Please show me an example of Struts client side javascript validation for Array
I have two fields with same name Could I use validation.xml to config validation for customerName field? How to write it? I tried But it didn't work. Who know the problem? Thanks a lot! -- Anthony Hong - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
The method setValue(String, Object) in the type TagSupport is not applicable for the arguments (Object)
Here is my code and iam getting the error
The method setValue(String, Object) in the type TagSupport is not
applicable for the arguments (Object)
Can any one tell wht the problem is
Bye
vijay
<%
if(request.getAttribute("pass")!=null)
{
%>
<%}%>
Converting Model Data to View
Hi Folks, I am using Struts1.1, Tiles and Validator framework. In my application user enters data into a portlet and that data gets stored as comma seperated values. While retreveing we tokenize and displayed it in View JSPs. I want to store this data in some structured format (Such as XML). Could you please tell me some of the best practices for doing this. Thnaks & Regards Tushar __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Date class in java-help
I have the user enter the date in string format. I want to convert it to Date object. How do I do it? Also, please let me know if I use Date from util or Date from sql here? I have Hibernate database methods which will put date object in it. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Does Javascript validation support Array?
I have a question about validation framework use javascipt in struts. If I define a rule in validation.xml with field "customerName" required, and there are two input text items use this name, then javascript validation doesn't work. What should I do? I use struts 1.1 -- Anthony Hong - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tiles scope headache assistance still needed.
I am still no closer to a solution to my problem with tiles. I will explain
the scenario again in hopes that someone will provide some insight into my
problem.
I am using tiles to provide layouts in my xml syntax JSP pages.
Here is the original page that I want to use within a tag. I
attempt to add my layout to decorate the quote, but no matter what I do I
cannot make the quote available to my subtile. My quoteForm is in session
scope. I can see the power of tiles, but I thought I could give access of
beans to my subtiles. No matter where I place my
it has no effect. What am I missing something?
${quote.offerPriceLightValue.sizeValue.size}"/>
Instead of putting the layout code in the page I want to wrap the quote with
a layout my designer created.
I create the following definintion that extend my layout so I can wrap my
qutoe.
Here is a simplified quote display that I would like to include as the
content for my quote.
${quote.offerPriceLightValue.sizeValue.size}"
This is a simplified layout that I need to use to decorate the quote.
">
Thank you for your time,
Jason Long
CEO and Chief Software Engineer
BS Physics, MS Chemical Engineering
http://www.supernovasoftware.com
-Original Message-
From: Jason Long [mailto:[EMAIL PROTECTED]
Sent: Saturday, February 19, 2005 3:59 PM
To: 'Struts Users Mailing List'
Subject: RE: Tiles scope headache assistance needed.
quote.list.item is defiened as follows:
".table.holder" is a layout. I want to display my quote in this holder.
The format for the quote is defined in list.item.jsp. Everything works
except I cannot make quote available to the tile.
"quote" is defined as follows
"quoteForm" is in session scope.
Thank you for your time,
Jason Long
CEO and Chief Software Engineer
BS Physics, MS Chemical Engineering
http://www.supernovasoftware.com
-Original Message-
From: Brian Moseley [mailto:[EMAIL PROTECTED]
Sent: Friday, February 18, 2005 11:34 AM
To: Struts Users Mailing List
Subject: Re: Tiles scope headache assistance needed.
Jason Long wrote:
>
>
>
>
> ${quote.offerPriceLightValue.sizeValue.size}
>
>
>
>
>
>
>
>
> I would like to define the following tile definition:
>
>
>
>
you must be leaving something out of your email, cos this
tile is named .table.holder, but the jsp above is inserting
a tile named ".quote.list.item".
> And have quote.jsp as follows:
>
>
>
> ${quote.offerPriceLightValue.sizeValue.size}
>
>
you need to put the in quote.jsp.
that exposes the bean referenced by in the
calling jsp.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tiles scope headache assistance still needed.
I am still no closer to a solution to my problem with tiles. I will explain
the scenario again in hopes that someone will provide some insight into my
problem.
