适用于 Delphi 和 C# 的 SQL Server 层
我真的不喜欢将 SQL 服务器开放到互联网的概念 - 即使我可以锁定防火墙。然而,我一直直接使用数据库。我现在正在构建一个系统,其中涉及 1 个 SQL Server 数据库、一个 ASP.NET/C# 中的 Web 应用程序和一些 Delphi XE2 中的 Windows 应用程序。但从一开始,我想在数据库周围放置某种“过滤器”,这样我就不必打开它。
我知道有很多东西可以实现这一点,但对它们一无所知,也不知道我的场景需要什么。我希望将其保留在 SQL Server 中;我不打算使用任何其他类型的数据库引擎。
它需要通过标准 SQL 连接以外的其他方式(例如过滤器)从客户端连接到服务器。它创建自己的加密数据包并以自己的方式传输数据。我将为 Delphi 和 C# 提供一个包装类,它们几乎是相同的 - 并且能够将其数据流式传输到 DLL 中以与数据库交互。
现在我可以通过三种不同的方式来解决这个问题...
- 完整的 SQL Server 包装器,很可能没有源代码,甚至可能有自己的语言(我不想选择另一种数据库语言),并且独立于我的项目作为自己的独立系统。
- 开源包装器,最好是 Delphi (XE2),或者如果不是 C#,适用于我的系统的特定协议,完全专用于我的项目,并且采用 DLL 的最终形式,可以在网站上使用(在 C# 中)和应用程序(在 Delphi 中)。
- Web 服务 - 但是我只有 1 个托管位置(支付 1 个站点、第 2 个站点的费用将对我产生双重费用)。我无法托管任何其他 Web 服务或 Windows 服务;它必须与网站集成。否则,我会为此做一个网络服务。
我更喜欢第二个选项,并且不想接近第一个选项,并且根本无法执行第三个选项。
那么有什么好的数据库层库吗? Delphi XE2 中可能已经安装了一些吗?我在想也许是一个加密的 XML 数据包?
举个例子,假设我有一张“客户”表。在我的网站和应用程序中,我永远不应该有任何 SQL 脚本,例如 select * from Customers 或一般情况下没有 SQL 脚本。相反,我将在数据库周围有一个包装器。因此,我可以调用诸如 DBGetCustomers(Conditions: TGetCustomersConditions): TDBCustomers; 之类的函数,其中 TGetCustomersConditions 是过滤查询的某种方式,而 TDBCustomers表示查询的结果。
还可以有一个函数 DBAddCustomer(Item: TCustomerToAdd): TInsertSuccess;,其中 TCustomerToAdd 表示要插入的内容,TInsertSuccess 表示任何结果,例如作为受影响的错误消息或行。我并不想让它完全像这样工作,而只是为了解释任何包装器的一般概念。当应用程序向服务器发送请求时,它仍然没有将任何内容转换为 SQL 查询。当请求到达服务器(能够连接到数据库)时,服务器将单独将所有内容解码为 SQL 查询。
I really don't like the concept of opening my SQL server(s) to the internet - even if I can lock down the firewall. However I've always been working directly with databases. I'm building a system now which involves 1 SQL Server database, a web application in ASP.NET/C#, and a few windows applications in Delphi XE2. But from the beginning, I'd like to put some sort of 'filter' around the database so I don't have to open it up.
I know there are many things out there for this, but don't know anything about them or what to get for my scenario. I'd like to keep it native to SQL Server; I don't plan on using any other type of database engine.
It needs to be connected from client to server by other means than the standard SQL connection, like a filter. It creates its own encrypted packets and transfers data its own way. I will have a wrapper class for both Delphi and C# which will pretty much be identical - and be able to stream its data into the DLL to interact with the DB.
Now there are three different ways I can go about this...
- Complete SQL Server wrapper, most likely no source code, might even have its own language (I don't want to pick up another database language), and independent from my project as its own separate system.
- Open-source wrapper, preferably in Delphi (XE2), or if not then C#, specific protocols for my system, entirely dedicated to my project, and in the final form of a DLL which can be used on both the Website (in C#) and the applications (in Delphi).
