读

         

1. Java语言基础
谈 到Java语言基础学习的书籍,大家肯定会推荐Bruce Eckel的《Thinking in Java》。它是一本写的相当深刻的技术书籍, Java语言基础部分基本没有其它任何一本书可以超越它。该书的作者Bruce Eckel在网络上被称为天才的投机者,作者的 《Thinking in C++》在1995年曾获SoftwareDevelopment Jolt Award最佳书籍大奖, 《Thinking in Java》被评为1999年Java World"最爱读者欢迎图书",并且赢得了编辑首选图书奖。作者从1986年至今,已 经发表了超过150篇计算机技术文章,出版了6本书(其中4本是关于C++的),并且在全世界做了数百次演讲。他是 《Thinking in Java》、《Thinking in C++》、《C++ Inside & Out》《Using C++》和 《Thinking in Patterns》的作者,同时还是《Black Belt C++》文集的编辑。他的书被读者称为"最好的Java参考 书……绝对让人震惊";"购买Java参考书最明智的选择";"我见过的最棒的编程指南"。作者的非凡才华,极其跨越语言的能力,使作者被选为Java发 展10年间与Java关系最密切的10个人物之一。
《Thinking in Java》讲述了Java语言的方方面面,很多Java语言的老手都评价"这是一本将Java语言讲得相当丑陋的书"。该书谈及了java语言的很多细节,每一个方面都是相当深刻的。通过本书你可以看到"丑陋的"java语言。
网 络上关于java语言讲解的视频很多很多,其中不凡有垃圾。《翁恺?JAVA语言》可能是你学习java语言基础的唯一选择,该讲座基本按照 《Thinking in Java》这本书讲解,其中不凡有翁老师的很多有意思的笑话。我很幸运学习就是从此视频开始的。内容包括30讲,我总共看了3 遍。
不过,对于初学者我不太推荐使用《Thinking in Java》,我比较推荐Prentice Hall PTR 的  《Core Java 2》国内称为《Java 2 核心技术》,目前是第七版。网络上大家都可以下载到电子版。Oreilly的 《Java in a nutshell》也是一个不错的选择。读完以上两本后,你可以看看翁恺老师的视频,接着可以研究 《Thinking in Java》了。
2. Java数据结构
市面上关于Java数据结构的书本身就很少很少。大致有APress  的《Java Collections》,Jones 和Bartlett 的《Data Structures in Java》、《Object- oriented Data Structures Using Java》以及Prentice Hall 出版的 《Data Structures and Algorithms in Java》 (Dec 19, 2005)还有一本就是 《Data Structures And Algorithms With Object-oriented Design Patterns In Java》。 很幸运我的第一本英文书就是APress 的《Java Collections》(本书在国内可能根本就没有中文版��只能下载英文版了),很不错,讲 得很有条例、很简单,是一本完完全全Java Collections API介绍的书籍,其中不凡有扩展API的例子。这是我推荐你学习java数据结 构的唯一一本好书。其它的Jones 和Bartlett的那两本国内好像有一本中文版,想看你也可以看看。
在学习完API后,你可以看看 java.util包中对应的类了。不过只有在学习过设计模式后你才有可能完全理解整个Java Collections Framework。 Java Collections Framework使用了很多著名的设计模式如:迭代器(Iterator)模式,工厂方法模式、装饰器模式、适配器 模式等等。通过研究java.util包中数据结构的源代码,你可以知道臭名昭著的Properties类的设计了,同时可能基本具备设计简单
2
的数据结构的能力了。
所谓学习无止境,学习完Sun提供了Java Collections Framework后,你可以研究Apche的另一个Java Collections Framework,很有意思哦。互为补充的两个Framework。
在大家学习、研究Java Collections之前,我提示一下Java Collections主要包括以下三部分:接口(Interface)、实现(Implemention)和算法(Algorithm)。
1. 接口主要有List、Set、Queue和 Map。List 、Se t和Queue是 Collection接口的子接口。
