AS3 MySQL driver ohhhhhh Yeah!
Just saw this VIA Wildwinter blog. I seems as if maclema.com has been busy making an AS3 MySql driver to use in both flex and Flash 9 projects. Its very early days, but a beginning is a good point to start from, especially if they plan to support SQLLite. Then it possibly could become a viable solution for many Apollo applications running on a desktop.
"In Sept. 06 I set out to show someone that is was possible to connect to a mySQL server from actionscript. It took about an hour to get actionscript connecting to mySQL….until about a month ago when I started back on it. And now, a mySQL actionscript 3 driver exists."
Well Done. Although this brings up all sorts of security questions I think its still a step in the right direction.
You can access source, documentation etc from HERE. This is definitely one to put in the book marks and keep an eye on. Imagine being able to you use "st.executeQuery("SELECT * FROM users;");" to get all the users in the database.
To tell you the truth I half expected some of the Abode boy's to bust this out.
this is obviously using AS3’s socket classes
OK, this has a ton of value for embedded databases and Apollo but I have to ask…
who’s willing to open up their MySQL database server so anyone’s flash client can throw some SQL at it? Who’s going to write the authentication classes to handle comms between the swf and db?
there’s also the point that n-tier apps will soon be two tier Flash/flex and the remote db. who needs CF/PHP/.NET then? isn’t this muddying up the distinction between the view layer and the application as a whole?
small VB6 apps worked like this but they sat on the same network. is it going to (eventually) support all SQL? which standard? transactions? stored procs?
IMHO, a real pandoras box… for good OR evil
Yep the security question is a big one! My excitment stems from sqllite on local machine for use with apollo apps. But yes I personally would not look at using this on the web.
@Campbell
What kind of security issues do you see then?
If a flash client outside of the server can execute sql commands on the database, and these can be watched by any simple proxy app (say like charles or firebug) then effectively anyone can reproduce the environment execute their own commands. Even with security measures it could still be broken given enough time.
Basically the Application / data layer abstractions has grown over the years with just cause, and something like this breaks the abstraction.
I also know most Network admins would cringe at the fact you would be opening up the database to non local connections. Most hosting services wont allow this as it is a major security risk.
I would advise you only implement knowing the risks, and evaluating the need against these risks. I really would advise this for only using in local apollo apps with some sort of sqllite install, or under very controlled circumstances in an internal network, but this would limit your future as a web based application.
do you disagree pan?
@Campbell:
You can always add user with read only access, even to specific fields…
Also check: http://asql.mooska.pl/