Python with Rev and postGreSQL?

John Tregea john at debraneys.com
Fri Jul 14 02:40:04 EDT 2006 

Hi Kee,

I am aware of Rev having XML capabilities, but because of a whole bunch 
of SQL requirements I have kept it in the back of my mind for future 
investigation.

I will have to look at the Solaris 10 environment and see what will run 
on a single server with our PostgreSQL database. I am guessing that 
Apache will run, and probably PHP (as per Dan's recommendation). I will 
look into it further.

Thanks

John T

kee nethery wrote:
> I'd suggest a standard HTTPS connection and just pass it XML as part 
> of a POST. Simple, easy to troubleshoot with a browser. SOAP is a 
> complication and there is really no need for it.
> Your project sounds like fun.
> Kee
>
>
> On Jul 13, 2006, at 5:34 PM, John Tregea wrote:
>
>> Thanks Kee,
>>
>> While the database structure is complete, the front end is not, (that 
>> is why I am evaluating Rev), I believe python is a good tool to 
>> connect to the database, but not sure if it is used by any other 
>> Revolutionaries or if anyone can say what has worked well for them? I 
>> believe SOAP is used by some as well?
>>
>> Regards
>>
>> John T
>>
>> kee nethery wrote:
>>> If I were you ... starting from the database working outward:
>>>
>>> Build a CGI that talks to your database. Host that CGI on your 
>>> servers. Give it the ability to access your database with a username 
>>> and password that only it knows and give it the ability to execute 
>>> any SQL that makes sense.
>>>
>>> Have your app talk to the CGI. Have it log in either with a stored 
>>> password in the app or have the user enter a password that you give 
>>> to them, or both.
>>>
>>> Have your app only send requests for SQL to be run. Don't send the 
>>> SQL, send the name of the SQL and the parameters. For example:
>>>
>>> SelectGameScores
>>> Team = Dallas
>>> Year = 2006
>>>
>>> That gets converted in the CGI into
>>>
>>> SQL = "select date,teamA,teamB,scoreA,scoreB from teamScores where 
>>> date >= 'Jan 1, {year}' and date <= 'Dec 31, {year}' and (teamA = 
>>> '{team}' or teamB = '{team}')"
>>>
>>> SQL submitted = "select date,teamA,teamB,scoreA,scoreB from 
>>> teamScores where date >= 'Jan 1, 2006' and date <= 'Dec 31, 2006' 
>>> and (teamA = 'Dallas' or teamB = 'Dallas')"
>>>
>>> Just make sure you do some validation in the CGI on the parameters 
>>> that come in to prevent SQL injection.
>>>
>>> If you do this, it doesn't matter if they can get direct access to 
>>> your CGI, they can only run the SQL you have predefined.
>>>
>>> Kee Nethery
>>>
>>> _______________________________________________
>>> use-revolution mailing list
>>> use-revolution at lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your 
>>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-revolution
>>>
>>>
>> _______________________________________________
>> use-revolution mailing list
>> use-revolution at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your 
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-revolution
>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your 
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>
>

More information about the use-livecode mailing list