v0.16.0

SQLPage is a small web server that renders your SQL queries as beautiful interactive websites. This release brings important fixes, improves database compatibility, and adds new features allowing you to build things that were not possible or very cumbersome before.

SQLPage 0.16.0

🌟 Invisible Magic in Forms

Ever wished your hidden inputs were truly hidden? Your wish is our command! In this release, we've added special handling for hidden inputs in forms. Now, they're like ninjas—completely invisible to end users. This opens up possibilities for creating multi-step forms, adding CSRF protection, and tackling other complex form challenges with ease.

select 'form' as component; -- the page containing this followup form can be the target of a first form
select 'hidden' as type, :previous_form_input as value

🎨 Fresh Icons Galore!

What's a release without some eye candy? Get ready to spice up your interfaces with 36 new icons! Check out the goodies in the latest icon releases:

v2.40.0	v2.41.0

🚀 Temporary tables

In the past, when a SQLPage file was loaded, all its statements would be prepared eagerly. This meant that any attempt to reference a temporary table created earlier in the file from a later statement was met with confusion, because the CREATE TABLE statement had been prepared, but not yet executed. Like trying to reference a page number in a book that hasn't been written yet.

Now, with the introduction of lazy prepared statements, the SQLPage performance takes on a more dynamic choreography. Statements wait in the wings until their cue, preparing themselves just before their moment in the spotlight. If you have a CREATE TEMPORARY TABLE statement followed by a SELECT from that same table, the SELECT is not seen by the database until after the CREATE has been executed.

Prepared statements are still cached, which means that after the initial load of the file, the SQL is not sent to the database again, and SQLPage just references the existing prepared statement.

-- Create a temporary VIP lounge
CREATE TEMPORARY VIEW current_user AS
  SELECT * FROM users
  INNER JOIN sessions ON sessions.user_id = users.id
  WHERE sessions.session_id = sqlpage.cookie('session_id');

-- Roll out the red carpet
SELECT 'card' as component,
  'Welcome, ' || username as title
FROM current_user;

🔄 No More 'NULL' strings

SET can now be used to set a variable to NULL.

This fixes an oversight in previous versions. As an example, previously, SET username = (select username from users where id = $id) would set username to the string 'null' if no user had the given id. Annoying 😬 . Now it properly sets it to a real NULL value.

-- Resetting to null
SET myvar = NULL;

-- Check if null and proud
SELECT 'card' as component;
SELECT $myvar IS NULL as title; -- True, not false!

🤝 MySQL and MariaDB get good conversation starters

You can create a script in sqlpage/on_connect.sql that will be executed each time SQLPage opens a new connection to your database. When using a MySQL database, you used to be able to write only a single statement in this file. Now you can put as many as you want.

🔄 PGBouncer compatibility

When using a connection pooler such as PGBouncer in front of your postgres database, you previously could see errors such as prepared statement 'sqlx_s_1' already exists.
We've now randomized PostgreSQL prepared statement names to dodge those pesky name collisions. It's like a game of musical chairs, but for SQL prepared statements.

It is still not recommended to use SQLPage with an external connection pooler (such as pgbouncer), because SQLPage already implements its own connection pool. If you really want to use a connection pooler, you should set the max_connections configuration parameter to 1 to disable the connection pooling logic in SQLPage.

That's a wrap for SQLPage 0.16.0! We hope these improvements make your SQL journey smoother and more enjoyable. As always, happy querying! 🚀✨

v0.15.2

0.15.2 (2023-11-12)

• Several improvements were made to the map component
  • Fix a bug where the new geojson support in the map component would not work when the geojson was passed as a string. This impacted databases that do not support native json objects, such as SQLite.
  • Improve support for geojson points (in addition to polygons and lines) in the map component.
  • Add a new size parameter to the map component to set the size of markers.
  • Document the height parameter to customize the size of the map.
  • tile_source parameter to customize the map tiles, giving completely free control over the map appearance.
  • attribution parameter to customize or remove the small copyright information text box at the bottom of the map.
  • 
• Add the ability to customize top navigation links and to create submenus in the shell component.
  • Postgres example:

  select 
    'shell' as component,
    'SQLPage' as title,
    JSON('{ "link":"/", "title":"Home" }') as menu_item,
    JSON('{ "title":"Options", "submenu":[
        {"link":"1.sql","title":"Page 1"},
        {"link":"2.sql","title":"Page 2"}
    ]}') as menu_item;

  • note: this requires a database that supports json objects natively. If you are using SQLite, you can work around this limitation by using the dynamic component.
  • 
• Updated the embedded database to SQLite 3.44, which improves performance, compatibility with other databases, and brings new date formatting functions. The new ORDER BY clause in aggregate functions is not supported yet in SQLPage.
  • 

v0.15.1

SQLPage is a small web server that renders your SQL queries as beautiful interactive websites. This releases brings exciting features that should make development even easier, faster, and more secure. Let's dive into the exciting innovations of version 0.15.1:

What's new ?

