<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=287945&amp;fmt=gif">

FlowWright v9.6 - Upgrades to the data access layer (DAL) in Workflow

Posted by Dileepa WIjayanayake on Sep 27, 2019 1:21:51 PM

FlowWright's data access layer is the lowest architectural layer in the platform.  This is where all calls to the database are handled.  Whether users are requesting data from the database or updating data within the database, all calls are sent through this data access layer.

FlowWright v9.6 data access layer

The data access layer in FlowWright v9.6 product is improved in two areas.   Firstly, the data access layer now supports parameterized queries.  The second major upgrade involves single line class level methods for performing SQL operations.  Details follow below!

Parameterized Queries

Because businesses face application security concerns now, parameterized queries have become very important.  These queries provide protection against SQL injection attacks.  How does this work? Here's a look at what queries used to look like:

Select * from deLocations WHERE locationName LIKE '{locationName}'

Where the location Name variable is used to build the SQL statement at the end, the variable locationName could have some SQL injection data that can easily change the query.  With the new enhancements to the DAL,  users can now send parameterized queries such as these below.

Select * from deLocations WHERE locationName LIKE ?

In this example, the LocationName value is passed through a parameter, SQL will define this as parameter on the database server and handle it as a SQL parameter, where the database server is able prevent any SQL injections. Cool, right?

Single line class methods

Prior to Flowwright's v9.6 release, the data access layer needed at least 3 lines of code to perform an operation again the DAL.  Now, users can use a single line of code for any SQL call, whether the ask is to get a data table or to update data within a table. 

An example of hose users can just call the method in the class is shown below:

DataTable oDT = clsDataAccess.getDataTable(connectionString, SQL statement, ref errorMsg,  parameters);

bool bFlag = clsDataAcess.NonQuery(connectionString, SQL statement, ref errorMsg, parameters);

int iCount = clsDataAcess.getScalarInt(connectionString, SQL statement, ref errorMsg, parameters);

Each new release of FlowWright includes significant usability and technical improvements for our customers.  FlowWright v9.6's data access layer provides not only better performance for users, but ensures security.

Topics: data security, v9.6