Introduction to SQLite
in Adobe AIR 1.5
Peter Elst - Flash Platform Consultant

Why SQLite in Adobe AIR?
■ Embedded SQL Database Engine
■ Implements most of SQL92
■ Light-weight, cross-platform, open source
■ No setup, configuration or server required
■ Each database is contained within a single file

How do you use it?

How do you use it?
1. Create a File reference

How do you use it?
1. Create a File reference
2. Create an instance of flash.data.SQLConnection and
flash.data.SQLStatement

How do you use it?
1. Create a File reference
2. Create an instance of flash.data.SQLConnection and
flash.data.SQLStatement
3. Open the database connection

How do you use it?
1. Create a File reference
2. Create an instance of flash.data.SQLConnection and
flash.data.SQLStatement
3. Open the database connection
4. Specify the connection and SQL query to run

How do you use it?
1. Create a File reference
2. Create an instance of flash.data.SQLConnection and
flash.data.SQLStatement
3. Open the database connection
4. Specify the connection and SQL query to run
5. Run SQLStatement.execute()

How do you use it?
import flash.filesystem.File;
import flash.data.*;
var dbFile:File =
File.applicationStorageDirectory.resolvePath(\"contacts.db\");
var sqlConn:SQLConnection = new SQLConnection();
var sqlStatement:SQLStatement = new SQLStatement();
sqlConn.open(dbFile);
sqlStatement.sqlConnection = sqlConn;
sqlStatement.text = \"SELECT * FROM contacts\";
sqlStatement.execute();
var result:Array = sqlStatement.getResult().data;

Synchronous versus Asynchronous
■ Synchronous - blocks application until result is available
var sqlConn:SQLConnection = new SQLConnection();
sqlConn.open(dbFile);
var result:SQLResult = sqlConn.getResult().result;
■ Asynchronous - uses events and event listeners
var sqlConn:SQLConnection = new SQLConnection();
sqlConn.addEventListener(SQLResultEvent.RESULT, onSQLResult);
sqlConn.addEventListener(SQLResultEvent.ERROR, onSQLError);
sqlConn.openAsync(dbFile);

flash.data.SQLConnection
■ Connects to the database file
■ Provides events for asynchronous use
■ Schema access

flash.data.SQLStatement
■ Executes a SQL query on the specified database connection
■ Provides events for asynchronous use
■ Supports result paging

Storage types
■ NULL - NULL value (null)
■ INTEGER - signed integer (int)
■ REAL - floating point (Number)
■ TEXT - UTF16 text string (String)
■ BLOB - blob of data

SQLStatement Parameters
■ The parameters feature protects your SQL statements from
SQL injection
var sqlStatement:SQLStatement = new SQLStatement();
sqlStatement.sqlConnection = sqlConn;
sqlStatement.text = \"SELECT * FROM contacts WHERE id = @ID\";
sqlStatement.parameters[\"@ID\"] = someVariable;
sqlStatement.execute();
■ You can use the @ or : symbol to denote a parameter to be
replaced, works both string based as index based
sqlStatement.parameters[0] = someVariable;

Result Paging
■ Paging allows you to limit the amount of rows you get
returned when doing a select operation
var sqlStatement:SQLStatement = new SQLStatement();
sqlStatement.sqlConnection = sqlConn;
sqlStatement.text = \"SELECT * FROM contacts\";
sqlStatement.execute(10);
■ You can get the next batch of rows returned by calling the
next method on the SQLStatement instance
sqlStatement.next();

flash.data.SQLResult
■ SQLResult.data - array of objects for each row of the result
■ SQLResult.complete - returns a boolean indicating whether
or not the full result was shown
■ SQLResult.lastInsertRowID - return id for the last row that
was inserted
■ SQLResult.rowsAffected - number of rows affected by an
insert, update or delete operation

Transactions
■ Transactions allow multiple SQL statements to run within one
write operation to the database
■ Much more optimized way of handling large insert operations,
allows rollback of the complete transaction if an error occurs
var sqlStatement:SQLStatement = new SQLStatement();
sqlStatement.sqlConnection = sqlConn;
sqlStatement.text = \"INSERT into contacts VALUES (@NAME, @EMAIL)\";
sqlConn.begin();
for(var i:uint=0; i<contacts.length; i++) {
sqlStatement.parameters[\"@NAME\"] = contacts[i].name;
sqlStatement.parameters[\"@EMAIL\"] = contacts[i].email;
sqlStatement.execute();
}
sqlConn.commit();

Database Schema
■ Allows you to introspect tables, views, columns, indices, triggers
var sqlConn:SQLConnection = new SQLConnection();
sqlConn.open(dbFile);
sqlConn.loadSchema();
var result:SQLSchemaResult = sqlConn.getSchemaResult();
var table:SQLTableSchema = result.tables[0];
var column:SQLColumnSchema = table.columns[0];
trace(column.name);
// returns name of the first column in the first table

Encrypted database support
■ New feature in AIR 1.5
■ Allows you to encrypt the SQLite database
■ ByteArray as an encryption key when opening the
flash.data.SQLConnection
■ Database must be encrypted when it is created
■ Use SQLConnection.reencrypt([ByteArray]) to change the
encryption key on a database

Encrypted database support
■ Simple example (not secure)
var encryptionKey:ByteArray = new ByteArray();
encryptionKey.writeUTFBytes(\"notverysecretpassword\");
var sqlConn:SQLConnection = new SQLConnection();
sqlConn.openAsync(dbFile, SQLMode.CREATE, null, false, 1024,
encryptionKey);
■ For additional security:
■ Bundle the encrypted database with your AIR app
■ Get user input for the password rather than hardcoding it
■ Use the EncryptionGenerator class from as3corelib.swc

Demo time

Resources
■ Adobe AIR Developer Center
www.adobe.com/devnet/air/
■ Adobe AIR 1.5 Cookbook (O'Reilly)
■ www.peterelst.com | info@peterelst.com