[docs] Change in DbSqlAccessMethods made by Paul Jordan

Wiki Watch docs@icdevgroup.org
Fri May 23 12:47:00 2003


You can visit the live page at this URL:
http://www.icdevgroup.org/i/doc/wiki/DbSqlAccessMethods.html

--- tmp/dutEvnI2:63.205.59.62.previous	Fri May 23 12:42:03 2003
+++ tmp/dutEvnI2:63.205.59.62.current	Fri May 23 12:42:03 2003
@@ -4,3 +4,30 @@
 of the other databases can. Arbitrary SQL queries can be passed with
 the [query sql="SQL STATEMENT"] ITL tag.
 
+    [query
+        ml=10
+        more=1
+        type=list
+        sp="@@MV_PAGE@@"
+        sql=|
+            SELECT  sku, description
+            FROM    products
+            WHERE   somecol BETWEEN '[cgi from]' AND '[cgi to]'
+            AND     someothercol = '[cgi whatever]'
+            ORDER BY sku
+        |]
+        [list]
+            sku=[sql-code] - desc=[sql-param description]<br>
+        [/list]
+        [on-match]
+            Something was found<br>
+        [/on-match]
+        [no-match]
+            Nothing was found<br>
+        [/no-match]
+        [more-list]
+		<br>[matches]<br>
+        [/more-list]
+    [/query]
+
+You will want to filter your [cgi foo] values for a (') that are used to build the query. I believe the is a filter=quotesql that will work for this.