Share My Creation [Project Template] [Web] Pakai Server v6

Pakai Server​

Version 6.99

Pakai Server is a full-stack B4J project template for building modern web applications and REST APIs. It generates all HTML server-side using B4X code (no client-side rendering), leverages HTMX for dynamic interactions without custom JavaScript, and includes both a Web UI and a REST API with auto-generated OpenAPI 3.0 documentation and Swagger UI.

GitHub: https://github.com/pyhoon/pakai-server-b4j

Pakai Server v6.00
Overview

Files:​

  • Pakai Server (6.99).b4xtemplate (52KB)
  • Pakai Server Api (6.99).b4xtemplate (40KB)
  • Pakai Server Web (6.99).b4xtemplate (34KB)
  • swagger.zip (509KB)

Libraries:​

Extensions:​

Features​

  • Frontend using HTMX v2.0.8, AlpineJS v3.15.8, Bootstrap v5.3.8, Bootstrap Icons v1.13.1
  • Responsive design with modal dialog and toast
  • SQLite and MySQL/MariaDB backend
  • Built-in CRUD/REST API examples

Improvement​

  • Better UI/UX/DX compared to version 5.x
  • More flexible to generate new models
  • HTML generated using B4X
  • No JavaScript module
  • No jQuery AJAX parsing
  • JSON/XML API supported
  • HelpHandler (API documentation) through WebApiUtils

Tutorial​

https://www.b4x.com/android/forum/threads/pakai-framework-v6.169286/ (outdated)
Please check updated tutorial: https://github.com/pyhoon/pakai-server-b4j/blob/main/TUTORIAL.md
and libraries tutorial: https://github.com/pyhoon/pakai-server-b4j/blob/main/TUTORIAL-LIBRARIES.md on GitHub

Reminder: Please do not post issue or question on this thread.
Always remember to start a new thread for any question and prefix with [Pakai v6].
 

Attachments

  • theme.zip
    2.2 KB · Views: 142
  • Pakai Server (6.99).b4xtemplate
    51.4 KB · Views: 28
  • Pakai Server Api (6.99).b4xtemplate
    39.6 KB · Views: 28
  • Pakai Server Web (6.99).b4xtemplate
    33 KB · Views: 27
  • swagger.zip
    508.6 KB · Views: 31
Last edited:

Mashiane

Expert
Licensed User
Longtime User
PATCH to the server in addition to GET and POST.
In most cases, this is a security based feature. I remember that I had to "trick" one php app I was using, by passing a "PUT" call, however internally server side made it to execute "PATCH", in most cases even ISP do no allow use of PATCH anymore via REST API.
 

aeric

Expert
Licensed User
Longtime User
Basically, we can use PUT or POST to update a record.
In fact, in my example, the update which is using PUT is actually doing a "PATCH" because I only do a partial update to the record.
So it is actually depends on how you design the API and handle the logic. You may define a scope in the header for an API to distinguish 2 different types of updates or use a slightly different URL for partial or full update.
In database CRUD, I think most of the time, we only do partial update. Hence, PUT is responsible to do the update which is behave more like a PATCH in this case.
 

hatzisn

Expert
Licensed User
Longtime User
Hi,

I am contacting you because of what you have posted in the Pakai Server v6.99. We, in Europe, starting this summer, we are all subjects to the Cyber Resillience Act by the European Union. We are not allowed to post any app with any known vulnerabilities. The fines are completely devastating if we do such a thing. Personally I am engaged with a project now, and I have no time immediately to check the Pakai server v6.99 capabilities (I will do it in the future when I am free), but if you have anyone that will use your Pakai Server immediately, there are two out of three apparent dependencies (I have not checked b4xlibs) that have vulnerabilities.

You have added the following apparent dependencies:
1) sqlite-jdbc-3.7.2.jar
2) mysql-connector-j-9.3.0.jar
3) mariadb-java-client-3.5.6.jar


If you visit https://www.mvnrepository.com and search for, and click in each one of these, you will find that 1 & 3 have vulnerabilities.
It would be a good thing to change them with the following (number 2 is just an upgrade because mysql-connector-j-9.3.0.jar has no known vulnerabilities) :
1) sqlite-jdbc-3.53.2.0.jar
2) mysql-connector-j-9.7.0.jar
3) mariadb-java-client-3.5.9.jar


Thank you for your efforts,
@hatzisn

P.S. How are the files theme.zip and swagger.zip used? Thanks in advance.
 

