Data Dictionary of website without database - javascript

I am trying to understand if an e-commerce website without database, built with node.js would still have the capability to produce a passive Data Dictionary?? Is a database mandatory to produce a data dictionary?
Thanks a lot for your help!

You probably need to have a database in order to build an e-commerce website. Because the data dictionary may just include a summary (column names, types, etc.) of the tables in the database. Actually it is just a repository of information about data in a database or a data set.

Related

How can I query (with SQL) from browser?

I have a .csv that I want to use as a database and run SQL queries on it from the browser. (Ideally I want to upload the .csv, first. But It could also be stored). Thought this could be done with Django and a Postgres database. Are there simpler ways of accomplishing this?
Is WebSQL an option? Is there something else, I haven't thought of?
Ideally I would want to avoid SQL injections. I tried searching on stack overflow and found this (Display SQL query results in php), but it's not what I'm looking for.
Basically the desired functionality is: when one comes to webpage, they can run SQL queries on the data in the .csv. They type queries in an HTML form and submit the form and then the results would be shown on the same page with actual query.
Use an in-browser library to load the data from the csv file, for example Papa Parse, then equally using an in-browser library, but this time for SQLite, create an empty in-memory database, populate it with the loaded data from the csv file, and then query the database with the same library.
It appears that you are asking if you trigger/run SQL queries against some SQL database directly from a UI. While this is theoretically possible, in practice it is a very bad idea. The reason it is a bad idea is that to do so you would have to open one or more database ports to the outside. This in turn would expose the database to DOS (denial of service) and other types of malicious attacks.
The proper way to proceed would be to place your database behind the backend of your web application. Then, expose one or more endpoints in your backend which in turn talk privately to the database. Finally, allow your UI to hit the backend endpoints to run whatever SQL logic you want.

Methods to pull data and display on web browser

Please look at my project architecture below.
I intend to use Arduino as Web server and pull data into the SQL database of my PC. I have installed XAMPP, so I have the apache server and MySQL running in my PC. I have verified that data from Arduino is updating a table in the SQL DB.
Question:
I'm not a web-developer and I have been exploring different ways of pulling data from the SQL DB and showing it on web-page.
My requirements:
Pull live data from the SQL DB (as it gets updated) and show it on web page
Plot graphs of recorded parameters from the db as and when required. I understand that Flot is a tool which can do that.
Make a drawing as shown in the image above and populate that with dynamic values (numbers) or change colors of objects (such as green/red)
Methods I have come across so far
Use PHP to pull the data and show on webpage. Use HTML/Javascript/jQuery to create such drawing and populate with image and values
Use Python to pull data and use HTML/Javascript/jQuery (I know only HTML among these)
Use Visual Basic to pull data directly from Arduino and display it in a form. For this option, I'm not sure if plotting data is possible or not.
This of-course is a broad question and as I said I'm not a web developer. But I'm in no hurry. I have couple of months of time to invest and learn the different languages involved.
I wish the answers could guide me to a better solution than I know or chose one among the others or just point out plus-and-minus of each of the options
You can use EventSource at JavaScript to stream data from PHP or Python the the HTML document.

How can I protect Edit and delete access for particular tables in sqlite?

I am developing a sqlite editor for learning purpose, here everyone can create delete or edit in new tables, but not in default table. Because I am created some default table for their learning purpose. So I want to protect the default table and its values. Is it possible?
I found the following link but im not understood anything http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt
The page you linked to says:
However, if the same
database file is opened by a version of SQLite that omits
the -DSQLITE_USER_AUTHENTICATION compile-time option, then the sqlite_user
table will be readable by anybody and writeable by anybody
And in any case, SQLite databases are just files, and could be read or modified directly.
The only way to more reliably protect data in SQLite is to put the data into a separate database file, and protect that file with whatever mechanism your OS offers.

helping inserting entries to Azure DB

Im just starting out using Azure and i have minimal experience with SQL, so I'm a little confused. I set up my Azure Webapp to pull from a Git repository on bitbucket. I successfully linked those two together, and pushes made to bitbucket update my site. What I am having trouble doing is linking my database on Azure to this site, so that I can make data entry forms and insert that info as records onto this database. Im just starting out simple to learn the basics. I have a table names Users with the elements, id(which is set up as IDENTITY so it sequentially creates a unique id number), username, password, and email. I can pull the info from the HTML document and everything just fine, but how do I correctly link my DB and its tables using HTML, js, and azure? Ill post any additional info that will be necessary, i dont even know where to begin on this really.
Ill also add im using Visual Studio for creating tables and entities and most DB management.
Thanks in advance.
How to access your database depends on the database you are using and the server side programming language. From the tags you used in your question I assume you are using the mysql database provided by clear db through the Azure Management Portal. You can not access your database right from JS. As you are using VS I guess you are using asp.net on the server side. If using asp.net this article might help: https://msdn.microsoft.com/en-us/library/ms178371%28v=vs.100%29.aspx
If you created a ms sql database through the SQL Database service in MS Azure you also need to check the firewall settings to allow access from your app.

Just storing XML/JSON in a DB for data not used within the DB?

I have a small database with some basic user data in it (uid, username, email, password, etc) which is used by various SQL queries and PHP so having a full table structure there makes sense.
However a new feature will add a few new tables where each user will "own" a number of rows in these tables (say 100KB of data for each user). However from the DB standpoint, all I really want to be able to do is either set all the data for one user, or get all the data for one user.
The data will then only ever be viewed and edited client side, using JavaScript. Of course the JavaScript can not directly run the SQL queries, and after the data is edited and submitted as a HTTP POST, trying to put together the correct set of UPDATE, INSERT and DELETE queries in PHP by tracking whatever changes were made by the user that session is somewhat complicated.
Instead what I am thinking is to just have a TEXT field in the database for each user, and store JSON or XML in it. The JavaScript can then just be given that to populate the HTML table and after the user is done editing that table the JavaScript just needs to collect all the data back from the HTML form and post it. The PHP then just needs to run an SQL query to overwrite the existing data.
While this seems the simplest way, it does seem to be a bit of a misuse of an SQL DB. I am also wondering if it is better if the initial before-edits table was generated by PHP in the first case, not the JS once the document has loaded?
Using a text field to store data for cases like yours is a common practice. However, if you decide to do that move, take into consideration the following issues:
Stick to a fixed format. If you store data as plain text, be aware that the database will no longer use its mechanisms to ensure data integrity and format unification. So if you have a few records with a given format, then change it and add a few more with the new format, those with the old format will no longer work, unless you ensure that you support both formats. So, your data format should be mature and consistent enough.
Estimate data length. You should have a good idea of how long the data text will become, in order to guarantee it will fit the database column you are storing it in. Some databases have issues with unlimited data type columns (like TEXT) so you should know your db server well, as well the deployment configuration. Usually MySQL and PostgreSQL will not have issues, but in my experience I have faced serious problems with Informix - so your database server matters.
Do not rely on client code. You mention to be creating the data via javascript. I recommend at least submitting the JSON to the server and producing another JSON from it to store in the database, or validate it in some other way. Otherwise, it may be possible for a hacker to add malicious content, or perform DB injection, or otherwise compromise your application if you do not take measure when free-form client data is added. If, however, the data is entirely generated on the server, the risks are fewer.
So, in general, this is not a bad practice in terms of database development, but as you see, provides additional considerations. If you figure them all out (I do not pretend to include all in my list, just the most common that I have personally faced), then you will be OK.

Categories

Resources