HMGSCRIPT Next Steps...

Moderator: Rathinagiri

Post Reply
User avatar
Roberto Lopez
HMG Founder
Posts: 3876
Joined: Wed Jul 30, 2008 6:43 pm
Has thanked: 12 times
Been thanked: 105 times

HMGSCRIPT Next Steps...

Post by Roberto Lopez » Sun Dec 21, 2014 12:36 am

Hi All,

My main goal at this moment is to make HMGSCRIPT, independent of server technology, meaning that the library and client app code could work with any backend without modifications.

Basically, I'm removing dbquery, dbappend, dbdelete and dbmodify functions from the library and replacing with only one function that should be used for all the server requests.

So, using dbquery as an example, the following code:

Code: Select all

	aRecordSet = DbQuery ( 'table' , 
		[ 'code' , 'first' , 'last' , 'birth' , 'married' ] , 
		'code<=10 .or. code>=1000' , '' );
Will be replaced by:

Code: Select all

	aRecordSet = httpRequest ( '/cgi-bin/myquery.cgi' , 'table' , 
		[ 'code' , 'first' , 'last' , 'birth' , 'married' ] , 
		'code<=10 .or. code>=1000' , '' );
This is already working in my tests.

Another thing to be done, is to make array data transfers using a standard format (probably JSON) but I've not decided yet.
Regards/Saludos,

Roberto


(Veritas Filia Temporis)

User avatar
Roberto Lopez
HMG Founder
Posts: 3876
Joined: Wed Jul 30, 2008 6:43 pm
Has thanked: 12 times
Been thanked: 105 times

Post by Roberto Lopez » Sun Dec 21, 2014 1:15 am

And...

Currently, this is the code for the new httpRequest function:

Code: Select all

//////////////////////////////////////////////////////////////////////////////////
// HttpRequest
//////////////////////////////////////////////////////////////////////////////////

function httpRequest()
{

	var i;

	var cmd = '';

	for (i = 1; i < arguments.length; i++)
	{

		if ( type(arguments[i]) == 'array' ) 
		{
			cmd += 'par_' + i.toString() + '=' + escape(JsToHrb(arguments[i]));
		}
		else
		{
			cmd += 'par_' + i.toString() + '=' + escape(arguments[i]);
		}

		cmd += '&' ;

	}

	cmd += 'sessionId=' + cSessionId;

	var xmlHttp=new XMLHttpRequest();
	xmlHttp.open( "POST" , arguments[0]  , false ) ;
	xmlHttp.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
	xmlHttp.send( cmd );

	if ( xmlHttp.responseText.slice(0,7) == 'ERROR -' )
	{
		alert(xmlHttp.responseText);
		return '';
	}
	else
	{

		var tmp = xmlHttp.responseText;
	        var strResponseArray = tmp.split('\n');
		var strContentArray = strResponseArray[0].split('\t');
		var nRecordCount = strResponseArray.length;

		if ( nRecordCount > 0 )
		{

			var nFieldCount = strContentArray.length;
			var aRecordSet = new Array(nRecordCount); 

			for ( var i = 0; i < nRecordCount; i++) 
			{ 
				strContentArray = strResponseArray[i].split('\t');
				aRecordSet[i] =  new Array(nFieldCount);  
				for (j=0; j < nFieldCount; j++) 
				{ 
					aRecordSet[i][j] = strContentArray[j]; 
				} 

			} 

			return aRecordSet ;

		}
		else
		{		
			return xmlHttp.responseText;
		}

	}

}
The server side (Harbour) code, is exactly the same as 'query.prg' excepting parameter names.

They must be:

Code: Select all

	cTable		:= GetValue ( "par_1" )
	aColumns	:= &(GetValue (  "par_2" ) )
	cForExpr	:= GetValue (  "par_3" )
	cOrder		:= GetValue (  "par_4" )
	cSessionId	:= GetValue (  "sessionId" )
Regards/Saludos,

Roberto


(Veritas Filia Temporis)

User avatar
Roberto Lopez
HMG Founder
Posts: 3876
Joined: Wed Jul 30, 2008 6:43 pm
Has thanked: 12 times
Been thanked: 105 times

Post by Roberto Lopez » Sun Dec 21, 2014 1:22 am

Finally:

Another benefit of this scheme, is enhanced security.

As I've stated in another post, having generic (very powerful) functions like dbDelete, dbAppend, etc. could become a serious security risk.

Replacing them by customized server procedures, with limited functionality, will give us a more secure infrastructure.
Regards/Saludos,

Roberto


(Veritas Filia Temporis)

User avatar
Pablo César
Posts: 4036
Joined: Wed Sep 08, 2010 1:18 pm
Location: Curitiba - Brasil
Has thanked: 99 times
Been thanked: 167 times

Post by Pablo César » Sun Dec 21, 2014 1:36 am

Nice Roberto !
HMGing a better world
"Matter tells space how to curve, space tells matter how to move."
Albert Einstein

User avatar
serge_girard
Posts: 1684
Joined: Sun Nov 25, 2012 2:44 pm
DBs Used: 1 MySQL - MariaDB
2 DBF
Location: Belgium
Has thanked: 201 times
Been thanked: 30 times
Contact:

Post by serge_girard » Sun Dec 21, 2014 9:50 am

Thanks Roberto !

Serge

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests