Re: [go-nuts] General question: complex search form and query params

2018-03-02 Thread benjamin . guy . thomas 
Thanks for the feedback.

I'm only vaguely familiar with graphql. From my understanding, it's meant 
to facilitate data query for the frontend dev.

But I'm looking at things more from a user perspective here, see my github 
example.

I might have to dig into this though.

Le vendredi 2 mars 2018 16:15:00 UTC+1, Alex Efros a écrit :
>
> Hi! 
>
> Many years ago I've implemented something similar in Perl, which was later 
> released as https://metacpan.org/pod/DBIx::SecureCGI. Nowadays I suppose 
> best way to do something like this is using GraphQL (for ex. 
> https://github.com/graphql-go/graphql). 
>
> -- 
> WBR, Alex. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [go-nuts] General question: complex search form and query params

2018-03-02 Thread Lutz Horn 

Nowadays I suppose
best way to do something like this is using GraphQL (for ex.
https://github.com/graphql-go/graphql).


But GraphQL != SQL. Building SQL from HTTP query parameters is not made 
more simple and secure by building GraphQL from HTTP query parameters.


Lutz

--
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [go-nuts] General question: complex search form and query params

2018-03-02 Thread Alex Efros 
Hi!

Many years ago I've implemented something similar in Perl, which was later
released as https://metacpan.org/pod/DBIx::SecureCGI. Nowadays I suppose
best way to do something like this is using GraphQL (for ex.
https://github.com/graphql-go/graphql).

-- 
WBR, Alex.

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[go-nuts] General question: complex search form and query params

2018-03-02 Thread benjamin . guy . thomas 
Hello gophers,

Sorry if this is considered noise to some, as I have a question which is 
not specifically go related.

I have a personal project in which I'd like to use go though.

Basically, I'd like to create a complex search form, returning data backed 
by an SQL database.

To prevent SQL injection and for flexibility, I'm set on using an sql 
builder library.

However I'm not sure how to go about querying the data itself, via query 
params, without creating lots of boiler plate and duplication.

I'm wondering if a solution similar to what I'm looking for exists, as I've 
never stumbled upon one...
 
I'm submitting my thoughts below, and would greatly appreciate feedback :)

===NOTES_START===
# Idea for query params, for a search form.

Upon UI changes, javascript would generate the appropriate final query 
string

A query string could be typed in by a power user, to handle cases not 
covered by a simpler UI (via the url or text input)

## First, create a solid CLI app. Then port it to the web via a JSON API, 
that would simply consume the query string.

```
go run ./cmd/query/main.go QUERY_STRING
```

## Query string format would follow this principle

PARAM_NAME : VALUE : OPERATOR

```
# Commands
columns:posted_on,short_descr:eq
columns:posted_on,short_descr:hide
columns:posting_id,posted_on,short_descr:show

limit:10:eq
limit:10  # would default to `eq`?

page:1
page:2
offset:20

# Filtering
euros:11.94 # would default to `eq`?
euros:11.94:eq
euros:100:lt
euros:100:lte

comment:FIXME # would default to `eq`?
comment:FIXME:eq
comment:NULL:eq
comment:NULL:ne
comment:%tickets%:like
comment:%Tickets%:ilike

payee:Amazon|Google:re # regex
payee:AMAZON|Google:rei # regex, case insensitive

```

## Question: how would I chain commands? I cannot use & in urls.

### Maybe with a pipe char

QUERY_STRING | QUERY_STRING | QUERY_STRING

### Or via AND, OR keywords

```
qs=QUERY_STRING

qs AND qs OR qs
```

### Boolean logic, force the use of parentheses?

```
qs=QUERY_STRING

(qs AND qs) OR (qs OR qs)
```
===NOTES_END===

Basically, I guess I'm looking for some kind of DSL.

I'm thinking of implementing a lexer/parser for this, but first I'd like to 
make sure I'm not going to reinvent the wheel :)

Thanks for your interest and input!

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.