I am using tiles to provide layouts in my xml syntax JSP pages.
Here is the original page that I want to use within a tag. I
attempt to add my layout to decorate the quote, but no matter what I do I
cannot make the quote available to my subtile. My quoteForm is in session
scope. I can see the power of tiles, but I thought I could give access of
beans to my subtiles. No matter where I place my
it has no effect. What am I missing something?
${quote.offerPriceLightValue.sizeValue.size}"/>
Instead of putting the layout code in the page I want to wrap the quote with
a layout my designer created.
I create the following definintion that extend my layout so I can wrap my
qutoe.
Here is a simplified quote display that I would like to include as the
content for my quote.
${quote.offerPriceLightValue.sizeValue.size}"
This is a simplified layout that I need to use to decorate the quote.
">
Thank you for your time,
Jason Long
CEO and Chief Software Engineer
BS Physics, MS Chemical Engineering
http://www.supernovasoftware.com
-Original Message-
From: Jason Long [mailto:[EMAIL PROTECTED]
Sent: Saturday, February 19, 2005 3:59 PM
To: 'Struts Users Mailing List'
Subject: RE: Tiles scope headache assistance needed.
quote.list.item is defiened as follows:
".table.holder" is a layout. I want to display my quote in this holder.
The format for the quote is defined in list.item.jsp. Everything works
except I cannot make quote available to the tile.
"quote" is defined as follows
"quoteForm" is in session scope.
Thank you for your time,
Jason Long
CEO and Chief Software Engineer
BS Physics, MS Chemical Engineering
http://www.supernovasoftware.com
-Original Message-
From: Brian Moseley [mailto:[EMAIL PROTECTED]
Sent: Friday, February 18, 2005 11:34 AM
To: Struts Users Mailing List
Subject: Re: Tiles scope headache assistance needed.
Jason Long wrote:
>
>
>
>
> ${quote.offerPriceLightValue.sizeValue.size}
>
>
>
>
>
>
>
>
> I would like to define the following tile definition:
>
>
>
>
you must be leaving something out of your email, cos this
tile is named .table.holder, but the jsp above is inserting
a tile named ".quote.list.item".
> And have quote.jsp as follows:
>
>
>
> ${quote.offerPriceLightValue.sizeValue.size}
>
>
you need to put the in quote.jsp.
that exposes the bean referenced by in the
calling jsp.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Struts and iBATIS
The code there is:
===
MappedStatement ms = (MappedStatement) mappedStatements.get(id);
if (ms == null) {
throw new SqlMapException("There is no statement named " + id +
" in this SqlMap.");
}
return ms;
===
Looks like you have a sqlmap, but that the statement "insertModule" is
not in it.
Make sure you have the sqlmap that contains the "insertModule"
statement in your SqlMapConfig.xml file.
Larry
On Mon, 21 Feb 2005 04:28:08 +, Tim Christopher
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm in the middle of incorporating iBATIS into my Struts project, but
> am having slight trouble in getting it to work.
>
> The problem starts when I call sqlMap.startTransaction() from within
> my BaseDAO file as I get a null pointer exception... Yet when I print
> out the value of sqlMap I get something like
> "[EMAIL PROTECTED]" - not null as
> I would have expected given the null pointer error. Sadly I do not
> know of any methods I can call that show the state of the sqlMap.
>
> Having made various small alterations to the code to try and get it to
> work I eventually tried removing the line to start the transaction...
> However this resulted in the following error:
>
> com.ibatis.sqlmap.client.SqlMapException: There is no statement named
> insertModule in this SqlMap.
>
> ...SqlMapExecutorDelegate.getMappedStatement(SqlMapExecutorDelegate.java:288)
> ...SqlMapExecutorDelegate.update(SqlMapExecutorDelegate.java:491)
> ...SqlMapSessionImpl.update(SqlMapSessionImpl.java:89)
> ...SqlMapClientImpl.update(SqlMapClientImpl.java:61)
> ...com.xyz.BaseDAO.update(BaseDAO.java:101)
>
>
> This leaves me at a point where I'm not certain if this means there is
> a problem with my XML config file (ie. it's looking, but can't find
> the statement), or if it looking in an empty object - though I'm
> guessing (hoping) that fixing the first null pointer error should make
> it all work fine.
