Retrieving or modifying information over databases is the cornerstone of the DBSP Engine. However, is necessary first to understand the operation and basic philosophy of the environment. In the next part you get a brief description of the main concepts and features of DBSP.

A conceptual division: User interface layer VS Data layer

Looser coupling is a difficult task to achieve in the majority of the today data-oriented web applications. This is mostly due the limitations of the HTML and HTTP protocols and the way that current development technologies manage this issue. As a result, all the three layers (user interface, business logic and data) are mixed in one single block: source code.

DBSP deals with this issue by clearly separating the user interface and data layers. All the database related information will remain stored and organized inside the own database.

For this purpose, the DBSP environment includes a very useful application: the DBSP Builder. This application let you create, store, test and organize all your database related elements.

This brings multiple advantages:

• The user interface layer and the database layer are totally separated. This feature brings you the possibility to replace the database backend with a totally different database without changing a single line of code in the user interface!
  
  
• All the elements reside organized in a common place.
  
  
• You could create and test your SQL elements (like SQL Sentences) inside the own DBSP Builder. This means that the elements will remain exactly as you leave them, giving the same results in the pages. There is no need to copy, paste and format the SQL sentences into your HTML code. This avoids the risk of introducing common mistakes and saves you development time.
  
  
• The risk of compromising your data structure or access information gets lower. Due the fact that the SQL sentences and other elements remains stored inside the database, if your pages becomes compromised for any reason (maybe by a web server vulnerability), you don't expose your database structure to any unauthorized individual. Moreover, all the database access and connection information like usernames and passwords are encrypted and stored separately from the site files. This mitigates the risk that somebody steals or modifies your database information.
  
  

In the next section, we will see the basic elements and features in of the DBSP tags involved with database exploitation.