APIJSON-Server will turn JSON formatted requests to SQL statements. Then as the database has been connected, those SQL statements will be executed. The server will return specified resources in JSON. During the whole process, APIJSON automatically verify the user's role and permissions, which will prevent malicious SQL injection.
You can also set restrictions on the request content by set rules in the database beforehand. For instance, to verify if the value of type{} would be one of [0,1,2], you just need to add the following in the database:
"VERIFY":{
"type{}":[0,1,2]
}
Others that are used to verify requests include:
"VERIFY": { "money&{}":">0,<=10000" } //To verify if the value if money is between 0 and 10000.
"TYPE": { "balance": "Double" } //To verify if the data type of the "balance" is "Double".
"UNIQUE": "phone" //The value of "phone" must be unique.
"NECESSARY": "id,name" //"id" and "name" must be included in the request body.
"DISALLOW": "balance" //"Balance" is not allowed to be included in the request body.
"INSERT": { "@role": "OWNER" } //If the "role" is not included in the request, the system will assign one by default.
"UPDATE": { "id@": "User/id" } //To force to insert a key-value pair.
To see a full list of key words that used to set constraints on requests or verify requests, click here.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。