>
> Any help / suggestions apreciated.
>
> Tim Christopher
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Struts and iBATIS
Hi, I'm in the middle of incorporating iBATIS into my Struts project, but am having slight trouble in getting it to work. The problem starts when I call sqlMap.startTransaction() from within my BaseDAO file as I get a null pointer exception... Yet when I print out the value of sqlMap I get something like "[EMAIL PROTECTED]" - not null as I would have expected given the null pointer error. Sadly I do not know of any methods I can call that show the state of the sqlMap. Having made various small alterations to the code to try and get it to work I eventually tried removing the line to start the transaction... However this resulted in the following error: com.ibatis.sqlmap.client.SqlMapException: There is no statement named insertModule in this SqlMap. ...SqlMapExecutorDelegate.getMappedStatement(SqlMapExecutorDelegate.java:288) ...SqlMapExecutorDelegate.update(SqlMapExecutorDelegate.java:491) ...SqlMapSessionImpl.update(SqlMapSessionImpl.java:89) ...SqlMapClientImpl.update(SqlMapClientImpl.java:61) ...com.xyz.BaseDAO.update(BaseDAO.java:101) This leaves me at a point where I'm not certain if this means there is a problem with my XML config file (ie. it's looking, but can't find the statement), or if it looking in an empty object - though I'm guessing (hoping) that fixing the first null pointer error should make it all work fine. Any help / suggestions apreciated. Tim Christopher - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Model 2 based framework for .NET released - Totally OFF TOPIC
Hi. Sorry for this, hope nobody gets mad at met. But I'm pretty sure there are people here that also work with .NET. So... I've worked in a MVC (Model-View-Controller) framework for Microsoft .NET Web applications. The framework has now been released and is in Beta version. The framework is based on Model 2 from Sun Microsystems, hence very similar to Struts (actually it's inspired on Struts), though it's a lot simpler. Microsoft .NET provides a nice object model and a event based system, so the final result of using this new framework is close to what JSF (Java Server Faces) proposes. I'm looking for some comments, opinions, ideas, bugs, sugestions and critics. The project is supported by SourceForge and is available at http://sourceforge.net/projects/lattis/ or at http://lattis.sourceforge.net/. Thank for attention and sorry for the inconvenience. -- Leandro __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Display a form without using .do
Hmm... Of course, the next question should probably be raised if it's
a good idea to base your security model on paths that don't even exist
in reality...
It seems a bit odd to me to place your trust on how the URI string
will be handled internally. If there isn't such a path as
.../protected/..., then why even base your restrictions on that? IMHO,
it's just asking for it. Sooner or later you'll forget while
maintaining your app and you will have a security hole.
Wouldn't it be much better to restrict based upon the action name
itself? That's something that actually exists, not some made-up path
that relies on the user/URI processing to stay that way.
So, in either case, I would/do map my security straight to the name of
the action. If you think about it, it even makes practical sense:
UserRoleA can "deleteItem"(.do)... It even reads normally when you
look at your web.xml.
Just my 2 cents.
JQ.
On Sun, 20 Feb 2005 18:27:51 +0100, Christian Bollmeyer
<[EMAIL PROTECTED]> wrote:
> On Sunday 20 February 2005 16:52, Erik Weber wrote:
> > Could you elaborate please? Is this a Servlet model security problem,
> > one specific to Struts, or one that is only exposed by neglect in
> > some other area (which is what I suspect)? This is news to me. I've
> > used path mapping all my Java life. I've also posted numerous
> > path-mapping strategies on this list (as have others) and never have
> > encountered any warnings like this.