2.  实现主要是实现这些接口的具体类。如实现List接口的ArrayList、LinkedList、Stack和Vector;实现Set接口的 HashSet、TreeSet 和LinkedHashSet;实现Queue接口的PriorityQueue、SynchronousQueue等 等;实现Map接口的HashMap、TreeMap、Hashtable、Properties、WeakHashMap等等。
3. 算法主要是由Arrays类和Collections类提供的,它是整个Java Collection Framework算法的核心。支持各种类型的排序,查找等常用操作。
Java Collections中包含两个版本的数据结构,主要是原先的支持同步的数据结构和后来不支持同步的数据结构。
Java Collection Framework在使用Comparator和Comparable接口支持排序。同时提供新旧两个版本的迭代器Iterator和Enumeraton,以及它们如何转换等等。
在java.util包中的Obserable接口和Observer类是考察者模式的核心。
……
3. Java IO
市 面上关于IO的书籍也仅仅只有Oreilly出版社的两本,都是Elliotte Rusty Harold的著作。两本书的风格基本一致,推荐阅读是第 一版的《Jvava I/O》,讲得比较浅显,内容相对比较集中,实例也很多。第二版今年5月国外才出版,很有幸我在网络上下载了第二版,讲得极其详细 ��726页的大块头(我化了两个星期),这次将NIO和IO和在一起,还包括J2ME部分的,不过串口、并口通信部分好像类库支持不够,自己不能实际操 作。
与第一版的《Jvava I/O》一起的Oreilly还有一本《Jvava NIO》,也是很不错的哦。
大家在依次阅读完《Jvava I/O》以及《Jvava NIO》后,可以研究java.io包中的源代码了。在大家研究源代码前我给点提示:
Java的io包主要包括:
1. 两种流:字节流(byte Stream)和字符流(character stream),这两种流不存在所谓的谁代替谁、谁比谁高级之说,它们互为补充,只是侧重点不同而已。
2. 两种对称:1.字节流、字符流的对称;2.输入、输出的对称。
3. 一个桥梁:将字节流转变为字符流的InputStreamReader和OutputStreamWriter。
其中必须注意:
1. PipedInputStream和PipedOutputStrem是两个比较有趣的类。
2. 支持Buffered的流是我们经常使用的类。
3. 装饰器(Decorator)模式在java最著名的应用就是用于io的设计。仔细研究各个Filter流与具体流的关系,多看设计模式的书籍。相信你会有所所获。
4. 学习好io包,是研究net包,rmi包……的基础哦!
3
4 . Java数据库
数 据库的书籍太多太多了,也是太烂太烂了!这方面的书我基本都研究过,推荐的你就看看Apress的 《JDBC Recipes A Problem Solution Approach 》很不错,国外2005年底才出版,(国内好像没有中文版,不过 出了中文版也不一定值得看��国内经常将国外的书翻译得一塌糊涂、不堪入目)不过我们真的很幸运,网络上有电子版的。值得一看。推荐我看的第一本比较满意 的��Wiley出版的《Java Database Bible》,讲得很不错!
Sun公司自己的关于JDBC API介绍的那一本《JDBC API Tutorial andRefernece》也不错。我第二本JDBC的就是研究的这套API。
不过目前这些书都是一些相对比较浮浅的API应用的书籍。有机会我会给大家带来介绍JDBC API以及JDBC实现内部细节的书!我尽快努力,同时希望得到大家的支持!
顺便给学习JDBC的朋友一点提示:
JDBC的学习和使用主要是这套API,其使用过程也是极其简单,下面是使用JDBC的一般流程:
1. 加载某个数据库的驱动(Driver类),通常使用Class.forName("驱动的类名");
2. 连接数据库��
Connection con = DriverManager.getConnection(url,username,password);
3. 得到会话��Statement stmt = con.createStatement();
4. 执行操作��Result rs = stmt.executeQuery("SQL查询语句");
5. 处理结果��
while(rs.next()){
String col1 = rs.getString(1);
……
}
简单吧!整个JDBC中可以变化的一般是:
