PROG8060

Developing Quality Applications

Winter 2024
From the Course Outline:
 1.0 Background and relevance of Computing Systems in Software
Development
 1.5 Discuss the organization of data structures and the representation
of data within a computer application. Relate the ways in which data
manipulation operations can be performed on data structures
 1.6 Correlate the fundamentals of databases, networking and security
with Systems Engineering.

 Project Work – Project Selection, Project Proposal Development

 Simply put, Data Structures are computer representations of data.
 Data Structures are used in a large portion of every computer
program / application
 In a lot of cases, data needs to be structured in a way to make a
computer program meaningful and efficient
 Depending on how the data is structured in an application, can determine
if it can finish executing in a matter of seconds or several hours

 Examples include stacks, queues and / or heaps

 Data Structures can be broken down in a logical format
according to:
 Linear Structures
 Nonlinear Structures
 Compound Structures
 Data items are organized in a linear or single dimension such
as an array

 Each data item has one predecessor and one successor

(except for the first and last data items)

 Examples include lists, stacks and queues (FILO, LIFO, FIFO

and LILO)
 Data items are organized in a non-linear or two or more
dimensions (such as a matrix)

 A data item using this structure type can have multiple

predecessors or successors

 Examples include heaps, hash tables, binary trees

 Both are storage areas within a computers RAM

 Stack is a static allocation when the program is compiled /

very fast / LIFO / used for when you know how much data your
application will require

 Heap is changing / dynamic allocation at run time / slower /

limited by the amount of virtual memory / can be used when
we don’t know how much memory our application will need
 Combination of other, more primitive data structures

 Examples include sets, graphs and / or partitions

 The fundamental operations supported by all data structures
consist of CRUD

 C – Create new data into the data structures

 R – Read data that is currently in the data structures
 U – Update data that is currently in the data structures
 D – Delete a data entity that is currently in the data structures
 Other operations supported by data structures:

 Searching capability for a particular data entity in the structure

 Sorting all data entities according to some scheme
 Traversing all data entities in a prescribed manner
 Reorganizing all data entities within the structure
 When we’re dealing with data structures in C#, we normally used the
term “collection” to define how similar data can be handled more
efficiently
 To perform operations such as adding, removing and modifying
individual elements or a range of elements, we can use the following
namespaces within C#:

 We can also use the Array class itself (which is part of System)
 Can sort arrays by using the Array.Sort(<key>, <items>);
▪ E.g. Array.Sort(age, name); //this will sort the name array by age
 Two types of collections in .NET Framework (as of 2.0):
 Generic
 NonGeneric

 Generic types are better in terms of performance as they accept

a type parameter when built;

 NonGeneric types require casting as they store items as object

types
To be able to… Generic Non-Generic

Store data as key / value pairs – lookup by key Dictionary Hashtable

Access data by indexing List Array or ArrayList

Access First In First Out (FIFO) Queue Queue

Access Last In First Out (LIFO) Stack Stack

Access items in a sequential manner LinkedList N/A

Access a sorted collection SortedList SortedList

Have a set for mathematical functions HashSet, SortedSet N/A

Using a Collection
Initializer
Removing an element
(A) Without using Collections, add seven items (say your favourite food)
and show them in a Console App (.NET Framework)

(B) Repeat (A), but this time use Collections in C# to display your items

(C) Remove at least one item from the Collection

(D) Update one item from the Collection

 (A) From the previous slides, develop a program that will allow the user to
enter in the following five cities in Ontario along with their populations*
and then sort the list by increasing population:

▪ Kitchener: 233,222
▪ Mississauga: 721,599
▪ Toronto: 2,731,531
▪ Brampton: 593,638
▪ Windsor: 217,188

https://www.worldatlas.com/articles/the-10-biggest-cities-in-ontario.html as of May 28th, 2019

 Even though there are a variety of data structures in use, each
structure operates with its own efficiency and performance

 Need to evaluate the best data structure to be used for your

application based on the requirements

 For instance, retrieving the last item from a stack is going to be

significantly faster than having to search for a particular item
within that same stack.
 Databases are one of the most important components of any
system – as they will store the data used by your application /
computer program.