Forms

• Many improvements in the form component
  • Multiple form fields can now be aligned on the same line using the width attribute.
  • A reset button can now be added to the form using the reset top-level attribute.
  • The submit button can now be customized, and can be removed completely, which is useful to create multiple submit buttons that submit the form to different targets.
• Support form submission using the button component using its new form property. This allows you to create a form with multiple submit buttons that submit the form to different targets.

Maps

• Custom icons and colors for markers in the map component.
• Add support for GeoJSON in the map component. This makes it much more generic and allows you to display any kind of geographic data, including areas, on a map very easily. This plays nicely with PostGIS and Spatialite which can return GeoJSON directly from SQL queries.

Bug fixes

• Support non-string values in markdown fields. NULL values are now displayed as empty strings, numeric values are displayed as strings, booleans as true or false, and arrays as lines of text. This avoids the need to cast values to strings in SQL queries.
• Revert a change introduced in v0.15.0:
  • Re-add the systematic CAST(? AS TEXT) around variables, which helps the database know which type it is dealing with in advance. This fixes a regression in 0.15 where some SQLite websites were broken because of missing affinity information. In SQLite '1' = 1 is false but CAST('1' AS TEXT) = 1 is true. This also fixes error messages like could not determine data type of parameter $1 in PostgreSQL.
• Fix a bug where cookie removal set the cookie value to the empty string instead of removing the cookie completely.

v0.15.0

• New functions: sqlpage.path(), sqlpage.variables()
  • sqlpage.variables() makes it easier to process forms with a variable number of fields (for instance, when the form fields themselves are generated based on data from the database). See the online shop orders example.
• bug fixes
  • Most notably, a serious bug was fixed where variables and function evaluation results were truncated in Microsoft SQL Server.
  • fixed some missing sql support:
    • FILTER clauses in window functions
    • MySQL-specific REGEXP syntax
• improved documentation
• new align_right attribute in the table component

v0.15.0-beta.0

First beta-release for v0.15

v0.14.0

button component and time series plots

• Better support for time series in the chart component. You can now use the time top-attribute to display a time series chart
  with smart x-axis labels.
• 
• New component: button. This allows you to create rows of buttons that allow navigation between pages.
  • 
• Better error messages for Microsoft SQL Server. SQLPage now displays the line number of the error, which is especially useful for debugging long migration scripts.
• Many improvements in the official website and the documentation.
  • Most notably, the documentation now has syntax highlighting on code blocks (using prism with a custom theme made for tabler). This also illustrates the usage of external javascript and css libraries in SQLPage. See the shell component documentation.
  • Better display of example queries in the documentation, with smart indentation that makes it easier to read.
• Clarify some ambiguous error messages:
  • make it clearer whether the error comes from SQLPage or from the database
  • specific tokenization errors are now displayed as such

v0.13.0

v0.13.0: beautiful timelines and scatter plots

• New timeline component to display a timeline of events.
• Add support for scatter and bubble plots in the chart component. See the chart documentation.
• further improve debuggability with more precise error messages. In particular, it used to be hard to debug errors in long migration scripts, because the line number and position was not displayed. This is now fixed.
• Better logs on 404 errors. SQLPage used to log a message without the path of the file that was not found. This made it hard to debug 404 errors. This is now fixed.
• Add a new top_image attribute to the card component to display an image at the top of the card. This makes it possible to create beautiful image galleries with SQLPage.
• Updated dependencies, for bug fixes and performance improvements.
• New icons (see https://tabler-icons.io/changelog)
• When NULL is passed as an icon name, display no icon instead of raising an error.
• Official docker image folder structure changed. The docker image now expects
  • the SQLPage website (.sql files) to be in /var/www/, and
  • the SQLPage configuration folder to be in /etc/sqlpage/
  • the configuration file should be in /etc/sqlpage/sqlpage.json
  • the database file should be in /etc/sqlpage/sqlpage.db
  • custom templates should be in /etc/sqlpage/templates/
  • This configuration change concerns only the docker image. If you are using the sqlpage binary directly, nothing changes.