1. 可以由Connection对象创建Statement、PreparedStatement和CallableStatement创建三种类型的Statement。
2. 可以创建多种类型的ResultSet:支持单向移动和个自由移动;可更新的和不可更新的;支持不同等级的交易的…..
3. 数据输入的批处理。
4. 结果集中特殊类型(Blob、Clob、Arrary和Ref、Struct)列的操作。
5. 这些特殊类型的录入数据库。
6. javax.sql包中特殊结果集(CachedRowSet、JdbcRowSet、WebRowSet)的操作。
7. 其它的就是一个DataSource了,也很简单!一个J2EE中的被管理对象
简单吧!相信大家很快就会征服JDBC。
5. Java 网络编程
网络编程��一个神秘的、充满挑战的方向。不过在谈Java网络编程之前首先感谢Sun公司的开发人员,因为它们天才的设想,充满智慧的架构,使广大java程序员学习java网络编程变得异常简单。
Java 网络编程方面的书,我推荐O'Reilly的《Java Network Programming》,目前已经第三版了,以前的版本市面上肯定有!网络上 早有第三版的电子版,国外2004年出版,706页哦!讲得很全,比较深入,太深入的可能由于Sun有些东西没有完全公开,所以也就不好讲了,有兴趣的可 以下载看看!第二本还是O'Reilly 1998年出版的《Java distributed computing 》,基础部分写得比较详细,后面的 实例还是值得研究的。
4
在大家阅读这些书之前,给大家一点提示:
java网络编程其实相对比较简单,入门也很快很快。java网络编程主要包括两个部分:1.Socket;2.URL部分。不过第二部分也完全建立在第一部分的基础上。
1. Socket包括客户端的Socket和服务器端的ServerSocket。还有就是DatagramSocket和DatagramPacket,它对应于UDP通信协议。 总之,Socket部分是建立其它高级协议的基础。
2. URL 类是一个网络资源定位器,通常和具体的网络协议如HTTP,FTP,Telnet……相关。通过该类可以连接网络上的资源,通过其openStream可 以以io包中的流(InputStream)的形式读取网络资源;通过其OpenConnection方法,可以打开一个连接,在此连接上可以不仅可以完 成读的操作,还可以完成写的操作。
Java的网络编程大体包括以上两部分。网络编程和IO以及多线程部分非常密切,在学习此部分前大家一定对这两部分了解比较透彻。
学 习了以上部分你可以研究java.net包中的与此相关的源代码了!研究所有的源代码还为时尚早。在整个net包中包含: ContentHandlerFactory、URLStreamHandlerFactory、URLStreamHandler、 URLClassLoader等辅助类,它们构成了java.net网络编程的框架,通过研究其源代码,你不仅可以快速理解java.net包,还可以为 以后扩展该包打下基础,甚至可以将此思维方式运用到自己的项目中。
到此为止你对java.net包应该才了解60%,还有一部分你可以使用 JDecompiler之类的反编译软件打开你JDK安装目录下\jdkxxx\jre\lib目录中的rt.jar,用WinRAR之类的软件打开它的 sun.net包,反编译所有的文件,它是URL类工作的细节。当研究完该sun.net包,你就会对整个网络编程很熟悉很熟悉了。
一切看起来我 们已经对网络编程很精通了。其实不然,刚刚开始而已,要想深入,请继续吧!网络上很多优秀的网络编程库甚至软件可以为我们"添加功力"。如Apache的 HttpCore和HTTPConnection 是两个和HTTP协议相关库;JGroups是研究分布式通信、群组通信的必读库;接着我们可以研究 P2P的软件包,如Sun公司的JXTA,它可能是java平台点对点通信未来的标准哦!接着你可以研究成熟得不得了,使用极其广泛得P2P软件 Azureus!www.sourceforge.net可以下载到!
千里之行始于足下!Just do it !(目前我也只研究了net包, 其它的会在不久的将来继续深入。Sun公司因为某些原因没有公开net的其它实现细节,在其允许将其源代码以文字的形式加以研究,以及允许将其没有公开的 实现写入书中时,我很希望能出一本java网络编程的书籍,以飧广大读者!!)
6. Servlet和JSP
Servlet、JSP的书 也是满地都是!值得推荐的也仅仅两三本。实推Addison Wiley的《Servlets and JavaServer pages : The J2EE Technology Web Tier》,又是一本很厚的哦!国外2003年出版、784页,讲得比较全,例子也很多,特别是第八章 Filter,举了几个不错的例子。其它所有我看到的关于Servlet和JSP的书都没有如此深入的!(可能有我没有看到而已)。O'reilly的 《Java Servlet Programming》和《Java Server Pages》相对比较好懂一些,可以读读!
