API > SQL
-
SQL
SQL
An alternative method for updating products is to post SQL queries SELECT, INSERT, UPDATE and DELETE to /api/sql. This is the same function as under Setup > Functions > SQLite Admin . (POST method only, the GET method is not permitted.)
For example, to update the price of a product that has a product_id of 1 the SQL would be: update `product` set price='9.99' where product_id=1;
You can write scripts to post SQL queries using PHP or manually execute your queries using a form like this:
Allowed tables/queries
- product: SELECT, INSERT, UPDATE, DELETE;
- category: SELECT, INSERT, UPDATE, DELETE;
- information (content): SELECT, INSERT, UPDATE, DELETE;
- customer: SELECT, INSERT, UPDATE;
- order: SELECT, UPDATE;
Create your own application using the SQL API
Like with the REST API you can use the SQL function to create your own external application.
Unlike the REST API this does not check for errors and will not always return formatted responses.
You should always ensure your text values are escaped when posting queries, e.g. $sql_query = "update product set summary = '".str_replace("'","''",$summary)."' where product_id=1";
Use this form is a starting point:
<form action="https://{USERNAME}.vendo.co.nz/api/sql" method="post">
<input type="hidden" name="api_key" value="YOUR_API_KEY" />
<textarea name="sql_query" id="sql_query" rows="15"></textarea>
<input type="submit" value="Submit" />
</form>The default response is in XML; you may also send a "format" value of JSON or PHP:
<form action="https://{USERNAME}.vendo.co.nz/api/sql" method="post">
<input type="hidden" name="api_key" value="YOUR_API_KEY" />
<input type="hidden" name="format" value="JSON" />
<textarea name="sql_query" id="sql_query" rows="15"></textarea>
<input type="submit" value="Submit" />
</form>