Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Native Development

Reply
Developer
Posts: 6,152
Registered: ‎07-05-2012
My Device: Playbook, Dev Alpha C, Z10 LE, Z30
My Carrier: Orange

Re: Store data

@PBernhardt, funny!:smileylol:


If you've been helped click on Like Button, if you've been saved buy the app. :smileyhappy:

Developer of stokLocker, Sympatico and Super Sentences.
Developer
Posts: 1,023
Registered: ‎03-20-2013
My Device: Red LE Developer Z10
My Carrier: Fido

Re: Store data

[ Edited ]

Extremely good point! I've been developing for the desktop for over 25 years so I just take that step for granted. Also, in my app the user has no access to the SQLite engine, so I didn't have to protect against injections, but if you plan on allowing users to enter data into your database via a form, you need to take SQL injection seriously.

 

Even if your app only needs simple flat file storage there is still a good reason to put your data into a SQL table... indexes. Data stored in an INI file must be read sequentially till the parser gets to the key and value you request. If you are storing a fair amount this can take quite a while, especially if you are doing lots of random searches in a row. By defining one or more indexes on your SQL table you get the benefit of binary-tree searches which are lightning fast by comparison. Writing data to INI files is even worse since the entire file must be rewritten on the disk to update or insert even a single key-data pair. SQL avoids this by writing the new data to the end of the file then updating the indexes to point to it.

 

Another benefit of SQL over INI file storage is transactions. If the user reboots their phone in the middle of your application writing the INI file to disk, the file is going to be damaged, often irretrievably. By using SQL and putting your data update inside a transaction, if anything goes wrong partway through, the database will just roll the data back to the state it was in before you started the update.

 

For anything more than trivial settings or data storage you really should be using SQLite.

 

 


PBernhardt wrote:

SQL is pretty great, I'd highly recommend any developer know how to use it at least in basic form. We have some sample apps that demonstrate the use of SQLite with lists like Quotes: https://github.com/blackberry/Cascades-Samples/tree/master/quotes

 

Everything greenmr said was correct, but I would add that before you implement any SQL in your app, you should know what an SQL Injection Attack is, how it works, and how to avoid it. Otherwise, you are going to have a bad time. It's not particularilly difficult to avoid, but you should do the research yourself so you really understand it, since it's a pretty common vulnerability.

 

http://xkcd.com/327/






Developer of Built for BlackBerry certified multiFEED RSS/Atom feed reader and aggregator.  multiFEED Icon

Play nice: Clicking Like Button on posts that helped you not only encourages others to continue sharing their experience, but also improves your own rating on this board. Also, don't forget to accept a post if it solves your problem or answers your question.
Developer
Posts: 824
Registered: ‎10-16-2012
My Device: Red Z10
My Carrier: Telus

Re: Store data

:Genius:

 

Thanks for the detailed explanation, especially about the stability & reliability of SQL as opposed to QSettings