>
> Well, after checking, it's actually p. *3*62ff. There Hans says: "The
> extension rule, using the expression *.do, is the one that's
> recommended for for mapping requests that should be processed
> by Struts" (after explaining the different kinds of rules (exact match,
> longest path prefix, extension). On p. 363, he says, after giving
> some example: "It turns out, however, that even with a separate
> mapping for protected resources, it's easy to bypass the the
> access control for a Struts action when you use the path prefix
> mapping. I'll show you why in a moment. To avoid security issues,
> I recommend you stick to the extension-mapping model". Of
> course he shows, as always, from p. 364 on. It all starts with
> a simplified version of Struts 1.0.2 code:
>
> protected String processPath(HttpServletRequest request) {
> String path = null;
> path = request.getPathInfo();
> if ((path != null) && (path.length() > 0)) {
>return (path);
> }
> path = request.getServletPath();
> int slash = path.lastIndexOf("/");
> int period = path.lastIndexOf(".");
> if ((period >= 0) && (period > slash))
>path = path.substring(0, period);
> return (path);
> }
>
> Then he goes on: "The processPath() method first calls
> getPathInfo() on the request object to get the part of the
> path that remains after removing the part the container
> uses to identify the servlet. For instance, with a path-
> prefix mapping such as /ch18/protected/do/* for
> the Struts servlet in the deployment descriptor and
> a URI such as /ora/ch18/protected/do/StoreMsg, the
> getPathInfo() method returns /storeMsg. If it returns
> null, it means that an extension mapping is used for the
> Struts servlet or that the URI is invalid. If so, the the
> getServletPath() method is called to get the complete
> context-relative path for the request. With a mapping such
> as *.do and a URI such as /ora/ch18/protected/StoreMsg.do,
> it returns /ch18/protected/StoreMsg.do. The processPath()
> method strips off the extension part and returns the rest
> of the path, i.e. /ch18/protected/StoreMsg.
>
> Hence, when you use the path-prefix mapping, only the part
> of the URI that comes after the part that identifies the Struts
> servlet is returned an subsequently finds a matching action,
> while with an extension mapping, the whole context-relative
> path is returned and identifies the action. This is what causes
> the security problem I mentioned earlier. With the access-
> control filter mapped to /ch18/protected/*, and the Struts
> servlet mapped to /ch18/do/* and /ch18/protected/do/*,
> an adventurous user can access a protected action with a
> URI like /ch18/do/storeMsg instead of
> /ch18/protected/do/storeMsg, completely bypassing the
> access-control filter. This means the only secure way to
> to provide access control for Struts actions when you
> use path-prefix mapping is to do the access control
> within the actions instead of with a filter. It's easier to
> just stick to extension mapping, as I recommended
> earlier."
>
> So much for now. Filters aside, I think it's more of
> a general configuration trap, and probably things
> have been changed sind 1.0.2 anyway. Still, we
> at least prefer everything we want to channel
> through the Struts servlet have a *.do (or what-
> ever unique) ending, regardless of path issues,
> as not losing track of mapping details is an ongoing
> challenge with larger apps in general, and the
> last thing I'd like to care about are additional
> security considerations of any kind :
[NEED] I need example and document about DispathAction
Hi, I'm looking for some tutorial or document of Dispath Action. Who knows where I can find it, plz show me! thanks for advance! Anh Tuan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Validation for methods in DispatchAction
I use DispatchAction for CRUD activities in my application. Using methods like "create", "populate", "update" etc. I manage each particular activity for my entity (e.g. User) but in some of these activities I need validation (e.g. update/create) and in some of them not (e.g. populate/delete). Currently I have double mappings like /User.do and /UserVal.do for my (the same) UserAction DispatchAction. One mapping is defined with validation and another without it. When I want populate/delete method I use User.do mapping, and if I want create/update methods I use UserVal.do mapping. Is there any better approach for this? Stjepan Brbot - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Display a form without using .do
Well, in my opinion that author is using faulty logic. He offers a poor
security implementation and then blames the Struts code for a hole in
it. However, it's good to imagine every possible means of a security
breech, so I appreciate you bringing it up.