Mashiane

Expert
Licensed User
Longtime User
Hi,

I am contacting you because of what you have posted in the Pakai Server v6.99. We, in Europe, starting this summer, we are all subjects to the Cyber Resillience Act by the European Union. We are not allowed to post any app with any known vulnerabilities. The fines are completely devastating if we do such a thing. Personally I am engaged with a project now, and I have no time immediately to check the Pakai server v6.99 capabilities (I will do it in the future when I am free), but if you have anyone that will use your Pakai Server immediately, there are two out of three apparent dependencies (I have not checked b4xlibs) that have vulnerabilities.

You have added the following apparent dependencies:
1) sqlite-jdbc-3.7.2.jar
2) mysql-connector-j-9.3.0.jar
3) mariadb-java-client-3.5.6.jar


If you visit https://www.mvnrepository.com and search for, and click in each one of these, you will find that 1 & 3 have vulnerabilities.
It would be a good thing to change them with the following (number 2 is just an upgrade because mysql-connector-j-9.3.0.jar has no known vulnerabilities) :
1) sqlite-jdbc-3.53.2.0.jar
2) mysql-connector-j-9.7.0.jar
3) mariadb-java-client-3.5.9.jar


Thank you for your efforts,
@hatzisn

P.S. How are the files theme.zip and swagger.zip used? Thanks in advance.
Thanks for the heads up on this.
 

aeric

Expert
Licensed User
Longtime User
We are not allowed to post any app with any known vulnerabilities.
I am not sure whether you mean sharing my project template to your friends in Europe is against the law.
If you are posting my project as yours then it is against the MIT license.

If you are trying to use my open source project template such as this one to build your product, here is my reply.

About Vulnerabilities
The dependencies I listed is what I used for development and test. They work and safe at the point where it has not reported for vulnerabilities.
Vulnerabilities also categorized with different levels such as low or minor, medium and severe or critical.
For local development, I think it is considered safe since it is not exposed to public access under local area network and firewall.

What You Can Do?
One of the powerful features when developing B4X apps is the flexibility of using third party library. The project is not limited on a specific version. You can upgrade to any newer version anytime you like until you hit a compatibility issue. Otherwise, you are welcome to use any version you think is suitable for your use case especially in Production.

Open Source Community
You can use an open source project, modify it and sell your final product without paying anything to the author. Provided you meet the license requirements. One needs to know before using an open source project is he or she know how the community works. Don't just take things for granted but make contributions. Contribution doesn't mean you need to fund the project or submit patches. Opening up a ticket/issue or reporting bugs is really helping the project. Don't download the libraries or templates, hit with an issue and stay silent. This will not help the project but slowly kills it.

GitHub Algorithm
When a project published on GitHub has no forks, no reporting issues, no stars, eventually it will dies.
Raise an issue and let other community members help to address the issue. Let the author know so he can decide what to do next.
Participate in an open source and boost the popularity so more people know about the project.
Help a niche project get a place. Don't just follow the mainstream product that only focus on profit.

The Death of Pakai Server
Pakai Server started as Web API template. It is born with a noble cause to make it as a web development framework on par with DotNet Web API framework using our beloved B4X programming ecosystem. It's core concept is to make a modular framework where developer can build a project progressively. Any part of the framework can be swap with another component. Check My Web Development Overview story. Up to version 6, I feel the project is getting less interest among the community. I am decided to end new development on this project.
 

aeric

Expert
Licensed User
Longtime User
sqlite-jdbc-3.7.2.jar
This version is shipped with B4J by default.

Why I still keep this version?
Because developers don't need to download another version. They can just drop my project template to B4J Additional Libraries folder, select File ->New -> Pakai Server and boom! The project is created in a second and pressing F5, you get a web server running... Just opening a web browser and you can already play with the example with seed database build in.
Of course, there is a caveat. There are other dependencies such as MiniHtml, MiniORMUtils, EndsMeet and other dependencies if you not already installed. There is a tool to automate the download of these libraries call libget.jar.

On my production server, I use a later version but minified size sqlite library. Newer version can support window functions and like you said it is fixed with vulnerability patches.

For production, maybe you will consider to use MySQL or other database. Using SQLite during development is a beginning.
 

hatzisn

Expert
Licensed User
Longtime User
I am not sure whether you mean sharing my project template to your friends in Europe is against the law.
If you are posting my project as yours then it is against the MIT license.

If you are trying to use my open source project template such as this one to build your product, here is my reply.

About Vulnerabilities
The dependencies I listed is what I used for development and test. They work and safe at the point where it has not reported for vulnerabilities.
Vulnerabilities also categorized with different levels such as low or minor, medium and severe or critical.
For local development, I think it is considered safe since it is not exposed to public access under local area network and firewall.

What You Can Do?
One of the powerful features when developing B4X apps is the flexibility of using third party library. The project is not limited on a specific version. You can upgrade to any newer version anytime you like until you hit a compatibility issue. Otherwise, you are welcome to use any version you think is suitable for your use case especially in Production.