Full Changelog: v0.12.0...v0.13.0

v0.12.0

SQLPage Release Notes - Version 0.12.0 🚀

SQLPage is a small web server that renders your SQL queries as beautiful interactive websites. This releases brings exciting features that should make development even easier, faster, and more secure. Let's dive into the exciting innovations of version 0.12.0:

🧮 Variable Support

SQLPage now empowers you with the ability to set and reuse variables between SQL statements. This dynamic feature allows you to craft more complex SQL queries and reuse query results across multiple places in your code. Here's a sneak peek:

-- Set a variable 
SET person = (SELECT username FROM users WHERE id = $id); 
-- Use it in a query 
SELECT 'text' AS component, 'Hello ' || $person AS contents;

🚀 Execute Server-Side Commands with sqlpage.exec

Introducing sqlpage.exec—a powerful function that lets you execute commands on the server. This opens up a world of possibilities, from making external API calls to sending emails and running custom code on the server. Be creative, but remember that with great power comes great responsibility !

SELECT 'card' AS component;
SELECT 
    value->>'name' AS title, 
    value->>'email' AS description 
FROM json_each(sqlpage.exec('curl', 'https://jsonplaceholder.typicode.com/users'));

🛡️ Security

For your security, the sqlpage.exec function is disabled by default. To enable it, simply set the allow_exec configuration parameter to true in the configuration. Please use caution, as enabling this function grants significant server access to anyone who can write SQL queries on your website.

🍔 Menu Items Made Easy

Configuring multiple menu items has never been simpler. Now, syntax like

SELECT 'shell' AS component, '["page 1", "page 2"]' AS menu_item

works as expected. See

• the shell component documentation
• the small SQL game example
• and join the discussion here.

🛠️ Database Connection Setup: on_connect.sql

Create the sqlpage/on_connect.sql file to run a SQL script on each database connection before it's used. This versatile feature enables you to customize your database connection with settings like PRAGMA in SQLite, custom variables in PostgreSQL, and more. Explore the endless possibilities!

🚧 Improved Error Handling

Experience more precise and informative error messages with SQLPage. When an error occurs, you'll now receive detailed error positions within the SQL statement. Say goodbye to vague error messages and welcome efficient debugging.

📟 ARM: Hello, Raspberry Pi and Mac M1 Users!

SQLPage now distributes Docker images for ARM architecture, expanding your possibilities for deployment. Whether you're using a Raspberry Pi or a Mac M1, SQLPage is ready to power your projects!

🔒 Enhanced Security by Default

To enhance security, SQLPage now creates the default SQLite database file in the "sqlpage" config directory, making it inaccessible from the web by default. For those who prefer the previous behavior, simply set the database_url configuration parameter to sqlite://sqlpage.db in your configuration.

📜 Empty List Customization

Tailor your list components with precision using the new empty_title, empty_description, and empty_link top-level attributes in the list component. Now you have full control over the text displayed when your list is empty.

🔒 Asynchronous Password Hashing for Enhanced Performance and Security

Say goodbye to request processing bottlenecks! SQLPage used to block a request processing thread while hashing passwords, potentially leaving your site vulnerable to denial of service attacks. Not anymore! SQLPage now launches password hashing operations on a separate thread pool, allowing your application to handle other requests while efficiently hashing passwords.

🔗 URL Parameter Encoding

Introducing sqlpage.url_encode! This function simplifies URL parameter encoding, making it a breeze to create dynamic URLs in your web application.

SELECT 'card' AS component; SELECT 'More...' AS title, 'advanced_search.sql?query=' || sqlpage.url_encode($query)

Upgrade

Upgrade to SQLPage 0.12.0 and elevate your web development game to new heights. We're committed to providing you with the tools and features you need for a seamless, efficient, and secure coding experience.

Get Started with SQLPage | GitHub Repository

Unleash your creativity, streamline your development, and craft extraordinary SQL-driven web applications with SQLPage 0.12.0. Happy coding! 💻🚀

v0.12.0-beta4

Better error messages

v0.12.0-beta3

new feature: sqlpage/on_connect.sql to run sql statements at the begi…