在大家学习Servlet和Jsp之前我还是要提醒一下:
本质上说Servlet就是一个实现Servlet接口的、部署于服务器端的服务器端的程序罢了!它可以象写其它任何java应用程序一样编写,它可以操作数据库、可以操作本地文件、可以连接本地EJB……编写Servlet程序的一般流程为:
1. 继承一个HttpServlet类;
2. 覆盖其doGet、doPost方法;
3. 在覆盖方法的内部操作方法参数HttpServletRequest和HttpServletResponse。
4.  读取请求利用HttpServletRequest。利用HttpServletRequest你可以操作Http协议的协议头、可以得到请求的操作方 法、可以得到请求的路径、可以得到请求的字符串、以及和请求客户相关的信息,更主要的你可以得到Cookie和HttpSession这两个对象。
5. 利用Cookie你可以操作"甜心"对象或者将其写入HttpServletResponse中。
5
6. 向客户输出信息可以使用HttpServletResponse。使用HttpServletResponse可以写入各种类型的协议头、可以增加Cookie、可以重定向其它URL、可以向客户发送Http协议的状态码。
7. 利用HttpSession在会话内完成你想实现的任何功能。
同时Servlet还提供了一些事件和事件监听器(简单的观察者模式而已)。还有就是过滤器(Filter)和包装器(ServletRequestWrapper、ServletResponseWrapper)��简单的流的使用和装饰器模式的使用。
学习Sevlet、JSP必然要部署到服务器中,记住通常文件部署的步骤和参数的设置以及在程序中如何使用就可以了。
完全理解Servlet后,学习jsp相对比较容易了!Jsp完全建立在Servlet的基础上,它是为了迎合那些喜欢在Html文档中嵌入脚本(如:PHP之类的网页编程语言)的程序员的需要罢了!学起来也相当的容易!
一 切看起来似乎那么的风平浪静,简单好学!简单的表象背后有其复杂的机理。要想对Servlet和Jsp彻底研究,你得研究Tomcat等开源软件的具体实 现。它无非就是一个服务器,在客户利用网页通过HTTP协议向服务器发送请求后,服务器将此HTTP请求转化为相应的 HttpServletRequest对象,调用你编写的Servlet罢了,在你的Servlet中你肯定操作了此 HttpServletRequest了吧,同时操作了HttpServletResponse了吧,服务器就将此 HttpServletResponse按照HTTP协议的要求利用HTTP协议发送给你的浏览器了!在服务器端的Jsp网页在被客户请求后, Tomcat会利用编译软件,使用javax.servlet.jsp包中的模板,编译此jsp文件,编译后就是一个Servlet!以后的操作和 Servlet完全一样哦!
在Servlet和Jsp的基础上出现了,所谓的高级技术:JSTL,Struts……无非就是一些标签和MVC模式的使用。
继续前进吧!胜利就在前方!!
7. 多线程
一个看起来很神秘,却很容易上手、很难精通的方向!
我 推荐两本我感觉很好的书籍。首先是我第一本能上手看的这方面的书,Sams 1998年出版的《Java Thread Programming》,写得 暴好,很容易读懂,我有空还时常看当时的笔记!要知道怎么好你自己看吧!第二本OReilly三次出版的《Java Threads》,最新是2004 版,国内好像有中文版,推荐你还是看英文版的吧!书中谈到了与多线程相关的N个方向,如IO、Swing、Collection等等。
给大家一点 提示吧!java类库中与多线程相关的类不是很多,主要有:Thread、ThreadGroup以及ThreadLocal和 InheritableThreadLocal四个类和一个Runnable接口;关键字synchronize、volatile ;以及Object 对象的wait、notify、notifyAll方法!
1 Thread是多线程的核心类,提供了一系列创建和操作多线程的方法。
2 ThreadGroup是一个管理Thread的工具类。
3 ThreadLocal和InheritableThreadLocal为Thread提供了一个类似保险箱功能的存储线程对象的类!
4 Runnable不用说了吧!
