0

We are creating a website, and we are currently only using HTML5 and javascript. We need to be able to both read from and write to a database. We are using a postgressql database. What is your recommendation on how to go about querying the database? We are open to using other languages with our HTML and javascript to make this happen.

asked Feb 2, 2011 at 21:05
1
  • if you mean database querying from the client, idk but that would be completely unsecure. Anyone with programming knowledge could access the database, and delete/add/modify anything. Commented Feb 2, 2011 at 21:09

6 Answers 6

2

Use some server-side language. PHP, Ruby, Python would suffice.

Then it depends on how you want your UI to behave - you can either use POST/GET regular requests, or use ajax (asynchronous) requests.

HTML and Javascript are client-side technologies, and your sql server is on the server side. It is just not meant to work with a direct communication.

Even if there is some way to do this directly without any server-side language, (not that I'm aware of such), it would mean you'll have your database credentials on the client. And so anyone will be free to execute whatever queries he likes.

answered Feb 2, 2011 at 21:08

8 Comments

Why not do it? The scenario the OP is describing is perfectly valid. The OP is just asking about the missing piece in the puzzle (a backend that can serve data that can be consumed by JavaScript).
@Ates Goral - that's how my answer started. I'll clarify a bit.
That is what I'm asking. We just can't figure out how to tie up the backend.
@Newb - it will depend on the language you choose. I listed three. (there are more, of course). It is equally easy to do simple database operations with each.
We were wanting to use some kind of Java backend. Do you have any suggestions for that?
|
1

If you can use javascript, you can use AJAX... You can setup a server that processes all AJAX calls and connects to the database itself.

answered Feb 2, 2011 at 21:09

Comments

0

For security reasons you will have to access the database on the server before moving the data to the client. This rules out any javascript, unless you have a readonly account for the database. For that reason I would advice you to go with a language like PHP, Java Tomcat or ASP.NET.

answered Feb 2, 2011 at 21:10

Comments

0

If the requirements are indeed that "we can only use HTML/JavaScript" and "we need to access a database" then you have a couple of approaches, but they may not be the actual right approaches for you.

  1. CouchDB (not PostgreSQL) is very JSON-friendly and is a database. It can sit on the web server and be accessed directly from your JavaScript easily. However, there is a major security risk here. Anyone will have access to your database. Depending on what the data is, it can be secured in various ways. But it's still a huge risk.
  2. Server-side JavaScript. Look into node.js to run on the web server that's hosting the database. Some pretty great projects have been based on that recently and "accessing a database" by itself should be pretty easy.

However, in normal day-to-day work, I'm going to have to agree with the other answers so far. Use a server-side programming environment to handle the database stuff. Unless your software actually fits into my suggestions above, in which case that's pretty awesome and go for it.

answered Feb 2, 2011 at 21:17

3 Comments

I'm don't understand why you consider couchdb a major security risk. Seems no better or worse than other available solutions.
@Mark O'Connor: It's not CouchDB that's the risk, it's accessing the database directly from the client-side code that's the risk. Using a JSON-friendly DB doesn't address that. It would require a lot of considerations about the data and the privacy of that data and the access to that data. CouchDB would fit well with the JavaScript requirement, but the risk of client-driven data access remains.
Point taken, what you're talking about is limited and controlled access to the data via application APIs.... You can implement this with couchDB by enabling access to the view functions only (I would always recommend proxy'ing CouchDB behind a webserver like Apache for production systems).
0

Lots of options, I'd suggest looking at DWR. It enables server side java objects to be invoked from javascript clients.

answered Feb 2, 2011 at 21:21

Comments

0

The best way is to use a scripting language, like PHP, Ruby, Python, Perl, etc.

Tom Zych
13.7k9 gold badges38 silver badges55 bronze badges
answered Feb 2, 2011 at 21:09

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.