Home
HCL Domino Designer User Guide and Reference
This guide provides information on using HCL Domino Designer and programming language reference information.
Domino® Query Language
Domino® Query Language (DQL) is a facility running on a Domino server that provides a terse, shorthand syntax for finding documents. It supports a wide variety and complexity of search terms. It leverages existing design elements, avoiding the need to write detailed code to access them. DQL consolidates all methods in Domino for searching document contents.
Substitution variables
Since it is useful to run DQL queries that vary only by the values in any given term, it is tempting to build them using string construction. But building DQL queries using string construction can be a security weakness. DQL supports substitution variables in its syntax so a query can remain unchanged but differing values can be supplied.

HCL Domino Designer User Guide and Reference
This guide provides information on using HCL Domino Designer and programming language reference information.
- What's new in Domino Designer 14?
  The following features are new for developers in HCL Domino® Designer 14.
- What's new in Nomad Designer?
  HCL Nomad for web browsers v1.0.10 introduces the capability to design Notes databases. For more information, see HCL Nomad for web browsers User Documentation, Nomad web Designer.
- Accessibility and keyboard shortcuts
  Accessibility features assist users who have a disability, such as restricted mobility or limited vision, to use information technology content successfully.
- Application Design
  Welcome to the Application Design section of Domino® Designer Help.
- Application Management
  Welcome to the Application Management section of Domino® Designer Help.
- Domino® Query Language
  Domino® Query Language (DQL) is a facility running on a Domino server that provides a terse, shorthand syntax for finding documents. It supports a wide variety and complexity of search terms. It leverages existing design elements, avoiding the need to write detailed code to access them. DQL consolidates all methods in Domino for searching document contents.
  - Getting started
    Before you use Domino® Query Language (DQL), create the equivalent of an internal design catalog in each database against which query requests are processed. The design catalog is maintained in hidden documents within a database and provides a high-speed mechanism to find critical design data at runtime.
  - DQL syntax
    DQL can be executed in the LotusScript® or Java™ Query method on the (Notes®) Database object or the domino-db node.js API.
  - Examples of simple queries
    Here are some examples of simple queries.
  - Value data types
    Domino® features a typeless data model where any type of data can be stored in any field. In a DQL query, the type of data searched for is defined by the type of data specified in the query term:
  - Booleans
    Here are some examples that couple simple queries with Boolean processing.
  - Precedence
    DQL has a natural precedence (order of processing) where ANDed terms are processed before ORed terms.
  - in all
    The all keyword modifies the inclusive in operator to exclude all but a specified list of values.
  - contains
    New in Domino 11: In addition to using NSF scanning and view indexes, DQL provides the contains operator to process queries against full text indexes. A database must have a full text index to be processed in this way.
  - Formula Language
    Beginning in HCL Domino® 12, Formula Language can be used in Domino Query Language (DQL) search terms.
  - Text string values
    Text string evaluation is case insensitive and accent insensitive. Use a single quote (') to forces DQL processing to interpret arguments as text rather than date/times or numerals.
  - Date and time values
    DQL supports the RFC3339 standard format for date-time strings.
  - Substitution variables
    Since it is useful to run DQL queries that vary only by the values in any given term, it is tempting to build them using string construction. But building DQL queries using string construction can be a security weakness. DQL supports substitution variables in its syntax so a query can remain unchanged but differing values can be supplied.
  - View column requirements
    DQL processing requires primary collated columns for view access that must meet specific requirements.
  - Scanning limits
    Though the DQL processing engine takes measures to avoid dominating system resources, it is still possible to write and execute a runaway query. To prevent that, three limit settings are provided.
  - Performance and resource use
    DQL processing consumes memory, disk and CPU resources. To preserve those resources and to speed up query processing, optimize your queries as much as possible.
  - Domino statistics for query analysis
    If DQL is deployed on a Domino server, the show stat query command can be used to report statistics about DQL.
  - Design catalog
    For high speed access to internal information about views and view columns, DQL processing uses a design catalog that contains design data extracted from view notes. Use updall command to add a design catalog to individual databases and to keep the design catalog up to date.
  - DomQuery utility
    The DomQuery command line utility is shipped with the Domino® server and is used to compose and tune queries. Running it with the explain(-e) flag is instrumental in understanding and optimizing DQL syntax and how queries are processed.
  - explain
    The best way to understand how DQL syntax will be processed is by using the explain facility. Explain is available as a method in the DominoQuery class (Java) and NotesDominoQuery class (LotusScript) and with the DomQuery utility using the explain (-e) flag.
  - Full-Text Search
    New in Domino 14: Beginning in HCL Domino® 14, you can enter a full-text syntax query into Domino Query Language (DQL) search terms.
- Composite Applications - Design and Management
  Composite applications are a key element in a service-oriented architecture (SOA) and contextual collaboration strategy. The ability to create and edit composite applications lets you easily integrate different types of components and technologies.
- DB2® Access views
  Domino® Designer includes two types of design elements to assist you in managing data contained in DB2® enabled Notes® databases:
- Programming Overview and User Interface
  This section contains general guidelines and examples that show where to use Java, LotusScript, and the formula language.
- Formula Language
  This section documents the formula language.
- LotusScript® Language
  Welcome to the LotusScript® Language section of Domino® Designer Help.
- LotusScript/COM/OLE Classes
- Java/CORBA Classes
  This section documents the Java/CORBA classes.
- Connectors
  Connectors provide native access to a wide variety of DBMS products, ODBC, the platform File system, Enterprise Resource Planning systems, and Transaction Processing systems.
- Javadoc™ for Domino® Designer related APIs
  As part of providing additional Java™ reference documentation, Domino® Designer ships with a help plugin that contains Javadoc™ for additional Domino Designer related APIs.

Substitution variables

Since it is useful to run DQL queries that vary only by the values in any given term, it is tempting to build them using string construction. But building DQL queries using string construction can be a security weakness. DQL supports substitution variables in its syntax so a query can remain unchanged but differing values can be supplied.

A Java™ example of queries built using string construction is the following, where order_num and order_origination are fields with values supplied from outside the code itself.

String query = "order_no = " + order_num + " and order_origin = '" + order_origination + "'";

When this technique is used to build queries, a security problem is introduced. Users or external malware can modify query syntax by inputting legal DQL that changes the results of the query to find many more documents, perhaps all documents in the database. For example, if order_num contained the following value, that part of the query would find every document in the database. This is the infamous SQL Injection exposure.

"32890 or order_origin <= ''"

To eliminate this weakness, DQL supports substitution variables in its syntax. Substitution variables allow a query to remain unchanged while supplying differing values that produce the variety of results desired. There are two types of substitution variables, positional and named.

Positional substitution variables supply question marks in the query. In the following example, values are supplied via 1-based assignment, where the order_no value is variable 1 and order_origin is variable 2.

String query = "order_no = ?  and order_origin = ?";

Named substitution variables supply question marks followed by alphanumeric and special character text names of 1-15 bytes that comprise the name. Values are supplied using the text following the question mark only. Here is the same query with named substitution variables:

String query = "order_no = ?order_num  and order_origin = ?order_origin";

Domino® Java™ and LotusScript® classes support named substitution variables only.

See the Domino® Designer documentation for details on how to set these variable values in the language you are using.