5 synchronize 是同步方法和同步块的核心哦!多个线程调用此方法时,只有一个线程可以使用此方法,其它方法阻塞,从而保证被操作对象内部状态完整性。某个线程调用带有 synchronize的方法或块时会得到该对象的对象锁,完成块中的操作后释放此对象锁,从而其它对象可以继续操作。
6 wait、notify、notifyAll提供了有效的等待/通知机制。Java语言中每一个对象都有一个休息室,任何线程在其操作的对象的状态不满足的情况下,在该对象的休息室中
6
休息,释放对象锁;当其它线程操作该对象后,唤醒休息室中的线程,它们再检查条件,当条件满足后,执行相应的操作。
多 线程大致就这么多基础的!简单吗!这对于一个真正的程序员应该是不够的,真正对多线程要有所掌握,请您研究java.util.concurrent包 吧!大师Doug Lea的作品,原先是一个开源的一致性编程的库,后来被Sun公司并入java类库。作者的网站上也有另外一个版本的该类库!值得研究 的好东西!Hibernation、OpenJMS等开源软件都使用了此包!
8. 设计模式
谈到设计模式很多人多会推荐GOF的那本,该书在Amzon上是五星级的推荐书籍。不过对于学习java没多久的、特别是java初学者,我很不推荐这本书。主要是该书的例子基本都是C++的,很多细节没有讲述得足够清楚。
我给大家推荐的第一本是阎宏博士的《Java 与模式》,它是第一本中国人自己写的关于设计模式的书籍,写的比较有趣,融合了很多中华民族的文化和观念,例子、类图都比较多,且相对简单!非常不错的入门书籍��又是大块头哦!
其次我推荐Wiley出版社出版的《Pattern In Java》一套三本,我才看了第一本,好像第二本不怎么样,第三本还不错!
第三本是中文翻译版的关于多线程模式的(很难得的中文翻译版)中国铁道出版社2003年出版的《Java多线程设计模式》,将多线程模式讲得非常浅显,配有大量的图例,每章都有习题,最后有答案!我研究多线程模式就是由它开始的!
第四本,今年出版的Head First系列的《Head First Design Pattern》,秉承Head First系列图书的优点,大量的类图、丰富的实例、有趣的注解,值得购买!
其 次在J2EE方向你可以研究阅读Addison Wesley 2002年出版的 《Patterns of Enterprise Application Architecture》,众多大腕的作品,讲企业消息集成的!Sun提供 的《J2EE PATTERNS SL500》也很好!晚了推荐那一本Amzon 4星半的《Holub on patterns》,大师的作品,提供 了,很值得研究的例子,不过对上面四本不是很熟悉的读者,最好不要读它!可能会让你比较累!
我学习设计模式经过一段很曲折的路线,前前后后大约看 了20本,阎宏博士的《Java 与模式》我看了4遍,还排除我第一次基本没看懂的看!记得研一时老师给我们讲了GOF的那本,作为选修课,我和它们计算 机系的硕士、博士们一起,到最后一个班40-50个人,不超过3个人明白,我也没有明白任何一点(基础差吧��主要我对C++语言一点都不了解),凭我不 伏输的性格,我认为我对java语言理解还可以,我就借了《Java 与模式》,结果还是基本没看懂。很有幸的是读研三时,听过了上交大饶若楠老师关于 Java OOP语言的讲座,我懂了组合书籍模式等三种设计模式后,对其它模式有了强烈的兴趣和要征服它的愿望!工作后我买的第一本就是《Java 与模 式》,第一遍花了2个月研究了这个1000多页的大块头,后来第三遍15天左右就可以搞定,笔记记了一大本!从此一发不可收拾。
选对书、埋头研究。相信很快就会入门的!
学 习Java语言8个简单的部分,这只是我们研究Java语言的开始!这些都懂了充其量一个java程序员而已,后面的路很长很长!我们可以继续研究数据库 实现的源代码、Servlet服务器的源代码、RMI、EJB、JNDI、面向方面编程、重构、ANT工具、Eclipse工具、Spring工具、 JBoss、JOnAS、Apache Geronimo等J2EE服务器!研究了这些你可能会成为一个出色的J2EE Architecture!你可 以继续研究剖析器、编译器、JNODE(java写的操作系统)……
感谢大家有此耐心,听我罗罗嗦嗦大半天!感谢大家的阅读,感谢群里的朋友!这篇文章主要应群
7
里朋友的呼声��不知道如何选书、不知道从何看起!大半天的功夫完成赶此文章,字句上难免有失误,同时由于能力有限不凡有错误!请阅读后批评指正!
上面基本是我研究java语言的顺序,以上书籍都是我阅读过的,不存在替任何出版社宣传的成分!有的方法可能不适合你,假如你能收获一点,两点甚至更多,请你不要吝啬推荐给你的朋友��共同学习!
感谢大家的阅读;感谢互联网的设计者;感谢java的设计师;感谢www.open-open.comwww.sourceforge.net网站!

