| blob | 9331398e7f6094da3f9f252892946e4f6506a361 |
3 <!--
4 Copyright 2007, Google Inc.
6 Redistribution and use in source and binary forms, with or without
7 modification, are permitted provided that the following conditions are met:
9 1. Redistributions of source code must retain the above copyright notice,
10 this list of conditions and the following disclaimer.
11 2. Redistributions in binary form must reproduce the above copyright notice,
12 this list of conditions and the following disclaimer in the documentation
13 and/or other materials provided with the distribution.
14 3. Neither the name of Google Inc. nor the names of its contributors may be
15 used to endorse or promote products derived from this software without
16 specific prior written permission.
18 THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
21 EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
23 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
24 OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
25 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
26 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
27 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 -->
30 <html>
31 <head>
34 </head>
36 <body>
42 <p>The Database module provides browser-local relational data storage to
43 your JavaScript web application. Google Gears uses the open source
45 database system.</p>
52 </a>
53 <ol>
56 </ol>
60 </li>
61 </ol>
64 <p>The Database module is used to persistently store an application user's data on the user's computer. Data is stored using the same-origin security policy, meaning that a web application cannot access data outside of its domain (see <a href="security.html#model">Security</a>).</p>
65 <p>Data is stored and retrieved by executing SQL statements. For information on the SQL syntax supported, see the SQLite document "<a href="http://www.google.com/url?sa=D&q=http://www.sqlite.org/lang.html">SQL as Understood By SQLite</a>", and also <a href="#sqlite_changes">local modifications to SQLite</a>, below. Google Gears includes SQLite's <a href="#sqlite_fts">full-text search</a> extension fts2.</p>
67 <p>SQL statements passed to <code>execute()</code> can and should use bind parameters (<code>?</code>) to prevent SQL injection attacks. Read about <a href="security.html#database">database security</a> best practices on the Security page. </p>
69 <p>The database module stores persistent data on the user's disk. It is important that your application request the user's explicit permission to do so, to prevent inadvertently storing data on an untrusted computer.</p>
74 <pre><code><script type="text/javascript" src="<a href='tools.html#gears_init'>gears_init.js</a>"></script>
76 var db = google.gears.factory.create('beta.database');
77 db.open('database-test');
78 db.execute('create table if not exists Test' +
79 ' (Phrase text, Timestamp int)');
80 db.execute('insert into Test values (?, ?)', ['Monkey!', new Date().getTime()]);
81 var rs = db.execute('select * from Test order by Timestamp desc');
83 while (rs.isValidRow()) {
85 rs.next();
86 }
87 rs.close();
98 </code></pre>
108 </code></pre>
112 <!------------------------------------------------------------->
113 <!-- Database -->
114 <!------------------------------------------------------------->
115 <br>
120 <table>
122 <th colspan="2"><a href="#Database-open" name="Database-open" class="code">open([name])</a></th>
123 </tr>
127 </tr>
132 </td>
133 </tr>
137 <i>Currently the name, if supplied and of length greater than zero, must consist only of visible ASCII characters excluding the following
138 characters:<br />
139 <br />
141 <br />
142 <i>Otherwise, open() will throw an exception. Before finalization of the API we
143 expect to remove this restriction.</i></td>
144 </tr>
148 Opens the database <code>name</code>, or an unnamed database if <code>name</code> is omitted. <code>name</code> is local to the application's origin (see <a href="security.html#model">Security</a>).
149 </td>
150 </tr>
151 </table>
152 <table>
154 <th colspan="2"><a href="#Database-execute" name="Database-execute" class="code">execute(sqlStatement, [argArray])</a></th>
155 </tr>
159 </tr>
162 <td class="odd"><code>sqlStatement</code> is a string containing a SQL statement, with <code>?</code> as a placeholder for bind parameters.<br />
163 <br />
164 <code>argArray</code> is an optional array of bind parameters to be substituted for the placeholders.</td>
165 </tr>
169 Throws an exception if the SQL statement fails to execute. See the exception object's <code>message</code> attribute for details.