Erik
Christian Bollmeyer wrote:
On Sunday 20 February 2005 16:52, Erik Weber wrote:
Could you elaborate please? Is this a Servlet model security problem,
one specific to Struts, or one that is only exposed by neglect in
some other area (which is what I suspect)? This is news to me. I've
used path mapping all my Java life. I've also posted numerous
path-mapping strategies on this list (as have others) and never have
encountered any warnings like this.
Well, after checking, it's actually p. *3*62ff. There Hans says: "The
extension rule, using the expression *.do, is the one that's
recommended for for mapping requests that should be processed
by Struts" (after explaining the different kinds of rules (exact match,
longest path prefix, extension). On p. 363, he says, after giving
some example: "It turns out, however, that even with a separate
mapping for protected resources, it's easy to bypass the the
access control for a Struts action when you use the path prefix
mapping. I'll show you why in a moment. To avoid security issues,
I recommend you stick to the extension-mapping model". Of
course he shows, as always, from p. 364 on. It all starts with
a simplified version of Struts 1.0.2 code:
protected String processPath(HttpServletRequest request) {
String path = null;
path = request.getPathInfo();
if ((path != null) && (path.length() > 0)) {
return (path);
}
path = request.getServletPath();
int slash = path.lastIndexOf("/");
int period = path.lastIndexOf(".");
if ((period >= 0) && (period > slash))
path = path.substring(0, period);
return (path);
}
Then he goes on: "The processPath() method first calls
getPathInfo() on the request object to get the part of the
path that remains after removing the part the container
uses to identify the servlet. For instance, with a path-
prefix mapping such as /ch18/protected/do/* for
the Struts servlet in the deployment descriptor and
a URI such as /ora/ch18/protected/do/StoreMsg, the
getPathInfo() method returns /storeMsg. If it returns
null, it means that an extension mapping is used for the
Struts servlet or that the URI is invalid. If so, the the
getServletPath() method is called to get the complete
context-relative path for the request. With a mapping such
as *.do and a URI such as /ora/ch18/protected/StoreMsg.do,
it returns /ch18/protected/StoreMsg.do. The processPath()
method strips off the extension part and returns the rest
of the path, i.e. /ch18/protected/StoreMsg.
Hence, when you use the path-prefix mapping, only the part
of the URI that comes after the part that identifies the Struts
servlet is returned an subsequently finds a matching action,
while with an extension mapping, the whole context-relative
path is returned and identifies the action. This is what causes
the security problem I mentioned earlier. With the access-
control filter mapped to /ch18/protected/*, and the Struts
servlet mapped to /ch18/do/* and /ch18/protected/do/*,
an adventurous user can access a protected action with a
URI like /ch18/do/storeMsg instead of
/ch18/protected/do/storeMsg, completely bypassing the
access-control filter. This means the only secure way to
to provide access control for Struts actions when you
use path-prefix mapping is to do the access control
within the actions instead of with a filter. It's easier to
just stick to extension mapping, as I recommended
earlier."
So much for now. Filters aside, I think it's more of
a general configuration trap, and probably things
have been changed sind 1.0.2 anyway. Still, we
at least prefer everything we want to channel
through the Struts servlet have a *.do (or what-
ever unique) ending, regardless of path issues,
as not losing track of mapping details is an ongoing
challenge with larger apps in general, and the
last thing I'd like to care about are additional
security considerations of any kind :-)
HTH,
-- Chris.
Thanks,
Erik
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Display a form without using .do
On Sunday 20 February 2005 16:52, Erik Weber wrote:
> Could you elaborate please? Is this a Servlet model security problem,
> one specific to Struts, or one that is only exposed by neglect in
> some other area (which is what I suspect)? This is news to me. I've
> used path mapping all my Java life. I've also posted numerous
> path-mapping strategies on this list (as have others) and never have
> encountered any warnings like this.
