## Import the libraries we are going to use

In [None]:
import sqlite3
import pandas as pd

## Establish the connection object to the database

In [None]:
conn = sqlite3.connect('survey.db')

## Establish the cursor object for executing queries

In [None]:
cur = conn.cursor()

## This is a wrapper function to print the results of a query

In [None]:
def run_query_cursor(query):
    cur.execute(query)
    for i in cur.fetchall():
        print(i)

## This is also a wrapper... pandas does some nicer formatting

In [None]:
def run_query_pd(query):
    return pd.read_sql_query(query,conn)

## Here are the tables we have in the database

In [None]:
run_query_pd('select name from sqlite_master;')

# a first look at the tables

In [None]:
query = '''
SELECT *
FROM person;
'''
run_query_cursor(query)

In [None]:
query = '''
SELECT *
FROM person;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM site;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey;
'''
run_query_pd(query)

# SELECT

In [None]:
query = '''
SELECT family, personal
FROM person;
'''
run_query_pd(query)

In [None]:
query = '''
seLEcT FamiLY, PERSONal
from perSON;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT personal, id, family, family, id, personal
FROM person;
'''
run_query_pd(query)

In [None]:
# Write a query that selects only the 'name' from the 'Site' table
query = '''

'''
run_query_pd(query)

# dealing with duplicates and sorting

In [None]:
query = '''
SELECT quant
FROM survey;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant
FROM survey;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant, taken
FROM survey;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant, taken
FROM survey
ORDER BY quant;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant, taken
FROM survey
ORDER BY quant, taken DESC;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM person
ORDER BY id;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM person
ORDER BY id DESC;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant, person
FROM survey
ORDER BY quant ASC;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT quant, person
FROM survey
ORDER BY quant ASC, person;
'''
run_query_pd(query)

In [None]:
# Write a query that selects the distinct dates shown in the 'Visited' table
query = '''

'''
run_query_pd(query)

In [None]:
# Write a query that shows the full names of scientists in the 'Person' table, ordered by family name
query = '''

'''
run_query_pd(query)

# Filtering
Selecting records that match certain criteria

In [None]:
query = '''
SELECT *
FROM visited
WHERE site = 'DR-1';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT id
FROM visited
WHERE site = 'DR-1';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited
WHERE (site = 'DR-1') AND (dated < '1930-01-01');
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE (person = 'lake') OR (person = 'roe');
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE person IN ('lake','roe');
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE quant = 'sal' AND person = 'lake' OR person = 'roe';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE quant = 'sal' AND (person = 'lake' OR person = 'roe');
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited
WHERE site LIKE 'DR%';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT DISTINCT person, quant
FROM survey
WHERE person = 'lake' OR person = 'roe';
'''
run_query_pd(query)

In [None]:
# Say we want all sites that lie within 48 degrees of the equator, that is, latitutide from -48 to 48
# Fix this:
query = '''
SELECT *
FROM site
WHERE (lat > -48) OR (lat < 48);
'''
run_query_pd(query)

In [None]:
# Normalized salinity reading should be between 0.0 and 1.0.  
# Select records from the 'Survey' table that are outside this range:
query = '''

'''
run_query_pd(query)

# calculating new values

In [None]:
# Perhaps 'roe' was misreporting salinity values
query = '''
SELECT *
FROM survey
WHERE quant = 'sal'
ORDER BY person DESC;
'''
run_query_pd(query)

In [None]:
# We can divide by 100 but ....
query = '''
SELECT person, quant, reading/100.0
FROM survey
WHERE quant = 'sal'
ORDER BY person DESC;
'''
run_query_pd(query)

In [None]:
# slight detour
query = '''
SELECT 1.05*reading
FROM survey
WHERE quant = 'rad';
'''
run_query_pd(query)

In [None]:
# slight detour
query = '''
SELECT 1.05*reading AS 'Radiation corrected by 5%'
FROM survey
WHERE quant = 'rad';
'''
run_query_pd(query)

In [None]:
# temperature in Fahrenheit
query = '''
SELECT reading
FROM survey
WHERE quant = 'temp';
'''
run_query_pd(query)

In [None]:
# temperature in Celsius
query = '''
SELECT round(5 * (reading - 32) / 9, 2) as 'Temp (C)'
FROM survey
WHERE quant = 'temp';
'''
run_query_pd(query)

In [None]:
# String concatenation
query = '''
SELECT personal || ' ' || family
FROM person;
'''
run_query_pd(query)

