Permalink
Browse files

Updated Readme

  • Loading branch information...
pjzedalis committed Sep 10, 2016
1 parent 3bc0ff5 commit 7aa18fd9a8fe17d5f4c5976dba6aa43849b35766
Showing with 33 additions and 18 deletions.
  1. +20 −9 README.md
  2. BIN Source/.SQLdeLite.xojo_uistate
  3. +13 −9 Source/SQLdeLite.xojo_code
View
@@ -8,8 +8,12 @@ SQLdeLite is an open source library that allows you to speed up your database de
Highlights:
- Single drop in module that speeds up your development.
- Build on top of the new Xojo framework.
- Full support for iOSSQLiteDatabase's on iOS! You can use the same business logic between projects despite using different database backends.
- Automatically uses SQL prepared statements mitigating SQL injection attacks and speeding up database performance.
- Quickly and easily create SQL queries by using variables representing the properties of your objects. These variables are converted to the bounded parameters in prepared statements.
- No more string concatenation for your SQL!
- Dynamic objects that allow for any number of properties without having to define each one in the IDE. Now it's much faster to handle your query parameters and results.
- Built on top of the new Xojo framework.
- Full support for iOSSQLiteDatabase on iOS! You can use the same business logic between projects despite using different database backends.
- Full support for all Xojo supported databases. Enable databases that require plugins by setting the appropriate constant to True (example: PLUGIN_MSSQL_ENABLED).
- Full support for cubeSQL. Make sure to enable support by changing the PLUGIN_CUBESQL_ENABLED constant to True.
- Valentina database is also supported by virtue of the SQLdeLite.ParameterizeSQL() method. This converts your SQL query into a Valentina compatible query with bound parameters.
@@ -21,15 +25,15 @@ SQLExecute() methods for your database of choice.
Why use over ActiveRecord?
- ActiveRecord can only load a record via it's primary key which is forced to be an integer. It has the ability to load an object from a RecordSet which SQLdeLite can also do automatically (see the Advanced Features topic below).
- ActiveRecord is not available on iOS. SQLdeLite runs everywhere Xojo runs. Console, Desktop, Web, and iOS without any modifications.
- ActiveRecord is not available on iOS. SQLdeLite runs everywhere Xojo runs: Console, Desktop, Web, and iOS without any modifications.
- ActiveRecord requires you to use their database specific adapters. SQLdeLite extends the Xojo native databases .
- ActiveRecord requires code generation using the commercial ARGen product or hand building your database classes. SQLdeLite can classes or dynamic objects via SQLdeLite.Record.
- ActiveRecord requires code generation using the commercial ARGen product or hand building your database classes. SQLdeLite can use classes or dynamic objects via SQLdeLite.Record.
- SQLdeLite is HALF the size contained inside a single module.
- SQLdeLite is built on top of the new Xojo framework and ready for the future.
Methods:
- SQLdeLiteSelect(=sqlStatementAsText, SQLdeLiteRecordObject)
- SQLdeLiteSelect(sqlStatementAsText, SQLdeLiteRecordObject)
- SQLdeLiteExecute(sqlStatementAsText, SQLdeLiteRecordObject)
- CreateInsertStatement(databaseObject, TableNameAsText, TableAndFieldNamesQuotedAsBoolean)
@@ -44,6 +48,7 @@ Or how about during development when you just want to create a SQL statement usi
in your method or they are properties of an object you end up with some string concatenation gore looking like:
Dim sql As Text
sql = "SELECT * FROM Table WHERE Field = '" + variable1 + "' AND Field2 = " + variable2.ToText() + " AND Field3 = '" + variable3 + "';"
Some of you might do it the slightly faster way with an array and joining it at the end. Regardless this is dangerous for a number of reasons:
@@ -54,7 +59,7 @@ Some of you might do it the slightly faster way with an array and joining it at
- Your SQL statement is vulnerable to SQL injection because you are not properly escaping quotations characters.
