144• purpose -- "admin", "email_summary", or "user"; thiscontrols delivery of unapproved content, inclusion of links toadministration options such as approval/disapproval, andthe <strong>for</strong>mat of the reportThe output of such a procedure can be simple: HTML <strong>for</strong> a Web pageor plain text <strong>for</strong> an email message. The output of such a procedurecan be a data structure. The output of such a procedure could be anXML document, to be rendered with an XSL style sheet. Theimportant thing is that pages interested in "new stuff" site-wide neednot be familiar with the data models of individual modules, only thename of the "new stuff" procedure corresponding to each module.This latter task is made easy on photo.net: as each module is loadedby the Web server it adds its "new stuff" procedure name to a sitewidelist. A page that wants to display site-wide new stuff loopsthrough this list, calling each named procedure in turn.7.6 Configuration ParametersIt is possible, although not very tasteful, to build a working <strong>Internet</strong>application with the following items hard-coded into each individualpage:• RDBMS username and password• email addresses of site administrators who wish notificationson events such as new user registration or new contentposting• the email address of a sysadmin to notify if the Web servercan't connect to the RDBMS or with other errors• IP addresses of users we don't like• legacy URLs and the new URLs to which requests <strong>for</strong> theold ones should be redirected• the name of the site• the names of the editors and publishers• the maximum attachment size that the site is willing toaccept (maybe you don't want a user uploading an 800 MBTIFF image as an attachment to a bboard posting)• whether or not to serve a link offering the source codebehind the pageThe ancient term <strong>for</strong> this approach to building software is "puttingmagic numbers in the code." With magic numbers in the code it istough to grab a few scripts from one service and apply them toanother application. With magic numbers in the code it is tough toShould the abstraction layer run on its own physical computer? Formost applications, the answer is "no". These procedures are notsufficiently CPU-intensive to make splitting them off onto a separatecomputer worthwhile in terms of system administration ef<strong>for</strong>t andincreased vulnerability to hardware failure. What's more, theseprocedures often do not even warrant a new execution environment.Most procedures in the abstraction layer of an <strong>Internet</strong> servicerequire intimate access to relational database tables. That access isfastest when the procedures are running inside the RDBMS itself. Allmodern RDBMSes provide <strong>for</strong> the execution of standard procedurallanguages within the database server. This trend was pioneered byOracle with PL/SQL and then Java. With the latest Microsoft SQLServer one can supposedly run any .NET-supported computerlanguage inside the database.When should you consider a separate environment ("applicationserver" process) <strong>for</strong> the abstraction layer? Suppose that a big bank,the result of several mergers, has an IBM mainframe to managechecking accounts, an Oracle RDBMS <strong>for</strong> managing credit accounts,and a SQL Server-based customer support system. If Jane Customerphones up the bank and asks to pay her credit card bill from herchecking account, a computer program needs to per<strong>for</strong>m atransaction on the mainframe (debit checking), a transaction on theOracle system (credit Visa card), and a transaction on the SQLServer database (payment handled during a phone call with Agent#451). It is technically possible <strong>for</strong>, say, a Java program runninginside the Oracle RDBMS to connect to these other databasemanagement system but traditionally this kind of problem has beenattacked by a standalone "application server", usually a customauthoredC program. The term "application server" has subsequentlybecome used to describe the physical computers on which such aprogram might run and, in the late 1990s, execution environments <strong>for</strong>Java or C programs that served some function on a Web site