本文共 4183 字,大约阅读时间需要 13 分钟。
SQLer是一个微型http服务器,用Go语言编写,将旧的CGI概念应用于SQL查询。SQLer允许编写端点并分配一个SQL查询,以便任何人点击它时能执行查询。此外SQLer还允许自定义验证规则,可验证请求正文或查询参数。SQLer使用nginx样式配置语言(HCL)。
Go text/template;.Input(map [string] interface{}),而.Utils是辅助函数列表,目前它只包含SQLEscape;// create a macro/endpoint called \u0026quot;_boot\u0026quot;,// this macro is private \u0026quot;used within other macros\u0026quot; // because it starts with \u0026quot;_\u0026quot;.// this rule only used within `RESTful` context._boot { // the query we want to execute exec = \u0026lt;\u0026lt;SQL CREATE TABLE IF NOT EXISTS `users` ( `ID` INT UNSIGNED AUTO_INCREMENT PRIMARY KEY, `name` VARCHAR(30) DEFAULT \u0026quot;@anonymous\u0026quot;, `email` VARCHAR(30) DEFAULT \u0026quot;@anonymous\u0026quot;, `password` VARCHAR(200) DEFAULT \u0026quot;\u0026quot;, `time` INT UNSIGNED ); SQL}// adduser macro/endpoint, just hit `/adduser` with// a `?user_name=\u0026amp;user_email=` or json `POST` request// with the same fields.adduser { // what request method will this macro be called // default: [\u0026quot;ANY\u0026quot;] // this only used within `RESTful` context. methods = [\u0026quot;POST\u0026quot;] // authorizers, // sqler will attempt to send the incoming authorization header // to the provided endpoint(s) as `Authorization`, // each endpoint MUST return `200 OK` so sqler can continue, other wise, // sqler will break the request and return back the client with the error occurred. // each authorizer has a method and a url. // this only used within `RESTful` context. authorizers = [\u0026quot;GET http://web.hook/api/authorize\u0026quot;, \u0026quot;GET http://web.hook/api/allowed?roles=admin,root,super_admin\u0026quot;] // the validation rules // you can specify separated rules for each request method! rules { user_name = [\u0026quot;required\u0026quot;] user_email = [\u0026quot;required\u0026quot;, \u0026quot;email\u0026quot;] user_password = [\u0026quot;required\u0026quot;, \u0026quot;stringlength: 5,50\u0026quot;] } // the query to be executed exec = \u0026lt;\u0026lt;SQL { { template \u0026quot;_boot\u0026quot; }} /* let's bind a vars to be used within our internal prepared statement */ { { .BindVar \u0026quot;name\u0026quot; .Input.user_name }} { { .BindVar \u0026quot;email\u0026quot; .Input.user_email }} { { .BindVar \u0026quot;emailx\u0026quot; .Input.user_email }} INSERT INTO users(name, email, password, time) VALUES( /* we added it above */ :name, /* we added it above */ :email, /* it will be secured anyway because it is encoded */ '{ { .Input.user_password | .Hash \u0026quot;bcrypt\u0026quot; }}', /* generate a unix timestamp \u0026quot;seconds\u0026quot; */ { { .UnixTime }} ); SELECT * FROM users WHERE id = LAST_INSERT_ID(); SQL}// list all databases, and run a transformer functiondatabases { exec = \u0026quot;SHOW DATABASES\u0026quot; transformer = \u0026lt;\u0026lt;JS // there is a global variable called `$result`, // `$result` holds the result of the sql execution. (function(){ newResult = [] for ( i in $result ) { newResult.push($result[i].Database) } return newResult })() JS} .Hash \u0026lt;method\u0026gt; - 使用指定的方法[md5,sha1,sha256,sha512,bcrypt]散列指定的输入, { { \u0026quot;data\u0026quot; | .Hash \u0026quot;md5\u0026quot; }};·.UnixTime - 以秒为单位返回unit时间, { { .UnixTime }};.UnixNanoTime - 以纳秒为单位返回unix时间,{ { .UnixNanoTime }};.Uniqid - 返回唯一ID,{ { .Uniqid }}。SQLer遵循 Apache 2.0协议。
转载地址:http://onkpa.baihongyu.com/