170 <br><br>
171 <p class="note">Note: If multiple processes (including <a href="api_workerpool.html">Workers</a>) attempt to write to the
172 database at the same time, one can fail. It is up to the application to retry in these situations.</p>
173 </tr>
177 Substitute zero or more bind parameters from <code>argArray</code> into <code>sqlStatement</code> and execute the resulting SQL statement. There must be exactly as many items in <code>argArray</code> as their are <code>?</code> placeholders in <code>sqlStatement</code>. <code>argArray</code> can be omitted if there are no placeholders. The results of executing the statement are returned in a <a href="#ResultSet">ResultSet</a>.<br/>
178 <br/>
179 <code>open()</code> must be called and must return successfully before calling <code>execute().</code><br/>
184 );</code><br/>
185 <br/>
186 SQLite automatically quote-escapes bind parameters, so in execution the statement expands to:<br />
188 </code>
189 <br />
190 For information on SQL syntax, see the SQLite documentation "<a href="http://www.google.com/url?sa=D&q=http://www.sqlite.org/lang.html">SQL as Understood By SQLite</a>"
191 <br />
192 </p> </td>
193 </tr>
194 </table>
195 <table>
198 </tr>
202 </tr>
207 </tr>
211 instance. Calling Database.close() is not required.<br />
212 <br />
213 </td></tr>
214 </table>
215 <table>
217 <th colspan="2"><a href="#Database-lastInsertRowId" name="Database-lastInsertRowId" class="code">lastInsertRowId</a></th>
218 </tr>
222 </tr>
226 <td class="odd">Represents the <span class="code">rowid</span> of the most recent insert on this Database instance.<br />
227 Returns zero if no
228 inserts have ever occurred on this instance.<br />
229 <br />
230 Note that
231 all rows in every table have a <span class="code">rowid</span>, even rows in tables that do not have
232 integer-type primary keys. Thus, every successful insert updates this
233 attribute.</td>
234 </tr>
235 </table>
244 <p>
245 A <code>ResultSet</code> is returned from a successful call to <code>Database.execute()</code>. It contains the results of executing the SQL statement.</p>
247 underlying database do not affect the contents. </p>
248 <p>Iterate over the rows of the result set using <code>isValidRow()</code>, <code>next()</code>, and <code>close()</code>, calling data extraction methods for valid rows. For example:
249 </p>
250 <pre><code>while (rs.isValidRow()) {
252 rs.next();
253 }
254 rs.close();</code></pre>
258 <table>
260 <th colspan="2"><a href="#ResultSet-isValidRow" name="ResultSet-isValidRow" class="code">isValidRow()</a></th>
261 </tr>
265 </tr>
269 <td class="odd">Returns true if you can call <a href="#extraction">data extraction methods</a>.</td>
270 </tr>
271 </table>
273 <table>
276 </tr>
280 </tr>
284 </tr>
285 </table>
287 <table>
290 </tr>
294 </tr>
298 </tr>
302 <br />
303 You are required to call close() when you are finished with any result set.<br/>
304 <br/>
305 <em>Note: there is currently a feature request to have close called automatically when the result set goes out of scope.</em>
306 </td>
307 </tr>
308 </table>
315 <table>
317 <th colspan="2"><a href="#ResultSet-fieldCount" name="ResultSet-fieldCount" class="code">fieldCount()</a></th>
318 </tr>
322 </tr>
327 </tr>
328 </table>
330 <table>
332 <th colspan="2"><a href="#ResultSet-fieldName" name="ResultSet-fieldName" class="code">fieldName(int fieldIndex)</a></th>
333 </tr>
337 </tr>
341 </tr>
345 </tr>
349 current result set. This name is derived from the SQL statement which was executed.</td>
350 </tr>
351 </table>
353 <table>
355 <th colspan="2"><a href="#ResultSet-field" name="ResultSet-field" class="code">field(int fieldIndex)</a></th>
356 </tr>
360 </tr>
364 </tr>
368 </tr>
372 current row.</td>
373 </tr>
374 </table>
375 <table>
377 <th colspan="2"><a href="#ResultSet-fieldByName" name="ResultSet-fieldByName" class="code">fieldByName(string fieldName)</a></th>
378 </tr>
382 </tr>
386 </tr>
390 </tr>
394 current row.</td>
395 </tr>
396 </table>
398 <br />
401 <p>Database files that your application creates are stored on the user's computer in a location that is determined by the browser being used and the platform. </p>
404 Example: C:\Users\Bob\AppData\LocalLow\Google\Google Gears for Internet Explorer</p>
405 <p><strong>Windows Vista - Firefox </strong>- Database files are stored in the user local profile directory. </p>
406 <p>Location: C:\Users\<username>\AppData\Local\Mozilla\Firefox\Profiles\{profile}.default\Google Gears for Firefox <br />
407 Example: C:\Users\Bob\AppData\Local\Mozilla\Firefox\Profiles\uelib44s.default\Google Gears for Firefox </p>
408 <p><strong>Windows XP - Internet Explorer </strong>- Database files are stored in the user local profile directory. </p>
409 <p> Location: C:\Documents and Settings\<username>\Local Settings\Application Data\Google\Google Gears for Internet Explorer<br />
410 Example: C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Google Gears for Internet Explorer</p>
411 <p><strong> Windows XP - Firefox </strong>- Database files are stored in the user local profile directory. </p>
412 <p>Location: C:\Documents and Settings\<username>\Local Settings\Application Data\Mozilla\Firefox\Profiles\{profile}\Google Gears for Firefox<br />
413 Example: C:\Documents and Settings\Bob\Local Settings\Application Data\Mozilla\Firefox\Profiles\uelib44s.default\Google Gears for Firefox</p>
414 <p><strong>Mac OS/X - Firefox </strong>- Database files are stored in the user local profile directory. </p>
415 <p>Location: Users/<username>/Library/Caches/Firefox/Profiles/{profile}.default/Google Gears for Firefox <br />
416 Example: Users/Bob/Library/Caches/Firefox/Profiles/08ywpi3q.default/Google Gears for Firefox</p>
418 <p>Location: ~<em>bob</em>/.mozilla/firefox/<firefox's profile id>/Google Gears for Firefox <br />