otherthan page presentation or persistence.Another example of where a separate physical application servermight be desirable is where substantial computation must beper<strong>for</strong>med. On most photo sharing sites, every time a photo isuploaded the server must create scaled versions in standard sizes.The per<strong>for</strong>mance challenge at the orbitz.com travel site is even moreserious. Every user request results in the execution of a Lisp programwritten by MIT Artificial Intelligence Lab alumni at itasoftware.com.This Lisp program searches through a database of 2 billion flightsand fares. The database machines that are per<strong>for</strong>ming transactions205
give their site a unique look and feel. Eve expected that laws andaccounting procedures regarding sales tax would change. So sheencapsulated the looking up of sales tax by state, the figuring out ifthat state charges tax on shipping, and the multiplication of tax rateby price into an Oracle PL/SQL function:create or replace function ec_tax(v_price IN number, v_shipping IN number,v_order_id IN integer)return numberIStaxes ec_sales_tax_by_state%ROWTYPE;tax_exempt_p ec_orders.tax_exempt_p%TYPE;BEGINSELECT tax_exempt_p INTO tax_exempt_pFROM ec_ordersWHERE order_id = v_order_id;IF tax_exempt_p = 't' THENreturn 0;END IF;SELECT t.* into taxesFROM ec_orders o, ec_addresses a,ec_sales_tax_by_state tWHERE o.shipping_address=a.address_idAND a.usps_abbrev=t.usps_abbrev(+)AND o.order_id=v_order_id;IF nvl(taxes.shipping_p,'f') = 'f' THENreturn nvl(taxes.tax_rate,0) * v_price;ELSEreturn nvl(taxes.tax_rate,0) * (v_price + v_shipping);END IF;END;The Web script or other PL/SQL procedure that calls this functionneed only know the proposed cost of an item, the proposed shippingcost, and the order ID to which this item might be added (these arethe three arguments to ec_tax). That sales taxes <strong>for</strong> each state arestored in the ec_sales_tax_by_state table, <strong>for</strong> example, ishidden from the rest of the application. If an organization thatadopted this software decided to switch to using third-party software<strong>for</strong> calculating tax, that organization would need only to change thisone function rather than wading through hundreds of Web scriptslooking <strong>for</strong> tax-related code.know how many programs you have to examine and modify after apersonnel change. With magic numbers in the code it is tough toknow if rules are being en<strong>for</strong>ced consistently site-wide.Where should you store parameters such as these? Except <strong>for</strong> thedatabase username and password, an obvious answer would seemto be "in the database." There are a bunch of keys (the parameternames) and a bunch of values (the parameters). This is the veryproblem <strong>for</strong> which a database management system is ideal.-- use Oracle's unique key generatorcreate sequence config_param_seq start with 1;create table config_param_keys (config_param_key_id integer primary key,key_name varchar(4000) not null,param_comment varchar(4000));create table config_param_values (config_param_key_idnot nullreferences config_param_keys,value_index integer default 1 not null,param_value varchar(4000) not null);-- we use the Oracle operator "nextval" to get the next-- value from the sequence generatorinsert into config_param_keysvalues(config_param_seq.nextval, 'view_source_link_p', 'damn6.171 instructor is making me do this');-- we use the Oracle operator "currval" to get the last-- value from the sequence generator (so that rows-- inserted in this transaction will all have-- the same ID)insert into config_param_valuesvalues(config_param_seq.currval, 1, 't');commit;insert into config_param_keysvalues(config_param_seq.nextval, 'redirect','dropping the /wtr/ directory');insert into config_param_valuesvalues204145
- Page 1 and 2:
SoftwareEngineering forInternetAppl
- Page 3 and 4:
Signature: ________________________
- Page 5 and 6:
end-users. We use every opportunity
- Page 7 and 8:
• availability of magnet content
- Page 9 and 10:
• we want to see if a student is
- Page 11 and 12:
you supply English-language queries
- Page 13 and 14:
What to do during lecturesWe try to
- Page 15 and 16:
The one-term cram courseWhen teachi
