Loading ...
Sorry, an error occurred while loading the content.

Re: [json] Expressing SQL queries in JSON

Expand Messages
  • Guillaume Filion
    ... Yes the user would have a nice graphical interface to specify which fields he wants. Also, I would validate the fields names on the backend before creating
    Message 1 of 4 , May 6 6:59 AM
    • 0 Attachment
      Gene Berger a écrit :
      > You should only give your user's the options on a screen of what fields to
      > choose, not have them write out the fields names themselves. (Is that what
      > you are doing?) You would face a big inject attack if you let them write
      > the SQL fields themselves.

      Yes the user would have a nice graphical interface to specify which
      fields he wants. Also, I would validate the fields names on the backend
      before creating the SQL query.

      Cheers,
      GFK's
      --
      Guillaume Filion
      http://guillaume.filion.org/



      [Non-text portions of this message have been removed]
    • nic.volanschi
      ... The most similar technology is LINQ, which for JavaScript translates as JSLINQ (http://jslinq.codeplex.com/). But you may take a look to
      Message 2 of 4 , May 11 2:51 PM
      • 0 Attachment
        --- In json@yahoogroups.com, Guillaume Filion <gfk@...> wrote:
        > which would generate an SQL query like this:
        > SELECT std_id, code, lastname, firstname FROM students
        > WHERE prog IN ('200A0','200A1') AND decision LIKE 'A%'
        > ORDER BY cote_mix DESC
        >
        > But I feel like I'm re-inventing the wheel here...
        > Is there already a specification for expressing an SQL query in JSON?

        The most similar technology is LINQ, which for JavaScript translates as JSLINQ (http://jslinq.codeplex.com/).

        But you may take a look to myPatterns.free.fr, too, which complements LINQ with JSON patterns.

        Regards,
        Nic.
      Your message has been successfully submitted and would be delivered to recipients shortly.