Well, after checking, it's actually p. *3*62ff. There Hans says: "The
extension rule, using the expression *.do, is the one that's
recommended for for mapping requests that should be processed
by Struts" (after explaining the different kinds of rules (exact match,
longest path prefix, extension). On p. 363, he says, after giving
some example: "It turns out, however, that even with a separate
mapping for protected resources, it's easy to bypass the the
access control for a Struts action when you use the path prefix
mapping. I'll show you why in a moment. To avoid security issues,
I recommend you stick to the extension-mapping model". Of
course he shows, as always, from p. 364 on. It all starts with
a simplified version of Struts 1.0.2 code:
protected String processPath(HttpServletRequest request) {
String path = null;
path = request.getPathInfo();
if ((path != null) && (path.length() > 0)) {
return (path);
}
path = request.getServletPath();
int slash = path.lastIndexOf("/");
int period = path.lastIndexOf(".");
if ((period >= 0) && (period > slash))
path = path.substring(0, period);
return (path);
}
Then he goes on: "The processPath() method first calls
getPathInfo() on the request object to get the part of the
path that remains after removing the part the container
uses to identify the servlet. For instance, with a path-
prefix mapping such as /ch18/protected/do/* for
the Struts servlet in the deployment descriptor and
a URI such as /ora/ch18/protected/do/StoreMsg, the
getPathInfo() method returns /storeMsg. If it returns
null, it means that an extension mapping is used for the
Struts servlet or that the URI is invalid. If so, the the
getServletPath() method is called to get the complete
context-relative path for the request. With a mapping such
as *.do and a URI such as /ora/ch18/protected/StoreMsg.do,
it returns /ch18/protected/StoreMsg.do. The processPath()
method strips off the extension part and returns the rest
of the path, i.e. /ch18/protected/StoreMsg.
Hence, when you use the path-prefix mapping, only the part
of the URI that comes after the part that identifies the Struts
servlet is returned an subsequently finds a matching action,
while with an extension mapping, the whole context-relative
path is returned and identifies the action. This is what causes
the security problem I mentioned earlier. With the access-
control filter mapped to /ch18/protected/*, and the Struts
servlet mapped to /ch18/do/* and /ch18/protected/do/*,
an adventurous user can access a protected action with a
URI like /ch18/do/storeMsg instead of
/ch18/protected/do/storeMsg, completely bypassing the
access-control filter. This means the only secure way to
to provide access control for Struts actions when you
use path-prefix mapping is to do the access control
within the actions instead of with a filter. It's easier to
just stick to extension mapping, as I recommended
earlier."
So much for now. Filters aside, I think it's more of
a general configuration trap, and probably things
have been changed sind 1.0.2 anyway. Still, we
at least prefer everything we want to channel
through the Struts servlet have a *.do (or what-
ever unique) ending, regardless of path issues,
as not losing track of mapping details is an ongoing
challenge with larger apps in general, and the
last thing I'd like to care about are additional
security considerations of any kind :-)
HTH,
-- Chris.
> Thanks,
> Erik
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Display a form without using .do
Could you elaborate please? Is this a Servlet model security problem,
one specific to Struts, or one that is only exposed by neglect in some
other area (which is what I suspect)? This is news to me. I've used path
mapping all my Java life. I've also posted numerous path-mapping
strategies on this list (as have others) and never have encountered any
warnings like this.
Thanks,
Erik
Christian Bollmeyer wrote:
On Friday 18 February 2005 19:00, Erik Weber wrote:
Learn to use (Servlet) path mapping ("/something/*") instead of
extension mapping ("*.something").
Hm. Extension mapping is typically safe, while path-prefix
mapping may be *not*. The details are laid out in
Bergsten's 'Java Server Pages' 2nd Edition, p. 262ff.
(O'Reilly, 2002), dealing with the processPath()
implementation of Struts 1.0.2. Well, though this
might have been changed in the meantime (can
anybody here confirm?), we at least strictly stick
to extension mapping (not always *.do :-) just
for security reasons.