422 <br />
428 and DETACH</a> commands can be used to open an arbitrary SQLite
429 database on the user's disk. For this reason, these commands have
430 been disabled in Google Gears. In the future this functionality may
431 be exposed in a way which respects the same-origin security
432 policy.</p>
437 command allows setting and inspection of various platform settings,
438 including certain settings which could potentially be used to
439 compromise security. At this time, Google Gears disables PRAGMA,
440 though it is possible that specific PRAGMA uses may be re-enabled or
441 exposed in the Database interface.</p>
443 <p>The default PRAGMA settings for Google Gears which differ from the
444 SQLite defaults:
445 <ul>
447 This controls the encoding used to store textual data on disk.
448 UTF-16 encoding on disk is almost never a win on desktop
449 machines, it is generally faster to read the smaller amount of
450 UTF-8 data and decode it on the fly.
453 Over time database files can become filled with gaps where data
454 has been deleted. These gaps can be recovered with the VACUUM
455 command, but VACUUM can lock the database for extended periods
456 of time, making it a challenge to integrate into interactive
457 applications. auto_vacuum mode recovers these gaps
458 incrementally as they are generated.
461 Desktop operating systems mostly have default virtual memory and
462 disk block sizes of 4k and higher.
465 Provides 8M of page cache.
468 Synchronous controls whether data is synchronized to disk before
469 COMMIT commands return (commands not in transactions are
470 implicitly wrapped in one). Setting synchronous to OFF can
471 provide a significant performance boost, at the expense of
472 potential data corruption. Much of the benefit of turning
473 synchronous off can generally be achieved by using a combination
474 of large transactions and WorkerPool.
476 </ul>
479 <br />
485 "Full-Text Search". fts2 allows you to create a table and search for words in TEXT data.
486 An fts2 table is created as follows:</p>
488 <pre><code>db.execute('CREATE VIRTUAL TABLE recipe USING fts2(dish, ingredients)');</code></pre>
490 <p>This creates an fts2 table named 'recipe', with fields 'dish' and
491 'ingredients'. All fts2 fields are of type TEXT. Data in the table
492 is manipulated using standard SQL commands such as INSERT, UPDATE, and
493 DELETE. Like other SQLite tables, the fts2 table has an implicit
494 unique rowid field, which acts as a unique index. </p>
496 <ul>
497 <li> No indices other
498 than the rowid and full-text indices are allowed.</li>
499 <li> fts2 tables contain a special field with the same
500 name as the table. This field is used in search queries, as described below. </li>
501 <li>Because the special field exists, is important to always list the specific fields being
502 inserted in INSERT statements, and list specific result fields in
503 SELECT statements. <em>SELECT * will throw exceptions when run on an fts2
504 table.</em></li>
505 </ul>
507 <p>To query using the full-text index, use the MATCH operator as
508 follows:</p>
512 <ul>
514 table, then the match is done against all fields of the table.</li>
515 <li>If
517 the match is done against that field.</li>
518 </ul>
520 <ul>
521 The following
522 returns the names of all recipes which include 'tomatoes' in any
523 field:
524 </li>
525 </ul>
526 <pre><code>var rs = db.execute('SELECT dish FROM recipe WHERE recipe MATCH ?', ['tomatoes']);</code></pre>
529 <dl>
535 <dd>Find rows containing either 'cheese' or 'tomatoes' in any field. Note that OR operator must be capitalized.</dd>
539 <dd>Find rows containing 'cheese' in any field, and not containing 'tomatoes' in any field.</dd>
541 <dd>Find rows containing words which start with 'ch', including rows containing 'cheese' or 'chowder'. The '*' must come at the end of the word.</dd>
542 </dl>
545 <p>fts2 tables are restricted to contain only TEXT fields and the
546 full-text index. To simulate additional indices or non-TEXT fields,
547 an auxiliary table can be used:</p>
549 <pre><code>db.execute('CREATE TABLE recipe_aux (dish TEXT PRIMARY KEY, rating INTEGER)');
550 db.execute('CREATE VIRTUAL TABLE recipe USING fts2(dish, ingredients)');</code></pre>
556 in the full-text index. For example, to search for recipes with
559 <pre><code>var rs = db.execute('SELECT recipe.rowid FROM recipe, recipe_aux ' +
560 ' WHERE recipe.rowid = recipe_aux.rowid AND recipe_aux.rating > ? AND recipe MATCH ?',
563 <p>Insertions, deletions, and updates should be done within
564 transactions to keep the tables consistent:</p>
566 <pre><code>db.execute('BEGIN');
567 db.execute('INSERT INTO recipe_aux (dish, rating) VALUES (?, ?)', ['soup', 3]);
568 db.execute('INSERT INTO recipe (rowid, dish, ingredients) ' +
569 'VALUES (last_insert_rowid(), ?, ?)',
570 ['soup', 'meat carrots celery noodles']);
571 db.execute('COMMIT');</code></pre>
573 </div>
574 </body>
575 </html>