A Slightly More Complex revLet Question

Andre Garzia andre at andregarzia.com
Mon Aug 10 06:57:16 EDT 2009

That approach can also be done with On-Rev

RevOpenDatabase ...

switch $_GET["query"]
  case "clientdata"
    put ""SELECT * FROM clients WHERE username = '" & $_GET['param1'] & "'"
into tSQL
  end switch
  put RevDataFromQuery(cr, tab, tDatabaseID, tSQL) into tData

and so on...

On Sun, Aug 9, 2009 at 7:55 PM, Brian Yennie <briany at qldlearning.com> wrote:

> Len,
> FWIW, I would recommend going the PHP route (or any server side language).
> That way you will never have to worry about a firewall, and won't have to
> maintain any sort of database connectivity from inside a browser. Do revLets
> support ODBC?
> You can just say something like:
> put url "http://myserver.com/db.php?query=clientdata&param1=george" into
> georgeData
> On the server:
> mysql->connect(..)
> $query = $_GET["query"]
> switch ($query) {
>        case "clientdata"
>                $sql = "SELECT * FROM clients WHERE username =
> '".$_GET['param1']."'";
>                break;
>        ...
> }
> $data = mysql->query(..);
> ...
> Maintenance becomes very easy. One line on the client to make a query, just
> write the PHP script once and add queries as you need them.
>  The particular customer would have the web server farm and SQL Server
>> (Microsoft's) in the same server room so security shouldn't be an issue
>> unless the revlet can somehow be broken into on the client end.  Most of the
>> end users have trouble spelling G.E.D. so this is a minimal risk but it is
>> there.  Perhaps I AM making it more complicated (in my head) than it really
>> is.  I'll have to use ODBC because we don't have either other DB Driver that
>> can speak to a SQL Server.
>> My immediate issue is they would like to see some sort of demonstration of
>> what's possible (after all, the app I'm trying to replace was written over a
>> 10 year period!)  not the finished product.  Therefore, I'd like to upload
>> the sample program to my on-Rev account and have them access the data on my
>> desktop computer at home (which has a SQL Server and some old data on it).
>>  I don't offhand know what port SQL Server uses but I have no problems with
>> them accessing the data directly for a limited time and I don't think they
>> will have a problem with this revLet accessing THEIR SQL Server if they
>> decide to green-light the project.
>> I'll do some playing around with it.
>> Len Morgan
>> KTTK, Inc.
>> Mark Schonewille wrote:
>>> Hi Len,
>>> Yes, if the server allows it, you can do all you describe. It is indeed
>>> recommendable to use a cgi or irev to connect to MySql. I use PHP for this.
>>> Many hosts, including yours sincerely, don't allow a direct a connection to
>>> a database from a MySQL client.
>>> Why would you put effort into keeping a connection alive? I don't think
>>> that keeping a connection alive will increase transaction speed
>>> significantly, unless you can connect to a database directly, without
>>> cgi/irev/php.
>>> You can write a cgi or php script, for instance, which interprets a query
>>> from your client and executes it. I would consider this rather insecure,
>>> because a hacker who finds out how to send queries gets full control over
>>> your database.
>>> You can get a url or use the post command to connect to a server and send
>>> your query from your revlet the same way you can from a desktop standalone.
>>> Why is this complex?
>>> --
>>> Best regards,
>>> Mark Schonewille
>> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution

http://www.andregarzia.com All We Do Is Code.

More information about the use-livecode mailing list