1. A universal web application backend.

6. GET /students
DELETE /students/:num
PUT /students/:num

7. SELECT * FROM students;
DELETE FROM students WHERE id = %s
UPDATE students SET name = %s,
gpa = %s, birthdate = %s
WHERE id = %s

8. GET /students/1
SELECT * FROM students WHERE id = %s
VERB NOUN
VERB NOUN

9. class AccountsController < ApplicationController
def show
st = students.find(:student_id)
render :json => st
end
end
VERBNOUN

10. RdbHost.com allows you
to write your SQL directly
in your browser-side
JavaScript code.

11. Instead of:
var p = $.ajax(
url: „/students‟
});
Use:
var p = $.postData({
q: „SELECT * FROM students‟,
});

12. var p = $.postData({
q: „SELECT * FROM students‟
});
p.done(function(data) {
alert(data);
});

13. var p = $.postData({
q: „SELECT %s AS “To:” ‟+
„%s AS “body” ‟+
…
„%s AS “Subject:” ‟ +
„%s AS “service” ‟,
mode: „email‟,
format: „json‟
});

14. results
SELECT %s AS “To:”..
email proxy

15. Super - authenticated with
authcode
Preauth - executes only white-
listed queries
Reader – limited by Postgres Privs

16. 50 char random authcode
Useful for creating tables, views,
procedures, and indexes.
Administrative role. Used by you, not
by your users.
s0000000010

17. White-listed
table: auth.preauth_queries
tag
query,
mode
p0000000010

18. Adding queries to a white-list is
as simple as putting the account
into training mode, and
submitting the queries by the
„preauth‟ role.

19. The white-list validation process
requires that queries be
parameterized, without data.
The data is sent to the server with
the query, and bound to the query
on the server, after the query has
been white-list validated.

20. Python DB API 2 module.
Ajax Content Rendering for Search
Engines
OpenId Authentication Support
„File‟ Hosting, with SFTP

21. SSL, with your certificate (or ours).
Bulk database transfer tool, for sending
and receiving complete databases.
Web-interface database administration
tool.
jQuery Plugin, jquery.rdbhost.js

22. Cross-domain data access. Host
anywhere, access your data here.
Supports file fields in forms.
Ajax with CORS does not.

23. 3 types of request methods:
i) $.postData is $.ajax style
ii) $.postFormData finds data in form.
Use with file fields
iii) $.getGET and $getPOST, work with
JavaScript frameworks

24. This library contains higher level
JavaScript functions.
Examples:
$.setupCharge({…})
$.chargeCard({…})
$.emailWebmaster({…})
$.emailAllUsers({…})

25. Removes one layer from web stack.
Removes one language from web stack.
All code is in browser, with ...
Great debugging, profiling tools.
Chrome debugger, for example, is
outstanding.

26. Write your app, including business
logic, in client-side code.
App makes database queries using
straight SQL.
Train Rdbhost server account to white-
list queries.
Host application files on Rdbhost, as
'pseudofiles', or on any static host
elsewhere.

27. Isn't there a hazard in showing your
SQL to users?
Maybe.
If you are concerned, you can edit the
SQL out, after training, so queries are
requested by name.