By going through this API documentation page, is it possible to tell which database is being used in the backend?
Zomato API
MySQL would require a php file on the server to handle the requests, make queries, pack data in JSON format then send it back to the device. But in this case parameters are passed to .json files. Please advice
There is no way to "see through" to what the backend service actually used to provide you with the information you may query for. Are you sure you want to continue using this product? The site notes that Zomato will no longer be available to individuals, and that your API key will be disabled if you don't use it monthly.
I haven't read the specs for that particular API. But in general, is it possible to tell what database is being used on the back end by studying an API? No. That's the whole point of an API: It's supposed to shield the API-user from implementation details.
It's probably true that in many cases you could make reasonable guesses about what tools are being used on the back end. Like if you see that the API gives you a syntax for doing comparisons that looks exactly like the proprietary compare function used in Foobar SQL and not found in any other database product, that would be a strong clue. But even something like that wouldn't be proof. Maybe originally they were using Foobar SQL, then they switched to another database, but to maintain compatibility they wrote code to translate the Foobar SQL compare to standard SQL syntax.
Related
With ga.js I could track offline activity and send to my custom server or store in localhist by overriding the sendHitTask.
Like this:
https://www.google.se/amp/s/www.simoahava.com/amp/analytics/track-users-who-are-offline-in-google-analytics/
How can I achieve the same with gtag.js so I can customize where and in what data structure to send hits?
I know it's been a while since you've asked this question, but I wanted to share my findings regarding this matter:
Although gtag.js doesn't support sendHitTask (or an equivalent, as far as I know) it does support the transport_url parameter.
With this parameter you can set an alternate Transport URL to send the data to. It's originally designed to work with Server Side Tracking but it can also be used to capture requests to /g/collect/ or /r/collect/ endpoints on your own server.
I know it only partially resolves your issue, because you can't fully decide where to send the data. But at least it allows to alter the server where the data is sent.
Hope it helps!
Is there a capability for or example of creating a Sparql HTTP endpoint with rdflib? We would want it to follow the spec and be able to return json and/or csv formats. This would mostly be for POC usage. It would also be possible to use Javascript/Node.
Thanks!
You might try https://github.com/rdflib/pyLDAPI. It's been touched much more recently than https://github.com/RDFLib/rdflib-web and there are some public examples of it to follow, e.g. https://geofabricld.net. Also, the SKOS-specific tool VocPrez uses it under the hood.
As of earlier this year, pyLDAPI implements the W3C's Content Negotiation by Profile specification which is, I suppose, the latest an greatest Linked Data API-relevant specification, although it's not just for Linked Data APIs.
Feel free to contact me directly if you need more of a hand with this.
I am new to import.io and this forum.
I am trying to extract information from a target database where I have to run a query with an input. With help of the support, I successfully created the authenticated connector. With multiple inputs that have to be manually entered in the UI, it fetches the data properly.
The problem is I have more than 10,000 inputs to run, so it has to be in a form of bulk extraction. import.io support told me that they do not have this feature within their UI and suggested to use their API posted in here: http://api.docs.import.io/#!/Query_Methods/queryPost.
Could anyone walk me through to make a use of this? I just need a working script that takes multiple string lines as inputs and run the connector that I built and post the result. I am not very familiar with this kind of technology but I am very willing to learn.
Thanks all in advance!
I would be happy to walk you through a bit of an into. It will be a bit basic though since I don't know your specific use case.
Yes, support was correct. You will need to use the POST query in order to pass your authentication credentials as inputs.
I will break down this query by steps. Essentially, our API docs are just a simple UI to pass through your credentials, then you can generate a query API.
ID - This is the GUID of your connector. This information can be found at the end of the URL, like this: https://import.io/data/mine/?tag=CONNECTOR&id=33f4e828-25ce-40c4-948c-9b734c70d1ab
Query - This is where you will put the inputs from your connector in order to execute. Be sure to keep this in structured JSON or it will bring back errors when you are querying.
Once you have successfully entered that information you will query the API.
This will give you the request URL that you need to query the API.
If you have anymore questions, just let me know.
Thanks,
Meg
What is the best way to avoid SOQL Injection when querying salesforce through the APIs?
The two main APIs I am interested in are the SOAP and REST APIs.
My current methods are to never use any input from the user (which is impractical if they are searching for a Company Name) or encoding certain characters within the string.
However I saw that there was parameterisation within the APEX, so i was wondering if there was a similar way of doing it through the APIs.
I think all you really need to do is to make sure that the input, in this case the company name, is escaped properly. I am not aware of a parameterized way of building a query object for either of the API's.
However, if you needed to you could expose a custom web service method from within Salesforce so that you can pass the value in. Then from within the Salesforce Apex Code language you can parameterize the value using a syntax similar to below:
public Account[] queryCompany(string companyName) {
return [SELECT Id FROM Account WHERE Name = :companyName];
}
Philosophical rant
What are you after really :)
If your application should work same way accessed from different sources (Salesforce UI, PHP connector, some mobile applications) then it probably makes most sense to think about Apex like some stored procedures that will be reused. This means you'd be passing safe parameters to them.
If you plan to hand-craft queries & not rely on Apex too hard - maybe what you need is something like database.com or other cloud-based DB solutions?
Actual answer
I'm not aware of an out of the box way to pass separately the query command and separately the params to it (like bind variables/prepared statements) through APIs. Both REST and SOAP API give you what's essentially Database.query() within Apex. Sure, there are some differences like retrieve() command or queryMore() but that's the baseline.
What you could do is to either expose some commonly used searches with methods similar to what John proposed (bonus points for extra performance - they're precompiled) or build something generic?
List<sObject> runQuery(String query, List<List<String>> params){...}
If the runQuery will contain bind variables like params[0] it should work. Looks crazy and I didn't test it though ;) I'd say that bind variables are the best method. Alternative would be to escape user's input but SQL and XSS injections can become amazingly creative. Check Examples of XSS that I can use to test my page input? for a start (yes, I'm aware you asked about SOQL only).
As for actual SOQL injection: http://wiki.developerforce.com/page/Secure_Coding_SQL_Injection. Since "worst that can happen" is that users will search for more than they were supposed to (no way to convert SELECT into INSERT) escaping should be safe-ish...
I'm about to create an application that uses JSON to update its content.
This is how I planned it to work:
When application starts, it checks (with internet connection is available) if the JSON file set on remote server is newer than the one stored localy - if it is then it's downloaded.
Then, the application applies data from that JSON to the content. For example, to the "Contact" information - it applies data like phone numbers etc.
My question is, is it in your opinion, a good technique to update appliactions content?
Does anynone had an experience with building app with this kind of idea?
Best regards,
Zin
Of course you can do this. One thing that may lead to a better user experience would be to ask the user for his permission to download new content (if there is something new).
This is a normal thing to do. I have a phonebook app that does exactly this. On a side note, if you need a network class to handle the web-service interaction, see this SO post. I wrote a custom network class that works with AFNetworking.