Open Source Community
You can use an open source project, modify it and sell your final product without paying anything to the author. Provided you meet the license requirements. One needs to know before using an open source project is he or she know how the community works. Don't just take things for granted but make contributions. Contribution doesn't mean you need to fund the project or submit patches. Opening up a ticket/issue or reporting bugs is really helping the project. Don't download the libraries or templates, hit with an issue and stay silent. This will not help the project but slowly kills it.

GitHub Algorithm
When a project published on GitHub has no forks, no reporting issues, no stars, eventually it will dies.
Raise an issue and let other community members help to address the issue. Let the author know so he can decide what to do next.
Participate in an open source and boost the popularity so more people know about the project.
Help a niche project get a place. Don't just follow the mainstream product that only focus on profit.

The Death of Pakai Server
Pakai Server started as Web API template. It is born with a noble cause to make it as a web development framework on par with DotNet Web API framework using our beloved B4X programming ecosystem. It's core concept is to make a modular framework where developer can build a project progressively. Any part of the framework can be swap with another component. Check My Web Development Overview story. Up to version 6, I feel the project is getting less interest among the community. I am decided to end new development on this project.

Boy, what an answer... I suppose I got you upset. I am not posting your project as mine (nor evaluating it for now), and I suppose that with MIT license it can be used as a part for any professional use projects given that there the developer is mentioned. Is this correct? Further more with MIT license your project is not applicable also for CRA checking but the Europeans that will use it as base (with MIT license requirments) are...

Download the English text of the regulation from this link, add it in a notebookLM notebook and ask all the questions you would like, to see what is applicable and not for MIT license software.

Do not see me as an enemy, as I appreciate what you are doing and honestly I feel the same with some projects. What someone needs to understand in the development community, is that a project will be used and appreciated based on the needs. If someone does not have immediate needs then it stays in the shelf waiting to be noticed. I have a lot of ideas in this condition...
 

aeric

Expert
Licensed User
Longtime User
How are the files theme.zip and swagger.zip used?
It is recommended to post your questions in new threads.

The instruction is mentioned on this post.
Download theme.zip from first post and unzip the file help.css to Objects\www\assets\css
It is just to demonstrate the flexibility that you can modify the outlook of the API documentation page.

For Swagger UI integration, it is an optional add-on which is provided by WebApiUtils.
https://www.b4x.com/android/forum/threads/web-webapiutils.167012/page-2#post-1048730

Introduction
In WebApiUtils version 6.96, you can download swagger UI from the official repository and extract only the /dist folder from https://github.com/swagger-api/swagger-ui/tree/master/dist.
Rename the folder to swagger and drop it to \Objects\www folder of the Pakai Server project.
You need to change one line in the swagger-initializer.js file as following:
swagger-initializer.js:
url: "../help?format=openapi",
This instruction is written clearly in https://github.com/pyhoon/WebApiUtils-B4J/blob/main/README.md.

For convenient, you can just download swagger.zip attached on first post and extract it to \Objects\www\swagger.
Run the project and navigate to http://127.0.0.1:8080/swagger/
Note:
  1. There is no shortcut link to click from the CRUD web interface or /help to navigate to this page because it is an add-on.
  2. The swagger.zip has removed some "unimportant" files from the original \dist folder to make it small due to forum attachment 500KB limit.
 

aeric

Expert
Licensed User
Longtime User
About Swagger UI Integration

I noticed that the swagger.zip attached on the first post is an older version. Perhaps uploaded when WebApiUtils was version 6.96.
This version should work but there is a newer version.

Download the final version 6.99 with sidebar B4X Client Code Snippet, mobile responsive floating buttons with dark theme toggler at bottom right from github repository.
Link: https://github.com/pyhoon/WebApiUtils-B4J/releases/download/v6.99/swagger.zip
or https://www.b4x.com/android/forum/attachments/swagger-zip.172263/ from the post #1 in WebApiUtils thread

Just unzip to \Objects\www\swagger to replaced the older version.

If you previously run the older version, remember to refresh the browser cache.
 
Last edited:

aeric

Expert
Licensed User
Longtime User
Boy, what an answer... I suppose I got you upset. I am not posting your project as mine (nor evaluating it for now), and I suppose that with MIT license it can be used as a part for any professional use projects given that there the developer is mentioned. Is this correct? Further more with MIT license your project is not applicable also for CRA checking but the Europeans that will use it as base (with MIT license requirments) are...

Download the English text of the regulation from this link, add it in a notebookLM notebook and ask all the questions you would like, to see what is applicable and not for MIT license software.