- Web Service - however I only have 1 hosting spot (Paying for 1 site, 2nd site will be a double charge on me). I can't host any additional web services or windows services; it has to be integrated with the website. Otherwise, I would have done a web service for this.
I would much prefer the second option, and do not want to go anywhere close to the first one, and can't do the third one at all.
So any good libraries for database layers? And might there be some already installed in Delphi XE2? I'm thinking maybe an encrypted XML packet?
As an example, let's say I have a table for 'Customers'. In both my website and applications, I should never have any SQL script like select * from Customers or no SQL script in general. Instead, I will have a wrapper around the database. So I can call a function such as DBGetCustomers(Conditions: TGetCustomersConditions): TDBCustomers; where TGetCustomersConditions is some way of filtering the query, and TDBCustomers represents the results from the query.
There could also be a function DBAddCustomer(Item: TCustomerToAdd): TInsertSuccess; where TCustomerToAdd represents what to insert, and TInsertSuccess represents any result, such as error message(s) or rows affected. I do not intend for it to be working exactly like this, but just to explain the concept of any wrapper in general. When the app sends to request to the server, it still has not converted anything to a SQL Query. By the time the request gets to the server (which is able to connect to the database), then the server alone decodes everything to the SQL query.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
即使您只有一个“托管位置”,又有什么问题呢? Web 服务只是一个“站点”。即使使用单个 IP 地址,Web 服务器也可以轻松托管多个站点。无论如何,您正在寻找的是多层设计的“应用程序服务器”。
虽然 Java 在这个方向上投入了大量资金,但 MS 却没有。 Delphi 有 Datasnap,这是一个马马虎虎的框架,不知道新的“restful”接口是否可以轻松地从 C# 调用,但它看起来有安全缺陷。 .NET 的实现方式是使用 WCF,只要它使用标准协议,您就可以调用(如果 Delphi 有)。
您还可以查看 RemObjects DataAbstract。它不是开源的,但它是一个成熟的库。
What's the problem even if you have just one "hosting spot"? A web service is just a "site". And a web server can easily host multiple site even with a single IP address. Anyway, what you're looking for is an "application server" in a multi-tier design.
While Java invested heavily in that direction, MS did not. Delphi has Datasnap, which is a so-so framework, don't know if the new "restful" interface is easily callable from C#, it looks to have security flaws though. The .NET way of doing it is using WCF, as long as it uses a standard protocol you can call if from Delphi has well.
You could also look at RemObjects DataAbstract. It's not open source, but it is a mature library.
实现此目的的“传统”方法之一是通过网络服务(尽管现在有些人认为这种技术有点过时)。
一个缺点是它不是一个可以围绕数据库使用的通用包装器,但它的优点是您可以轻松地将对数据库的访问限制为特定的存储过程,这将最大限度地提高安全性,并且如果您希望提供对外部应用程序的有限授权访问。
One of the 'traditional' ways to do this is via webservices (although this technique is now considered by some to be a bit dated).
One disadvantage is that it is not a generic wrapper you can throw around the database, but it has the advantage that you can limit access to the database easily to specific stored procedures for example, which will maximise security, and is a standard technique if you wish to provide limited authorised access to external applications.
如果您已经使用 ASP.NET C# Web 应用程序,您还可以添加 WCF (Windows Communication Foundation) 基于网络服务的您的网站。这可以为需要以某种方式连接 Web 服务的外部应用程序提供数据库访问。通过将 Web 服务映射到特定的上下文路径(如 www.example.com/services/servicename),甚至可以对普通网站页面和服务使用相同的 HTTP 标准端口
If you already use a ASP.NET C# web application, you could also add a WCF (Windows Communication Foundation) based web service to your web site. This can provide database access to external applications, which need to connect the web service somehow. It should even be possible to use the same HTTP standard port for both the normal web site pages and the service, by mapping the web service to a specific context path like www.example.com/services/servicename
Kbmw 允许您创建 ntier 数据库架构。
但是,由于您涉及 Web 应用程序,因此更好的选择是 WCF(如已经建议的那样)
Kbmw allows you to make a ntier db architecture.
However since you have a web application involved, a better option would be WCF (as already suggested)