1 / 28

RdbHost

RdbHost. A universal web application backend. ReST. GET /students DELETE /students/:num PUT /students/:num. SELECT * FROM students; DELETE FROM students WHERE id = %s UPDATE students SET name = %s, gpa = %s, birthdate = %s WHERE id = %s . VERB. NOUN. GET /students/1

kaveri
Télécharger la présentation

RdbHost

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RdbHost A universal web application backend.

  2. ReST GET /students DELETE /students/:num PUT /students/:num

  3. SELECT * FROM students; DELETE FROM students WHERE id = %s UPDATE students SET name = %s, gpa = %s, birthdate = %s WHERE id = %s

  4. VERB NOUN GET /students/1 SELECT * FROM students WHERE id = %s VERB NOUN

  5. class AccountsController < ApplicationController def show st = students.find(:student_id) render :json => st end end NOUN VERB

  6. RdbHost.com allows you to write your SQL directly in your browser-side JavaScript code.

  7. Instead of: var p = $.ajax( url: ‘/students’ }); Use: var p = $.postData({ q: ‘SELECT * FROM students’, });

  8. var p = $.postData({ q: ‘SELECT * FROM students’ }); p.done(function(data) { alert(data); });

  9. EMAILING var p = $.postData({ q: ‘SELECT %s AS “To:” ’+ ‘%s AS “body” ’+ … ‘%s AS “Subject:” ’ + ‘%s AS “service” ’, mode: ‘email’, format: ‘json’ });

  10. SELECT %s AS “To:”.. results email proxy

  11. ROLES Super - authenticated with authcode Preauth - executes only white- listed queries Reader – limited by PostgresPrivs

  12. Super Role 50 char random authcode Useful for creating tables, views, procedures, and indexes. Administrative role. Used by you, not by your users. s0000000010

  13. PREAUTH White-listed table: auth.preauth_queries tag query, mode p0000000010

  14. TRAINING Adding queries to a white-list is as simple as putting the account into training mode, and submitting the queries by the ‘preauth’ role.

  15. The white-list validation process requires that queries be parameterized, without data. The data is sent to the server with the query, and bound to the query on the server, after the query has been white-list validated.

  16. Other Features Python DB API 2 module. Ajax Content Rendering for Search Engines OpenId Authentication Support ‘File’ Hosting, with SFTP

  17. More Features SSL, with your certificate (or ours). Bulk database transfer tool, for sending and receiving complete databases. Web-interface database administration tool. jQueryPlugin, jquery.rdbhost.js

  18. jQueryPlugin Cross-domain data access. Host anywhere, access your data here. Supports file fields in forms.  Ajax with CORS does not.

  19. jQuery.rdbhost.js 3 types of request methods: i) $.postData is $.ajax style ii) $.postFormData finds data in form. Use with file fields iii) $.getGET and $getPOST, work with JavaScript frameworks

  20. jQuery.rdbhost.utils.js This library contains higher level JavaScript functions. Examples: $.setupCharge({…}) $.chargeCard({…}) $.emailWebmaster({…}) $.emailAllUsers({…})

  21. How is RdbHost Easier? Removes one layer from web stack. Removes one language from web stack. All code is in browser, with ... Great debugging, profiling tools. Chrome debugger, for example, is outstanding.

  22. How Does It Work? Write your app, including business logic, in client-side code. App makes database queries using straight SQL. Train Rdbhost server account to white-list queries. Host application files on Rdbhost, as 'pseudofiles', or on any static host elsewhere.

  23. But What About … ? Isn't there a hazard in showing your SQL to users? Maybe. If you are concerned, you can edit the SQL out, after training, so queries are requested by name.

More Related