When going through some course projects, there were some deliverables using a SQL database.
If you are just hacking something to quickly test or demonstrate a thing, you do not necessarily have to do things as they should be done. Course projects are usually not quick hacks, but should demonstrate the things you have been taught and things you have actually learned.
So, for course projects using SQL databases, this means that you should do things so that the database is not exposed to simple SQL injections. Or that you should actually encrypt confidential data, such as passwords saved in database tables.
Why I am being such an asshole, expecting these to be done properly in student course projects?
Because the way you implement things, demonstrates what you have learned. Demonstrating that in course projects is kind of expected.
The things you learn going through the study program courses, should be carried on from course to course, accumulating skills and knowledge.
Because the things you consistently design and implement, is embedded into your deeper knowledge and skills and is then easier to take into use when needed in real life settings.
Because when knowing at least the basics of these things, you perhaps do not expose real apps and systems to these vulnerabilities when you go to work in the industry. Something that happens way too often…
So, if you do use a SQL database in your course work, do the basic things the way they should be done. Use prepared queries instead of exposing the app to SQL injections. Encrypt the confidential data, at least the user passwords.
I made a demo app to show how this is done, and a (Finnish) YouTube video to demonstrate the things in action to anyone learning database programming basics.
Yes, I know this demo app is not perfect either. But the idea is to demonstrate (simply) how to consider these very basic, small things in database programming. Small things that still have a considerable impact on app security.
Next Fall is the fifth time when I teach the course Data Structures and Algorithms. I received the course on 2019 and after a year of familiarising with the course, started developing it.
First I switched from C to Java and implemented automated unit tests to verify the correctness of student implementations. Some unit tests also measured time performance with varying numbers of n. The measurements were then used to support the time complexity analysis of the implementations, in addition to analysing the pseudocode and implemented algorithms. Comparing the implemented fast algorithms and data structures to slower ones was also one of the things students did.
All this to support the students to learn to see the difference between algorithms and helping them to decide which algorithm or data structure to use in whatever situation. Many times a simple algorithm suffices and simple array and plain loops are enough. But sometimes, something more is needed.
In the last two years, one or two exercise tasks had a graphical user interface (GUI) instead of a console UI, most of the tasks have. The feedback from the students was that seeing the actual effect on using faster and better data structures and algorithms in a GUI was a very nice thing to have. It really gave them a tangible view on the benefits of using these algorithms (like partitioning a large array) and data structures (finding a path using Dijkstra’s algorithm in a maze game).
Based on this student feedback, I decided to implement a GUI to all exercise tasks for the Fall 2023 course. The experiment I want to make is to see if having a GUI helps in motivating the students to work on and learn from the course exercises, compared to the more common console UIs and seeing the results of unit tests passing (or not).
Yesterday the first version of the GUI was finished, including all the exercise tasks to teach concepts like:
sorting an array with simple (and slow, with large n) insertion sort algorithm,
sorting to both ascending and descending order using the Java Comparator interface,
searching using linear search algorithm,
after sorting, implementing faster search using binary search,
implementing a Stack to verify a JSON file has no issues with parentheses nor quotation characters,
implementing a Queue to implement a “call list” (either using an array or a linked list as the internal data structure of the Queue),
when dealing with larger data sets, using faster sorting algorithms like quick sort, heap sort or merge sort,
to make handling large data sets faster in adding data elements and searching for them, using a binary search tree as the data structure,
using a hash table to count the number of unique words used in a text file and list the top 100 words with counts (a classical problem in data structures and algorithms), and finally,
using a graph data structure and associated algorithms (like Dijkstra’s) to find a shortest path between two data items.
So in addition to the already existing unit tests and time efficiency measurements, to verify the correctness and time performance of their data structure and algorithm implementations, next Fall they will also see these working in a “real life” application, the TIRA Coders Phonebook app:
TIRA Coders Phonebook app screenshot
Each of the smaller windows and dialogs appear when the feature is used from the menu of the application.
On the lower right corner, there is a log window displaying time performance data when executing the different algorithms; filling the data structures, sorting the data, searching for data, etc.
Students are able to load phonebooks of different sizes, from 100 coders up to 1 000 000 coders, and see how their implementations of different data structures and algorithms cope with various numbers of n.
I still need to work on this app more, making sure that when I remove all the solutions for the data structures and algorithms I’ve implemented, the app is still functional enough to be a starting point for the students to start working on the course exercise tasks.
I also need to carefully point to the students the parts of the code they need to work upon, and parts of the code they do not need to care about, not to get confused by the things not relevant in learning the course topics.
It will be exiting to see, in a couple of months, how this works out and if having the GUI helps in learning or motivates students to work on the tasks.