Thursday, April 10, 2008

Code conversion in PHP

    In html, some special character will be encode to
        character                html
         space                    
         "                       "
         &                       &
         <                       &lt;
         >                       &gt;
        
    In html query string, the special character has to be encode to the pattern like %<ASCII>, for instance:
       character                query string
         space                    %20
          &                       %28
          '                       %29
    In PHP, those character has to be escaped by slash(/)
   
    PHP provides a serial methods to convert those.
   
    html_entity_decode()          Converts HTML entities to characters      4
    htmlentities()                 Converts characters to HTML entities     3
    htmlspecialchars_decode()     Converts some predefined HTML entities to characters     5
    htmlspecialchars()             Converts some predefined characters to HTML entities     3

Tuesday, April 8, 2008

Installing MySQL on Solaris 10

"Configuring MySQL to Use With Service Management Facility (SMF)", by William Pool (Puddle), October 2005.  From http://www.sun.com/bigadmin/content/submitted/mysql_smf_tip.html

The Solaris 10 OS uses the Service Management Facility (SMF) to handle services.  Traditional means like /etc/rc?.d scripts still work, but as a legacy means.  To take advantage of the SMF in the Solaris 10 OS using MySQL, follow these steps.  (Note: Read the scripts and "change" the path of MySQL or MySQL's data-directory accordingly!)

If you haven't initialized the MySQL database, do that first:

/opt/sfw/bin/mysql_install_db

This will install the database into /var/mysql to override that use:

/opt/sfw/bin/mysql_install_db -ldata=/opt/sfw/var/mysql

Note: If you change the location, change the information below!

First create a mysql group:

/usr/sbin/groupadd mysql

Then create the mysql user:

/usr/sbin/useradd -s /bin/false -g mysql \
   -d /var/mysql -c "MySQL User" mysql

Create a service manifest file that contains the following:

cat > /var/svc/manifest/network/mysql.xml <<'EOF'

<?xml version='1.0'?>
 <!DOCTYPE service_bundle SYSTEM
 '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<!--  William Pool (Puddle) 02/05
      Service manifest for MySQL
      E-mail: puddle@flipmotion.com
 -->

<service_bundle type='manifest' name='mysql:mysql'>

 <service
  name='network/mysql'
  type='service'
  version='1'>
 <create_default_instance enabled='false' />
  <single_instance />