 They consist of a highly organized and structured collection of

data and can be thought of as an extension of data structures.

 Normally, databases are considered to be external to our

application / program both from a logical and a physical
perspective
 Databases are often used when we are dealing with an immense
amount of data that may / may not require logical relationships
 When designing a database to use for an application, the following
must be considered:
 Performance – time required to access the database, perform the query and
to return the results
 Concurrency – having multiple users and / or systems access the same data in
the database simultaneously
 Integrity – ensuring that the data in the database is valid and correct
 Robustness – database can recover from any failure (HW/SW)
 The data that is stored in a database is usually referred to as
entities

 Can be tangible items such as people, computers, cars, etc…

 Can be intangible items as well – such as names, roles, salary,

etc….
 The Schema of a database provides a description of how the
entire database structure is organized (usually through a set of
diagrams).

https://www.flickr.com/photos/140313528@N03/26542393091/
 One can interact with a database though either a DBMS
(Database Management System) to create, maintain and use the
database or through a programming language such as SQL
(Structured Query Language).

 The SQL language is more commonly used within application

development to perform various data related tasks on a
database (such as performing CRUD operations).
 From within Visual Studio, we’ll need to first install the
MySql.Data package

 Go into Tools | NuGet Package Manager | Manage

NuGet Packages for Solution

 Search for mysql

 Install the latest stable version

 We can now reference this package within our code as follows:
 Before one can use data from a database, we need to establish a
proper connection to the database. This includes providing
(your specific values for):
 Server
 User
 Database name
 Port and Password
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text; Try this code as it is (without starting MySQL) and see what happens…
using System.Threading.Tasks;
using MySql.Data;
using MySql.Data.MySqlClient;
namespace Database
{
class Program
{
static void Main(string[] args)
{
MySql.Data.MySqlClient.MySqlConnection conn;
string myConnectionString;
myConnectionString = "server=127.0.0.1;uid=root;" +"pwd=;database=employees";
try
{
conn = new MySql.Data.MySqlClient.MySqlConnection();
conn.ConnectionString = myConnectionString;
conn.Open();
}
catch (MySql.Data.MySqlClient.MySqlException ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
}
}
}
using System;
using
using
System.Collections.Generic;
System.Linq; Now, start up MySQL and rerun this code…(make sure you have setup
using System.Text;
using
using
System.Threading.Tasks;
MySql.Data; your MySQL Server with the ‘employees’ database as well as loaded the
using MySql.Data.MySqlClient;
namespace Database
employees into it first).
{
class Program
{
static void Main(string[] args)
{
MySql.Data.MySqlClient.MySqlConnection conn;
string myConnectionString;
myConnectionString = "server=127.0.0.1;uid=root;" +"pwd=;database=employees";
try
{
conn = new MySql.Data.MySqlClient.MySqlConnection();
conn.ConnectionString = myConnectionString;
Console.WriteLine("Connecting to MySQL...");
conn.Open();
string sql = "SELECT * FROM employees WHERE first_name='Parto'";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
Console.WriteLine(rdr[0] + " -- " + rdr[1] + " -- " + rdr[2] + " -- " + rdr[3] + " -- " + rdr[4] + " -- " + rdr[5]);
Console.ReadLine();
}
rdr.Close();
}
catch (MySql.Data.MySqlClient.MySqlException ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
}
}
}
 A computer network is simply a mechanism that connects a
collection of computers and computing devices together for the
purpose of sharing information amongst themselves.

 Examples of computing devices can be: laptops, desktop

computers, mobile devices, routers, bridges, hubs, switches,
firewalls, servers (DB, App, Web, CRM, etc…), and iOT devices
(such as toasters, washing machines, locks, lights, vacuums,
etc…).
 There are a variety of characteristics that facilitate the connection of
computing devices on a network.