In [None]:
# back to salinity
# We can divide by 100 for 'roe' ....
query = '''
SELECT person, quant, reading/100.0
FROM survey
WHERE quant = 'sal' AND person = 'roe';
'''
run_query_pd(query)

In [None]:
# combine this now with the notion of unions
query = '''
SELECT *
FROM person
WHERE id = 'dyer'
UNION
SELECT *
FROM person
WHERE id = 'roe';
'''
run_query_pd(query)

In [None]:
# UNION vs UNION ALL
query = '''
SELECT *
FROM person
WHERE id = 'dyer'
UNION ALL
SELECT *
FROM person;
'''
run_query_pd(query)

In [None]:
# Use UNION to show the salinity/100 for 'roe' and original salinity readings for everyone else
query = '''

'''
run_query_pd(query)

In [None]:
# how we can execute a query from a python function
def get_name(database_file, person_id):
    query = "SELECT personal || ' ' || family FROM Person WHERE id='" + person_id + "';"    
    
    c = sqlite3.connect(database_file)
    cursor = c.cursor()
    cursor.execute(query)
    results = cursor.fetchall()
    cursor.close()
    c.close()
    
    return results[0][0]

print(get_name('survey.db','roe'))

In [None]:
# SQL INJECTION
def get_name(database_file, person_id):
    query = "SELECT personal || ' ' || family FROM Person WHERE id='" + person_id + "';"    
    
    c = sqlite3.connect(database_file)
    cursor = c.cursor()
    cursor.execute(query)
    results = cursor.fetchall()
    cursor.close()
    c.close()
    
    return results[0][0]

# UH-OH:
# print(get_name('survey.db',"roe'; DROP TABLE Survey; SELECT '"))

In [None]:
# PREVENT SQL INJECTION
def get_name(database_file, person_id):
    query = "SELECT personal || ' ' || family FROM Person WHERE id=?;"   
    
    c = sqlite3.connect(database_file)
    cursor = c.cursor()
    cursor.execute(query, [person_id])
    results = cursor.fetchall()
    cursor.close()
    c.close()
    
    return results[0][0]

#print(get_name('survey.db','roe'))
# UH-OH?
print(get_name('survey.db',"roe'; DROP TABLE Survey; SELECT '"))

In [None]:
# Example table modification
def add_name(database_file, new_person):
    query = "INSERT INTO Person (id, personal, family) VALUES (?, ?, ?);"

    connection = sqlite3.connect(database_file)
    cursor = connection.cursor()
    cursor.execute(query, list(new_person))
    cursor.close()
    connection.close()

# Insert a new name
add_name('survey.db', ('barrett', 'Mary', 'Barrett'))
# Check it exists
print("Full name for barrett:", get_name('survey.db', 'barrett'))

In [None]:
# Example table modification
# must do the commit!
def add_name(database_file, new_person):
    query = "INSERT INTO Person (id, personal, family) VALUES (?, ?, ?);"

    connection = sqlite3.connect(database_file)
    cursor = connection.cursor()
    cursor.execute(query, list(new_person))
    cursor.close()
    connection.commit()
    connection.close()

# Insert a new name
add_name('survey.db', ('barrett', 'Mary', 'Barrett'))
# Check it exists
print("Full name for barrett:", get_name('survey.db', 'barrett'))

In [None]:
# The database that we are originally connected to reflects the change
query = '''
SELECT *
FROM person;
'''
run_query_pd(query)

In [None]:
# A few details about NULL
query = '''
SELECT *
FROM visited;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited
WHERE dated = 'None';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited
WHERE dated IS NULL;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM visited
WHERE dated IS NOT NULL;
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE quant = 'sal' AND person != 'lake';
'''
run_query_pd(query)

In [None]:
query = '''
SELECT *
FROM survey
WHERE quant = 'sal' AND (person != 'lake' OR person IS NULL);
'''
run_query_pd(query)

In [None]:
# Write a query that sorts records in 'Visited' by date and omits unknown dates
query = '''
SELECT *
FROM visited
WHERE dated IS NOT NULL
ORDER BY dated ASC;
'''
run_query_pd(query)

In [None]:
# What do you think this query will produce?
query = '''
SELECT *
FROM visited
WHERE dated IN ('1927-02-08', NULL);
'''
run_query_pd(query)

In [None]:
# What is a fix?
query = '''

'''
run_query_pd(query)