  <dependency name='fs'

   grouping='require_all'

   restart_on='none'

   type='service'>

  <service_fmri value='svc:/system/filesystem/local' />

   </dependency>

  <dependency name='net'

   grouping='require_all'

   restart_on='none'

   type='service'>

  <service_fmri value='svc:/network/loopback' />

 </dependency>

 <exec_method

  type='method'

  name='start'

  exec='/lib/svc/method/svc-mysql start'

  timeout_seconds='-1'>

 <method_context>

  <method_credential user='mysql' group='mysql' />

  </method_context>

 </exec_method>

 <exec_method

  type='method'

  name='stop'

  exec=':kill'

  timeout_seconds='-1'>

 </exec_method>

 <exec_method

  type='method'

  name='restart'

  exec='/lib/svc/method/svc-mysql restart'

  timeout_seconds='-1'>

 </exec_method>

 </service>

</service_bundle>

EOF

 

Now create your "Service Method File" in /lib/svc/method called svc-mysql:

#!/usr/bin/sh

#

#        William Pool (Puddle) 01/05

#        SMF Method file for MySQL

#        E-mail: puddle@flipmotion.com

#

# This uses Sun's default MySQL packages

# SUNWmysqlu SUNWmysqlr

# Modify accordingly!

#

# NOTE: Make sure DB_DIR is owned BY the mysql

# user and group and chmod 700.

#

. /lib/svc/share/smf_include.sh

DB_DIR=/var/mysql

PIDFILE=${DB_DIR}/`/usr/bin/uname -n`.pid

 

case "$1" in

 start)

  /usr/sfw/sbin/mysqld_safe --user=mysql \
  --datadir=${DB_DIR} --pid-file=${PIDFILE} \
  > /dev/null &

 ;;

 stop)

  if [ -f ${PIDFILE} ]; then

   /usr/bin/pkill mysqld_safe >/dev/null 2>&1

   /usr/bin/kill `cat ${PIDFILE}` > /dev/null 2>&1 \
    && echo -n ' mysqld'

   fi

 ;;

 'restart')

  stop

  while pgrep mysqld > /dev/null

  do

   sleep 1

  done

  start

 ;;

 *)

  echo ""

  echo "Usage: `basename $0` \
    { start | stop | restart }"

  echo ""

  exit 64

 ;;

esac

Now fix the permissions for the two files created:

chown root:bin /lib/svc/method/svc-mysql
chmod 555 /lib/svc/method/svc-mysql
chown root:sys /var/svc/manifest/network/mysql.xml
chmod 444 /var/svc/manifest/network/mysql.xml

Fix permissions on the MySQL data directory:

chown -R mysql:mysql /var/mysql
chmod -R 700 /var/mysql

Import the service into the service repository:

svccfg import /var/svc/manifest/network/mysql.xml

Enable the service:

svcadm -v enable mysql

 

How to Disable SELinux

you've setup a new system, or installed something new on your Linux system and its not working. You get the feeling that SELinux is the cause of the problem. This page was written to help.

Contents

      Overview
      Should you really disable SELinux?
      Temporarily switch off enforcement
      Permanently Permissive
      Fully Disabling SELinux
      Re-Enabling SELinux

Overview

SELinux has two major components on your system. There's the kernel mechanism which is enforcing a bunch of access rules which apply to processes and files. And secondly, there's file labels : every file on your system has extra labels attached to it which tie-in with those access rules. Run ls -Z and you'll see what I mean.

Should you really disable SELinux?

Be aware that by disabling SELinux you will be removing a security mechanism on your system. Think about this carefully, and if your system is on the Internet and accessed by the public, then think about it some more. Joshua Brindle (an SELinux developer) has comments on disabling SELinux here, which states clearly that applications should be fixed to work with SELinux, rather than disabling the OS security mechanism.
You need to decide if you want to disable SELinux temporarily to test the problem, or permanently switch it off. It may also be a better option to make changes to the policy to permit the operations that are being blocked - but this requires knowledge of writing policies and may be a steep learning curve for some people. For the operating system as a whole, there is two kinds of disabling:
  • Permissive - switch the SELinux kernel into a mode where every operation is allowed. Operations that would be denied are allowed and a message is logged identifying that it would be denied. The mechanism that defines labels for files which are being created/changed is still active.
  • Disabled - SELinux is completely switched off in the kernel. This allows all operations to be permitted, and also disables the process which decides what to label files & processes with.
Disabling SELinux could lead to problems if you want to re-enable it again later. When the system runs with file labelling disable it will create files with no label - which could cause problems if the system is booted into Enforcement mode. A full re-labelling of the file system will be necessary.

