CISC474 Midterm Exam 2
E02, 07S, Phill Conrad, University of Delaware
05/04/2007

Name: ________________________________________________________________

UD Email: _____________________________________________@ udel.edu

About this exam

• There are six short answer questions available for to answer.
• You should choose exactly four of these and answer ONLY those four in their entirety.
• You MAY NOT answer extra questions for extra credit.
• Do not write your name on any page except this one. This will be your cover sheet for the exam.

A hint about allocating your time:

• Spend 10 minute reading through the exam, deciding which questions you are going to answer.
  Then spend about 10 minutes per question.

How to get a good grade:

• The questions are very specific about what I am looking for in a complete answer.
• For full credit, be sure your answer addresses all the points I've asked for.

PLEASE!

• Start each question on the FRONT of a new page
• Put the number of the question you are answering in the UPPER RIGHT HAND CORNER

Choose any four of these six questions.

1. (25 pts) Below are two ways that one could do a query in JDBC.
   Both have been tested, and correctly return the result set.
   
   Explain as clearly as possible which way is preferred, and precisely why.

   Method One:

   // Create a statement for SQL queries
   
   try {
       myStmt = myCon.createStatement();
   }
   catch (Exception e){
       e.printStackTrace();
       return brands;
   }
   
   // Set up the query.  
   
   String tableName = prefix_ + "Beers";
   String query = "SELECT beer, color FROM " + tableName 
                + "  WHERE color='" + color + "'";
   
   ResultSet rs;
   
   try {
       rs = myStmt.executeQuery(query);
   }
   catch (Exception e) {
       e.printStackTrace();
       return brands;
   }  
     
     

   Method Two:

   // Set up the query.  
   
   String tableName = prefix_ + "Beers";
   String query = "SELECT beer, color FROM " + tableName + "  WHERE color=?";
     
   // Stick the value of "color" in where the first ? appears, and exec the query
   
   ResultSet rs;
   try {
       PreparedStatement prepStmt = myCon.prepareStatement(query);
       prepStmt.setString(1, color);
       rs = prepStmt.executeQuery();
   }
   catch (Exception e) {
       e.printStackTrace();
       return brands;
   }
   

2. (25 pts) The following lines of code appear in the H09 example program

   String jdbcURL = getServletContext().getInitParameter("jdbcURL");
   String mySQLuser = getServletContext().getInitParameter("mySQLuser");
   String mySQLpw = getServletContext().getInitParameter("mySQLpw");
     

   Answer the following questions about these lines of code:

   1. (5 pts) Could these lines appear in a controller servlet that is part of an MVC webapp? Why or why not?
      
   2. (5 pts) Could these lines appear in a JSP that is part of the view for an MVC webapp? Why or why not?
      
   3. (5 pts) Could these lines appear in a model class that is part of an MVC web-app? Why or why not?
      
   4. (5 pts) In what source file would you look for the definitions of jdbcURL, mySQLuser, and mySQLpw (i.e. the actual values of these, such as jdbc:mysql://cisc474.acad.cis.udel.edu/pconrad, pconrad, and 97s8d9f7s, respectively?
      
   5. (5 pts) More specifically, exactly where in that source file would the definitions of these three things appears, and (roughly) what would these definitions look like? (I'll be forgiving about exact syntax details—its the general concept that I'm looking for here.)

    

3. (25 pts) Some lazy programmer who obviously didn't graduate from this university (and never learned the value of commenting) wrote the following lines of code.

   public class LoginServlet extends HttpServlet {
   
     public void doPost(HttpServletRequest request,
              HttpServletResponse response)
              throws IOException, ServletException {
   
         HttpSession session = request.getSession(false);
         if (session!=null)
           session.invalidate(); 
         session = request.getSession();
       ...
   

   For 15 points, add some reasonable comments in each of the places indicated. To get full credit, your comments must shed light on what is happening—not just state the obvious. For example, for location (b) the comment "// if session is not equal to null, invalidate the session" is worth zero points.

   You may write directly on this sheet, or you write comments after the letters (a), (b), and (c) on your separate answer page. Don't forget to answer part (d) and (e) on the separate answer page.

   public class LoginServlet extends HttpServlet {
   
    /** 
     * doPost is the event handler for the HTTP post method.
     */
   
     public void doPost(HttpServletRequest request,
       HttpServletResponse response)
       throws IOException, ServletException {
   
   
       // (a)(5 pts) Write a comment for the next line of code.   
       // Hints: What does it do? Why do we pass false as a parameter?
       //
       //
       //
   
   
       HttpSession session = request.getSession(false);
   
   
       if (session!=null){
         // (b) (5 pts) Write a comment for this block of code.  
         // Hints: What does it mean if session!=null? Why do we do session.invalidate() in that case? 
         //
         // 
         // 
         // 
         // 
   
   
   
         session.invalidate();
       }
   
    
       // (c) (5 pts) Write a comment for the line of code below.   
       // Hints: Why are we doing this yet again? Why are we not passing false as a parameter like we did before?
       // 
       // 
       // 
       //
       // 
     
       session = request.getSession();
   ...
      