- Page 17 and 18:
332• spend a term learning how to
- Page 19 and 20:
Once we've taught students how to b
- Page 21 and 22:
has permission to perform each task
- Page 23 and 24:
UDDIUnixcustomer's credit card. If
- Page 25 and 26:
thousands of concurrent users. This
- Page 27 and 28:
OraclePerlnamed XYZ" without the pr
- Page 29 and 30:
LDAPLinuxbits per color, a vastly s
- Page 31 and 32:
FilterFirewallFlat-fileGIF318functi
- Page 33 and 34:
when there is an educational dimens
- Page 35 and 36:
system. The authors of the core pro
- Page 37 and 38:
Sign-OffsTry to schedule comprehens
- Page 39 and 40:
scheduling goals that both you and
- Page 41 and 42:
Client Tenure In Job (new, mid-term
- Page 43 and 44:
ReferencesEngagement ManagementSQL*
- Page 45 and 46:
Decision-makers often bring senior
- Page 47 and 48:
presentation to a panel of outsider
- Page 49 and 50:
300always been written by programme
- Page 51 and 52:
17.3 Professionalism in the Softwar
- Page 53 and 54:
Try to make sure that your audience
- Page 55 and 56:
Chapter 17WriteupIf I am not for my
- Page 57 and 58:
Suppose that an RDBMS failure were
- Page 59 and 60:
analysis programs analyzing standar
- Page 61 and 62:
at 9 hours 11 minutes 59 seconds pa
- Page 63 and 64:
found" will result in an access log
- Page 65 and 66:
15.18 Time and MotionThe team shoul
- Page 67 and 68:
select 227, 891, 'algorithm', curre
- Page 69 and 70:
create table km_object_views (objec
- Page 71 and 72:
• object-create• object-display
- Page 73 and 74:
The trees chapter of SQL for Web Ne
- Page 75 and 76:
);274-- ordering within a form, low
- Page 77 and 78:
and start the high-level document f
- Page 79 and 80:
Example Ontology 2: FlyingWe want a
- Page 81 and 82:
systems. What would a knowledge man
- Page 83 and 84:
spreadsheet". Other users can comme
- Page 85 and 86:
Chapter 15Metadata (and Automatic C
- Page 87 and 88:
{site url}{site description}en-usCo
- Page 89 and 90:
drawing on the intermodule API that
- Page 91 and 92:
At this point you have something of
- Page 93 and 94: • description• URL for a photo
- Page 95 and 96: Here's a raw SOAP request/response
- Page 97 and 98: Chapter 14Distributed Computing wit
- Page 99 and 100: conduct programmer job interviews h
- Page 101 and 102: Most admin pages can be excluded fr
- Page 103 and 104: content that should distinguish one
- Page 105 and 106: Chapter 13Planning ReduxA lot has c
- Page 107 and 108: the Internet-specific problem of no
- Page 109 and 110: wouldn't see these dirty tricks unl
- Page 111 and 112: 12.8 Exercise 4: Big BrotherGeneral
- Page 113 and 114: than one call to contains in the sa
- Page 115 and 116: A third argument against the split
- Page 117 and 118: way 1 1/16One might argue that this
- Page 119 and 120: absquatulate 612bedizen 36, 9211cry
- Page 121 and 122: What if the user typed multiple wor
- Page 123 and 124: Chapter 12S E A R C HRecall from th
- Page 125 and 126: long as it is much easier to remove
- Page 127 and 128: features that are helpful? What fea
- Page 129 and 130: made it in 1938)? Upon reflection,
- Page 131 and 132: environment, we identify users by t
- Page 133 and 134: those updates by no more than 1 min
- Page 135 and 136: Balancer and mod_backhand, a load b
- Page 137 and 138: translation had elapsed--the site w
- Page 139 and 140: It seems reasonable to expect that
- Page 141 and 142: 11.1.5 Transport-Layer EncryptionWh
- Page 143: such as ticket bookings would colla
- Page 147 and 148: It isn't challenging to throw hardw
- Page 149 and 150: Chapter 11Scaling GracefullyLet's l
- Page 151 and 152: 10.15 Beyond VoiceXML: Conversation
- Page 153 and 154: Consider that if you're authenticat
- Page 155 and 156: In this example, we:194• ask the
- Page 157 and 158: As in any XML document, every openi
- Page 159 and 160: (http://www.voicegenie.com). These
- Page 161 and 162: Chapter 10Voice (VoiceXML)questions
- Page 163 and 164: 9.15 MoreStandards information:•
- Page 165 and 166: 9.14 The FutureIn most countries th
- Page 167 and 168: 9.10 Exercise 7: Build a Pulse Page
- Page 169 and 170: 9.6 Keypad HyperlinksLet's look at
- Page 171 and 172: text/xml,application/xml,applicatio
- Page 173 and 174: Protocol (IP) routing, a standard H