Temporarily switch off enforcement

You can switch the system into permissive mode with the following command:
echo 0 >/selinux/enforce
You'll need to be logged in as root, and in the sysadm_r role:
newrole -r sysadm_r
To switch back into enforcing mode:
echo 1 >/selinux/enforce
In Fedora Core and RedHat Enterprise Linux you can use the setenforce command with a 0 or 1 option to set permissive or enforcing mode, its just a slightly easier command than the above.

To check what mode the system is in,

cat /selinux/enforce
which will print a "0" or "1" for permissive or enforcing - probably printed at the beginning of the line of the command prompt.

Permanently Permissive

The above will switch off enforcement temporarily - until you reboot the system. If you want the system to always start in permissive mode, then here is how you do it.

In Fedora Core and RedHat Enterprise, edit /etc/selinux/config and you will see some lines like this:


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
... just change SELINUX=enforcing to SELINUX=permissive, and you're done. Reboot if you want to prove it.

For the other Linuxes which don't have the /etc/selinux/config file, you just need to edit the kernel boot line, usually in /boot/grub/grub.conf if you're using the GRUB boot loader. On the kernel line, add enforcing=0 at the end. For example,


title SE-Linux Test System
root (hd0,0)
kernel /boot/vmlinuz-2.4.20-selinux-2003040709 ro root=/dev/hda1 nousb enforcing=0
#initrd /boot/initrd-2.4.20-selinux-2003040709.img

Fully Disabling SELinux

Fully disabling SELinux goes one step further than just switching into permissive mode. Disabling will completely disable all SELinux functions including file and process labelling.

In Fedora Core and RedHat Enterprise, edit /etc/selinux/config and change the SELINUX line to SELINUX=disabled:


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
... and then reboot the system.

For the other Linuxes which don't have the /etc/selinux/config file, you just need to edit the kernel boot line, usually in /boot/grub/grub.conf, if you're using the GRUB boot loader. On the kernel line, add selinux=0 at the end. For example,


title SE-Linux Test System
root (hd0,0)
kernel /boot/vmlinuz-2.4.20-selinux-2003040709 ro root=/dev/hda1 nousb selinux=0
#initrd /boot/initrd-2.4.20-selinux-2003040709.img
You will have to reboot to disable SELinux, you just can't do it while the system is running.

Re-Enabling SELinux

If you've disabled SELinux as in the section above, and you want to enable it again then you've got a bit of work to do. The problem will be that files created or changed when SELinux was disabled won't have the correct file labels on them - if you just reboot in enforcing mode then a lot of stuff won't work properly.

What you need to do is to enable SELinux by editing /etc/selinux/config (for Fedora/RedHat) or by adding selinux=1 to the kernel boot line, then boot into permissive mode, then relabel everything, and then reboot into (or simply switch to) enforcing mode.

After booting into permissive mode, run fixfiles relabel

Alternatively, in Fedora and RedHat Enterprise Linux you can run touch /.autorelabel and reboot or put autorelabel on the boot command line - in both cases the file system gets a full relabel early in the boot process. Note that this can take quite some time for systems with a large number of files.

After relabelling the filesystem, you can switch to enforcing mode (see above) and your system should be fully enforcing again.

Web application can't executing sendmail on Fedora?

"SElinux is a lot tighter in the desktop install, and prevents httpd from exec'ing sendmail."

That is because web based e-mail is very un-secure.
If a badboy gets into your mail, then into the http sever, then into the files, then into the accounts, then into the root, BAM! Your dead.
SELinux has layers of protection and so does the Kernel.
RSVP only with MAC picture id.


"This isn't reported in the ... logs"

That is because SELinux never lets the app do anything. It checks before the app can assess a resource.

Gee it works.
Google+