How can I query (with SQL) from browser?

Question

I have a .csv that I want to use as a database and run SQL queries on it from the browser. (Ideally I want to upload the .csv, first. But It could also be stored). Thought this could be done with Django and a Postgres database. Are there simpler ways of accomplishing this?

• Is WebSQL an option? Is there something else, I haven't thought of?

Ideally I would want to avoid SQL injections. I tried searching on stack overflow and found this (Display SQL query results in php), but it's not what I'm looking for.

Basically the desired functionality is: when one comes to webpage, they can run SQL queries on the data in the .csv. They type queries in an HTML form and submit the form and then the results would be shown on the same page with actual query.

Answer 1

Use an in-browser library to load the data from the csv file, for example Papa Parse, then equally using an in-browser library, but this time for SQLite, create an empty in-memory database, populate it with the loaded data from the csv file, and then query the database with the same library.

Answer 2

It appears that you are asking if you trigger/run SQL queries against some SQL database directly from a UI. While this is theoretically possible, in practice it is a very bad idea. The reason it is a bad idea is that to do so you would have to open one or more database ports to the outside. This in turn would expose the database to DOS (denial of service) and other types of malicious attacks.

The proper way to proceed would be to place your database behind the backend of your web application. Then, expose one or more endpoints in your backend which in turn talk privately to the database. Finally, allow your UI to hit the backend endpoints to run whatever SQL logic you want.