 Some characteristics of networks:

 Wired vs Wireless networks

 Wireless networks
 Network Topology
 Network Functionality
 Network Speed
 Similarly, there are a variety of network types that facilitate the
connection of computing devices on a network – mostly
dependent upon the geographical connection area.

 Personal Area Network (PAN)

 Local Area Network (LAN)
 Wide Area Network (WAN)
 Internet
 For networks to be effective, they have to facilitate
communications between devices from various manufacturers

 As a result, they need to rely on a standard set of protocols that

all devices must adhere to

 Network protocols are divided into various layers (as seen on the
next slide)
 As a result of the prevalence of smartphones and other devices
providing 24/7 connectivity, ensuring that our applications are
providing a secure experience is gaining more and more
importance.

 Security must be in place at the onset of any application

development. Incorporating this at a later stage could require a
change to the foundation / architecture.
 As we’re building security within our applications / programs, we
also need to ensure that during the maintenance phases (i.e.
after the initial release), that any changes are not adversely
affecting the security of our application.

 To be able to build in security and make it a priority, we need to

encompass security in each and every phase within the software
development process i.e. during requirements, in design, in
implementation, and testing.
 When developing the requirements for security, we need to apply
focus on two key areas:

 Actual Security Requirements – these are requirements relating directly to

building in security (for example: “The application will store all data using
PGP encryption”…)

 Threats and Risks – these relate to ways in which security of the application
can be compromised after it has been implemented (for instance, if we’re
incorporating a database in our system, we should test for SQL Injection
attacks…)
 Continuing on from the Requirements, issues relating to security
during the Design phase relate to how the various modules of
the overall application / program fit together to provide the
overall security objectives.

 We also need to look at the details around the specific steps

required for implementation.
 After seeing how Security will be considered at the modular level,
we’ll want to now look at ways how to write actual code for specific
situations relating to Security
 For example, to prevent buffer overflow attacks, we could use more
up-to-date languages (such as Java, Python and .NET languages) or
use secure practices when dealing with buffers.
 Or for preventing SQL Injection type attacks, we can encrypt
sensitive information in our databases, use parameterized
statements, sanitizing our inputs, etc…
 Suppose we have the following code that uses hardcoded strings
concatenating with a user-supplied string:

var EmployeeName;
EmployeeName = Request.form("EmployeeName");
var SQL = “SELECT * from employees where EmployeeName = ‘” + EmployeeName + "'";

 Now, the user is prompted to enter an employee name. If they

enter the name Pinkah, then the SQL command will look like
this: SELECT * FROM employees WHERE EmployeeName =
‘Pinkah'
 Suppose now that the user enters in the following (in the actual
input box of the form): Pinkah’; DROP TABLE employees--

 From the above command, the ; denotes the end of the script

 Now, what will happen is that the following Quey will be

executed on our database!

SELECT * from employees WHERE EmployeeName =‘Pinkah’;

DROP TABLE employees--’
 We can implement security in our code in regards to SQL Injection by the
following means:
 Filtering the input return inputSQL.Replace("'", "''");
 Due to the amount of characters that we need to filter upon, this method my not be
very reliable

 Data coming from input parameters could be wrapped in either

QUOTENAME() or REPLACE():
 QUOTENAME(@variable)
 REPLACE(@variable, ‘’’’,’’’’’)
 QUOTENAME(@variable,’’’’)
 Provides an overall view of all of the tasks that your team will
be involved with

 Prioritizes each task and asserts accountability

 Outlines what features will be delivered at what point in time

 Develop a Gantt Chart that will outline all of the tasks that your
team will be involved in – beginning with Design,
Implementation, Testing and Project Completion

 Need to include sprints (two-week iterations) as well as

retrospectives

 Worth 10% of your overall project mark

 Due by Friday of this week at the end of the lab period

 Any questions?