Introducing the SQLdeLite.Record class. You can initialize an instance of it or sub-class it and use as needed. With SQLdeLite.Record you can create dynamic objects
by filling the properties as you see fit without actually creating and building an object. Behind the scenes when you pass your instance of SQLdeLite.Record to SQLdeLIte
by filling the properties as you see fit without actually creating and building an object. Behind the scenes when you pass your instance of SQLdeLite.Record to
the engine automatically converts all of your dynamic properties to SQL parameters. It then binds those parameters to a prepared statement appropriate for the
database engine you are currently using. PostgreSQL, Oracle, and cubeSQL all handle parameter binding in different ways and SQLdeLite abstracts those differences away.
@@ -65,14 +70,20 @@ So in order to use SQLdeLite.Record and parameterize your SQL statement you can
----------
Dim row As New SQLdeLite.Record
row.Name = "Phillip Zedalis"
row.Title = "Managing Developer"
row.Company = "1701 Software, Inc."
Dim sql As Text
sql = "SELECT * FROM Users WHERE Name = $Name AND Title = $Title AND Company = $Company"
Dim rs As RecordSet
rs = db.SQLdeLiteSelect(sql, row)
----------
@@ -82,14 +93,14 @@ database engine. In order to use a property of your SQLdeLite.Record object you
Advanced Features:
The SQLdeLiteSelect method also supports filling the results of the RecordSet back to your SQLdeLite.Record object. You must True as the last parameter AND your
The SQLdeLiteSelect method also supports filling the results of the RecordSet back to your SQLdeLite.Record object. You pass True as the last parameter AND your
query must return only one result. Assuming both factors are true your SQLdeLite.Record object will gain new dynamic properties representing the values of every
column in the RecordSet. For example if we use the same "row" object as in the code example above and call the SQLdeLiteSelect method as so:
rs = db.SQLdeLiteSelect(sql, row, True)
The code above will actually loop through all the columns of your record and create dynamic properties in the row object. So despite never defining a "PhoneNumber"
for instance if the record included it then you can now access it via:
property if the record included it then you can now access it via:
MsgBox(row.PhoneNumber)
@@ -102,6 +113,6 @@ and thus the SQLdeLite extension methods are not available. However this turns o
that vary depending on your needs.
Instead of using SQLdeLite to execute the queries you can simply use it to create your queries along with parameterized arrays suitable for Valentina. SQLdeLite is aware
of the Valentina specific way of binding SQL parameters and returns to you everything you need to execute your queries against Valentina.
of the Valentina specific way of binding SQL parameters and returns to you everything you need to execute your queries against Valentina safely.
Binary file not shown.
View
@@ -969,8 +969,12 @@ Protected Module SQLdeLite
Highlights:
- Single drop in module that speeds up your development.
- Build on top of the new Xojo framework.
- Full support for iOSSQLiteDatabase's on iOS! You can use the same business logic between projects despite using different database backends.
- Automatically uses SQL prepared statements mitigating SQL injection attacks and speeding up database performance.
- Quickly and easily create SQL queries by using variables representing the properties of your objects. These variables are converted to the bounded parameters in prepared statements.
- No more string concatenation for your SQL!
- Dynamic objects that allow for any number of properties without having to define each one in the IDE. Now it's much faster to handle your query parameters and results.
- Built on top of the new Xojo framework.
- Full support for iOSSQLiteDatabase on iOS! You can use the same business logic between projects despite using different database backends.
- Full support for all Xojo supported databases. Enable databases that require plugins by setting the appropriate constant to True (example: PLUGIN_MSSQL_ENABLED).
- Full support for cubeSQL. Make sure to enable support by changing the PLUGIN_CUBESQL_ENABLED constant to True.
- Valentina database is also supported by virtue of the SQLdeLite.ParameterizeSQL() method. This converts your SQL query into a Valentina compatible query with bound parameters.