Do not see me as an enemy, as I appreciate what you are doing and honestly I feel the same with some projects. What someone needs to understand in the development community, is that a project will be used and appreciated based on the needs. If someone does not have immediate needs then it stays in the shelf waiting to be noticed. I have a lot of ideas in this condition...
I am not upset by your statement.
I understand there is a concern about law compliant.
As you mentioned, my project is under MIT license may not applicable to the rule.

I just feel sad that my project which I was once excited about need to come to an end.
 

hatzisn

Expert
Licensed User
Longtime User

aeric

Expert
Licensed User
Longtime User
I already answered.
The short answer is "no interest" from the community as I see it.

I was talking to the wall. No one test it. No one use it. No feedback. No suggestion. Not a single thread asking, how to do this, how to solve this, is it possible to do that...

From the start, v1 gained some interest. Even it has a lot of problems. V2 improved a bit and shows real life use cases. I keep on making improvement on V3 and I started to feel I am just "talking to myself". Even some known issues existed, I was expecting people is going to report.
Rebranding in V4. Future plans are on my list. Trying to make it more modular, more flexible, more powerful, more easier to use. More tools, more hidden gems, more "bugs". Still no echoes. I think only Erel and Mashiane clicked Like.

I thought: So many versions released, how can it be no question at all? Those versions are not perfect. The tutorials didn't explain everything clearly. What I did wrong? What features I need to add in? No one told me.
Perhaps members still prefer the more straight forward solution of jrdc2.

And then the secondary reason is ... (to be continued)
 

hatzisn

Expert
Licensed User
Longtime User
I already answered.
The short answer is "no interest" from the community as I see it.

I was talking to the wall. No one test it. No one use it. No feedback. No suggestion. Not a single thread asking, how to do this, how to solve this, is it possible to do that...

From the start, v1 gained some interest. Even it has a lot of problems. V2 improved a bit and shows real life use cases. I keep on making improvement on V3 and I started to feel I am just "talking to myself". Even some known issues existed, I was expecting people is going to report.
Rebranding in V4. Future plans are on my list. Trying to make it more modular, more flexible, more powerful, more easier to use. More tools, more hidden gems, more "bugs". Still no echoes. I think only Erel and Mashiane clicked Like.

I thought: So many versions released, how can it be no question at all? Those versions are not perfect. The tutorials didn't explain everything clearly. What I did wrong? What features I need to add in? No one told me.
Perhaps members still prefer the more straight forward solution of jrdc2.

And then the secondary reason is ... (to be continued)

What about the 1 watch, 4 forks and 15 stars in Github?
 

aeric

Expert
Licensed User
Longtime User
What about the 1 watch, 4 forks and 15 stars in Github?
and thousands of downloads...
without issues, questions...

Wait, I want to apologize. I didn't mean not a single. But actually there is 1 or 2 questions and that's it.
It happened in V1 and V2. Ya, those versions have more issues especially when it turned out to be so complex in V3. I thought I need to rebuild V4.
I can't believe in V4 onwards, those issues and breaking changes introduced by MiniORMUtils, MiniHtml2, etc that nobody want to report.

When I traced back my old threads, the feeling was back to V2 Beta in May 2023 where I started to feel the lack and declining amount of interest towards this project. I keep on working on the development for the next 3 years.
Bear in mind, this project has no other production or profit making commercial use except for my own use for my planned point of sales system, providing Support Ticketing System, Trial/License Activation System, Sales Reporting Dashboard, e-Invoice Middleware Management System and Customer Loyalty Stamping Mobile App.

I may be wrong.
Does anyone really use my Web API Template?
I have the feeling not much interest on this project. I don't see any discussion or question on the issue in this project. I feel it just a pet project that I am the only one feel good about it and provide no valuable real life use cases. ?

But...
The fact is I am powering my production apps with this template.
 

Rubsanpe

Active Member
Licensed User
Longtime User
Hi. I just wanted to tell you that your work is extraordinary and that you’re opening up new possibilities for us that we never would have imagined. You’re also helping B4X grow through all your work. Seeing someone as active as you on the forums gives us a lot of confidence in what we can accomplish in a serious and productive way. Thank you so much for everything you teach us.

Rubén
 

aeric

Expert
Licensed User
Longtime User
Hi. I just wanted to tell you that your work is extraordinary and that you’re opening up new possibilities for us that we never would have imagined. You’re also helping B4X grow through all your work. Seeing someone as active as you on the forums gives us a lot of confidence in what we can accomplish in a serious and productive way. Thank you so much for everything you teach us.

Rubén
Thank you very much, @Rubsanpe for the kind donation. I am really appreciate it.
 
Top