SQL applications
Note: These features are part of the Visforms Subscription and are not included in the free Visforms version.
Visforms knows different types of SQL fields:
- SQL fields with option lists:
- Listbox SQL,
- Radio SQL,
- Checkbox Group SQL.
- SQL fields with text similarity:
- Text,
- Email,
- Date,
- URL,
- Number,
- Phone,
- Hidden.
Visforms knows 4 applications of SQL for SQL fields:
- Fill option lists for listbox fields with SQL
- Fill option lists for radio button and checkbox groups with SQL
- Set one-time default value with SQL
- Set updated field value with SQL
Differences in the SQL applications
The 4 applications of SQL differ in terms of
- the times of the Execution of the SQL statement,
- the options in the field configuration.
Times of execution of the SQL statements
The different types of SQL fields have differences in terms of the times of execution of the SQL statement.
Listbox SQL
With the field type Select-SQL, the SQL statement is executed every time the form is loaded and the field is updated.
It does not matter whether this is the first time the form is loaded or whether it is a reload.
In both cases, the SQL statement is executed again and the SQL field is updated.
The form is reloaded when the user changes their input in a trigger field in the form.
A trigger field is a field that was entered in the field configuration in the When changing reload option.
It is not important for the re-execution of the SQL statement which SQL field the trigger field belongs to exactly.
Changing a single trigger field in the form results in:
- reloading the form and consequently
- re-executing the SQL statements of all SQL fields.
Radio SQL and Checkbox Group SQL
For the two field types Radio SQL and Checkbox Group SQL, the SQL statement is only executed when the form is first loaded and the field is initialized.
This means that only the initial value is determined by evaluating the SQL statement.
These initial values do not change when reloading.
These initial values remain constant when a trigger field is changed.
Text-like SQL fields
For all text-like SQL fields there are 2 options and 2 SQL statements:
- One SQL statement sets the default value when the form is first loaded.
- The other SQL statement sets the updated field value when the form is reloaded.
Execution in the data editing view
In the data editing view in the frontend, the SQL statement can be executed again if desired or not.
You decide whether the SQL statement should be executed again.
To do this, use the Execute SQL in form edit option in the field configuration.
Note: If the SQL statement is executed again in the data editing view, the data that the user originally submitted with the form changes.
Representations in the field configuration
The different types of SQL fields have differences in terms of the options in the field configuration.
Listbox SQL
There is exactly one SQL statement for the Listbox SQL field type.
This SQL statement is executed at all times.
The times here are when the form is loaded and when the form is reloaded as a result of changes to trigger fields.
Radio SQL and Checkbox Group SQL
There is exactly one SQL statement for each of the field types Radio SQL and Checkbox Group SQL.
This SQL statement is executed exactly once when the form is loaded for the first time.
The field does not react to the form being reloaded as a result of changes to trigger fields.
Text-like SQL fields
There are two SQL statements for the text-like SQL fields.
The SQL statement in the Start Value Settings group is executed exactly once when the form is first loaded.
The SQL statement in the Dynamic Settings group is executed every time the form is reloaded as a result of changes to Trigger Fields.
Mutual exclusion of options
There is a mutual exclusion of two field options in connection with SQL fields.
The execution of the SQL statement when reloading the form as a result of changes to trigger fields does not work together with the conditional display option.
These two options cannot be set at the same time, which is also reflected in the corresponding hiding of the conditional display option.
High security
Visforms ensures that the use of SQL fields is technically secure. The parameters cannot be used for SQL injection or other hacker methods.
The measures that ensure this high level of security include:
- Compliance with best practices of cyber security in the area of implementation.
- Internal testing with relevant tools.
Including the popular Python tool Ghauri.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection vulnerabilities. - External testing of Visforms when it is used by industrial customers undergoing a security audit.