@@ -982,15 +986,15 @@ Protected Module SQLdeLite
Why use over ActiveRecord?
- ActiveRecord can only load a record via it's primary key which is forced to be an integer. It has the ability to load an object from a RecordSet which SQLdeLite can also do automatically (see the Advanced Features topic below).
- ActiveRecord is not available on iOS. SQLdeLite runs everywhere Xojo runs. Console, Desktop, Web, and iOS without any modifications.
- ActiveRecord is not available on iOS. SQLdeLite runs everywhere Xojo runs: Console, Desktop, Web, and iOS without any modifications.
- ActiveRecord requires you to use their database specific adapters. SQLdeLite extends the Xojo native databases .
- ActiveRecord requires code generation using the commercial ARGen product or hand building your database classes. SQLdeLite can classes or dynamic objects via SQLdeLite.Record.
- ActiveRecord requires code generation using the commercial ARGen product or hand building your database classes. SQLdeLite can use classes or dynamic objects via SQLdeLite.Record.
- SQLdeLite is HALF the size contained inside a single module.
- SQLdeLite is built on top of the new Xojo framework and ready for the future.
Methods:
- SQLdeLiteSelect(=sqlStatementAsText, SQLdeLiteRecordObject)
- SQLdeLiteSelect(sqlStatementAsText, SQLdeLiteRecordObject)
- SQLdeLiteExecute(sqlStatementAsText, SQLdeLiteRecordObject)
- CreateInsertStatement(databaseObject, TableNameAsText, TableAndFieldNamesQuotedAsBoolean)
@@ -1015,7 +1019,7 @@ Protected Module SQLdeLite
- Your SQL statement is vulnerable to SQL injection because you are not properly escaping quotations characters.
Introducing the SQLdeLite.Record class. You can initialize an instance of it or sub-class it and use as needed. With SQLdeLite.Record you can create dynamic objects
by filling the properties as you see fit without actually creating and building an object. Behind the scenes when you pass your instance of SQLdeLite.Record to SQLdeLIte
by filling the properties as you see fit without actually creating and building an object. Behind the scenes when you pass your instance of SQLdeLite.Record to
the engine automatically converts all of your dynamic properties to SQL parameters. It then binds those parameters to a prepared statement appropriate for the
database engine you are currently using. PostgreSQL, Oracle, and cubeSQL all handle parameter binding in different ways and SQLdeLite abstracts those differences away.
@@ -1043,14 +1047,14 @@ Protected Module SQLdeLite
Advanced Features:
The SQLdeLiteSelect method also supports filling the results of the RecordSet back to your SQLdeLite.Record object. You must True as the last parameter AND your
The SQLdeLiteSelect method also supports filling the results of the RecordSet back to your SQLdeLite.Record object. You pass True as the last parameter AND your
query must return only one result. Assuming both factors are true your SQLdeLite.Record object will gain new dynamic properties representing the values of every
column in the RecordSet. For example if we use the same "row" object as in the code example above and call the SQLdeLiteSelect method as so:
rs = db.SQLdeLiteSelect(sql, row, True)
The code above will actually loop through all the columns of your record and create dynamic properties in the row object. So despite never defining a "PhoneNumber"
for instance if the record included it then you can now access it via:
property if the record included it then you can now access it via:
MsgBox(row.PhoneNumber)
@@ -1063,7 +1067,7 @@ Protected Module SQLdeLite
that vary depending on your needs.
Instead of using SQLdeLite to execute the queries you can simply use it to create your queries along with parameterized arrays suitable for Valentina. SQLdeLite is aware
of the Valentina specific way of binding SQL parameters and returns to you everything you need to execute your queries against Valentina.
of the Valentina specific way of binding SQL parameters and returns to you everything you need to execute your queries against Valentina safely.

0 comments on commit 7aa18fd

Please sign in to comment.