   For ten more points, answer these questions:

   • (d) (5 pts) What are cookies and what does this code have to do with them?
   • (e) (5 pts) What is URL rewriting and what does this code have to do with URL rewriting?

4. The following code appeared in the doPost() method in LoginServlet.java for H09. The comments suggest that there is a better design that would improve the efficiency of the code by not requiring three connections to the database.
   
   For 25 points, sketch what that solution would look like.
   
   To assist you in developing this answer, a complete printout of the LoginChecker.java file has also been provided to you with this exam (that should be all you need to develop an answer.)
   
   You do not need to write all of the code—your description can be

   • a high-level design in the form of pseudocode, or
   • a general outline of your approach.

   But you should provide enough detail that a person skilled in writing MVC Java web applications using SQL would understand your "road map" and be able to write the code herself or himself, filling the gaps.

     // create a loginChecker object to do the database work for us
   
     LoginChecker lc = new LoginChecker(jdbcURL,mySQLuser,mySQLpw);
   
   
     // Check whether the login was valid using the userIsValid
     // method of the LoginChecker object.  Then set a request attribute
     // that the JSP file can check
         
     Boolean loginWasValid = lc.userIsValid(userid,password);
         
     if (loginWasValid)
     {
       // beerSelect.jsp will get the attribute from the session
       session.setAttribute("loginWasValid",loginWasValid);
   
       // Store some useful attributes in the session so that
       // we can greet the user by name.
   
       // The following code is very inefficient--we are connecting
       // to the SQL database three times and running three queries
       // when only one would do the job.  Refactoring this to 
       // improve the efficiency is left as an exercise to the
       // CISC474 student!
       
       String fname = lc.getField("fname",userid,password);
       String lname = lc.getField("lname",userid,password);
          
       session.setAttribute("fname",fname);
       session.setAttribute("lname",lname);
   
       // Now, off to select a beer, where we can greet the user
       // by name!
   
       RequestDispatcher view =
           request.getRequestDispatcher("beerSelect.jsp");
       
       view.forward(request, response);
         }
     else
     ...
      

5. Debugging is an important skill in working with web applications. Debugging techniques will vary from technology to technology, but we've learned some specific ones relating to working with Tomcat and SQL.
   
   Suppose you find that when you access a screen in your web app that you "know" should produce a particular result—for example a list of all the "dark beers" in your database—but instead, you get an empty list.

   1. (5 pts) What can you do to make sure that the database itself is set up properly (independent of the web app)?

   2. (5 pts) Where (specifically) can you look to see if there is a stack trace being generated by some run time error deep inside your web app?

   3. (5 pts) Suppose you suspect that an error is your model class is causing the problem. You make a change and recompile. But nothing changes. So you suspect that perhaps your changes are "not taking"—that there is perhaps a mismatch between the code actually running on the server, and the code that you are looking at in your editor.
      
      What can you do to make absolutely sure that the code running on the Tomcat server is actually the same as the source code you are looking? (Don't just say "redeploy", or stop and restart the server—I want something even more specific and foolproof—I want close to 100% certainty!)

   4. (5 pts) Suppose you are using a build.xml file similar to the build.xml file supplied with H08 and H09. Is it sufficient, after each time you make a change, to just run ant compile? How about ant create-war? Explain.

   5. (5 pts) Describe at least one other useful Java/SQL/Ant/Tomcat debugging technique, or a problem and its solution.
      By other, I mean describe one that is different from the ones you've referred to so far in your answer to this question.

    

6. JavaScript is an important client side technology which some CISC474 students have incorporated into their P06 and/or choice point projects.

   1. (15 pts) When JavaScript appears inside an HTML file directly, typically function definitions and global variables appear inside a special element nested inside the <head> element. Write one of these elements in its entirety as it would appear inside a <head> element of a web page. Include the following:
      1. an open tag and close tag
      2. declaration of a global variable of type boolean called debug, set equal to false
      3. declaration of a function doubleIt, which takes a parameter and returns the value of that parameter multiplied by 2. Also, if the value of the debug variable is true, put up an alert box that says "I'm inside doubleIt".
   2. (10 pts) Choose two of the following common uses of JavaScript and sketch how they are done. You do not have to write a complete code example, but you should include some code specifics to get full credit.
      1. validation of form elements
      2. dynamic HTML
      3. AJAX

End of Exam