Erik
-- Chris.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Display a form without using .do
On Friday 18 February 2005 19:00, Erik Weber wrote:
> Learn to use (Servlet) path mapping ("/something/*") instead of
> extension mapping ("*.something").
Hm. Extension mapping is typically safe, while path-prefix
mapping may be *not*. The details are laid out in
Bergsten's 'Java Server Pages' 2nd Edition, p. 262ff.
(O'Reilly, 2002), dealing with the processPath()
implementation of Struts 1.0.2. Well, though this
might have been changed in the meantime (can
anybody here confirm?), we at least strictly stick
to extension mapping (not always *.do :-) just
for security reasons.
> Erik
-- Chris.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Displaying mulitpage results -> Néstor
Hello Néstor, I'm quite happy using your taglib. I got only one problem: How can I get an index for the rows which are created. In Struts you would have something like this: There I could easily tell which row some data belongs to by usign the index above. How can I do the same thing in Datagrid? cheers, Peter Néstor Boscán schrieb: Hi Antony 1) Expose two more variables to access first page and last page ( like nextUrlVar). You can use the pages variable and get the first and last page elements to get the first page and the last page. But It may be interesting to put two aditional variables. 2) A way to specify the maximum number of page links on the page. For example if a query returns 500 records and the page size is 10 instead of showing 50 page links, limit them to a certain number. With the pages variable you can use the data anyway you like. You can show all of them or limit the number of pages shown to a specific number. Any new features that you can come up is always welcomed. Regards, Néstor Boscán -Mensaje original- De: Antony Joseph [mailto:[EMAIL PROTECTED] Enviado el: Sábado, 19 de Febrero de 2005 02:37 p.m. Para: Struts Users Mailing List Asunto: RE: Displaying mulitpage results Hi Nestor, Thanks for putting together the datagrid library. Please see if you can add these two features in a future release of the library: 1) Expose two more variables to access first page and last page ( like nextUrlVar). 2) A way to specify the maximum number of page links on the page. For example if a query returns 500 records and the page size is 10 instead of showing 50 page links, limit them to a certain number. Currently to provide these features I am using scriplets. - Original Message - From: "Néstor Boscán" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" Subject: RE: Displaying mulitpage results Date: Sat, 19 Feb 2005 13:43:16 -0400 Hi Antony You can't use JSP tags inside the columns. You could use HTML buttons and input fields with JSTL expressions. Regards, Néstor Boscán -Mensaje original- De: Peter Neu [mailto:[EMAIL PROTECTED] Enviado el: Sábado, 19 de Febrero de 2005 01:18 p.m. Para: Struts Users Mailing List Asunto: Re: Displaying mulitpage results Hello Antony, the datagrid-tags were exactly what I was looking for. The one question which I have is how can I use Struts tags inside the columns? I really need some buttons and input fields. cheers, Peter Antony Joseph schrieb: Check out the datagrid library at http://jakarta.apache.org/taglibs/sandbox/doc/datagrid-doc/intro.htm l If all you are looking for is pagination, sorting and ordering from the database this is a good fit. It does not have all the bells and whistles displaytag has, but is a simple and clean implementation. The biggest issue I have with the stock displaytag is, you have to stick the whole query result somewhere (generally in the users session) to do pagination. A very bad idea in my opinion. See https://workeffort.dev.java.net for an application usage example of datagrid library. Got tired of spamming you all with my company website, so I moved the application to java.net :-) - Original Message - From: "Peter Neu" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Subject: Displaying mulitpage results Date: Sat, 19 Feb 2005 11:11:27 +0100 Hello everybody, in my struts application I used to display a table of query results on one page. Now the results are becoming way too much to display them on one page. What is the best way to implement a mulitpage result view? The problem is I have multi-step workflow and I don't want to confuse the user too much. Best Regards, Peter --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Antony Joseph Available for consulting http://www.logicden.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Antony Joseph Available for consulting http://www.logicden.com -- ___ Find what you are looking for with the Lycos Yellow Pages http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp ?SRC=lycos10 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTEC
