Re: [Zope] newbie question -- database list/report with sort bycolumn header
Hi, Chris Gray schrieb: Here's a fragment from a table that allows sorting by clicking the header in a dtml method named 'displayTable': table tr tha href="displayTable?sort_key=ID+desc"ID/a/th tha href="displayTable?sort_key=product"Product/a /tr dtml-in "SQLSelectQuery(sort_key=REQUEST['sort_key'])" Then feed sort_key into your SQLSelectQuery to use in an ORDER BY clause. select * from table order by dtml-var sort_key You schould never do so. Unquoted variables in SQL-statements are high security risc if they came from REQUEST. As an example someone can send a string which ends a statement and begins a new one, like drop table. Instead reference only an index of a list with the columns to sort. oder by dtml-sqlvar orderindex type=int is also a solution. The index ranges from 1 to number of returned values. Regards Tino You can change the properties of an object in DTML by callling its manage_changeProperties method, for example: dtml-call expr="foo.manage_changeProperties(bar='New Value')" will changes the value of foo's bar property to 'New Value'. There are several ways of getting the effect of assigning variables in DTML, but it really isn't meant to have a direct way of declaring and assigning variables. The way you're trying to use an object's properties will, I believe, cause problems in the case of simultaneous users, because it will act as a global variable. Cheers, Chris On Mon, 4 Dec 2000, John Cappelletti wrote: I am listing the results of a database query using dtml-in. I'd like to be able to give the user the option to re-sort the list by clicking on a column header. ok... I'm starting small with a form and radio buttons to allow the user to specify the sort. I've created what I believe to be a global variable for this page using the property screen. The variable is to capture the column name for the sort. My simple question is how do I assign a value to this variable inside of the dtml method! I'm not finding a description of variable assignment in the documentation (yeah, I must be missing the obvious). Any pointers would be appreciated. (also, know if anyone has implemented interactive sort by column header?) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] newbie question -- database list/report with sort bycolumn header
Here's a fragment from a table that allows sorting by clicking the header in a dtml method named 'displayTable': table tr tha href="displayTable?sort_key=ID+desc"ID/a/th tha href="displayTable?sort_key=product"Product/a /tr dtml-in "SQLSelectQuery(sort_key=REQUEST['sort_key'])" Then feed sort_key into your SQLSelectQuery to use in an ORDER BY clause. select * from table order by dtml-var sort_key You can change the properties of an object in DTML by callling its manage_changeProperties method, for example: dtml-call expr="foo.manage_changeProperties(bar='New Value')" will changes the value of foo's bar property to 'New Value'. There are several ways of getting the effect of assigning variables in DTML, but it really isn't meant to have a direct way of declaring and assigning variables. The way you're trying to use an object's properties will, I believe, cause problems in the case of simultaneous users, because it will act as a global variable. Cheers, Chris On Mon, 4 Dec 2000, John Cappelletti wrote: I am listing the results of a database query using dtml-in. I'd like to be able to give the user the option to re-sort the list by clicking on a column header. ok... I'm starting small with a form and radio buttons to allow the user to specify the sort. I've created what I believe to be a global variable for this page using the property screen. The variable is to capture the column name for the sort. My simple question is how do I assign a value to this variable inside of the dtml method! I'm not finding a description of variable assignment in the documentation (yeah, I must be missing the obvious). Any pointers would be appreciated. (also, know if anyone has implemented interactive sort by column header?) thanks, John Cappelletti AverStar, Inc. 1593 Spring Hill Road, Suite 700 Vienna, VA 22182-2249 Tel: (703) 827-2606 x 4291 (also, 301 443-7509) Fax: (703) 827-5560 ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
