Re: How to implement paginated search results

Sat, 18 Jul 2009 12:59:22 -0700

Em Sat, 18 Jul 2009 15:40:10 -0300, Pete Poulos <[email protected]> escreveu: 


Hi,


Hi!


Session
Store the search criteria in the users session.  From what I can tell
this won't work because when the user starts a new search in a new tab
the new search criteria will replace the search criteria used by the
tabs and then those tabs will begin returning results from the new
search...


You're right.


Page Context
Store the search criteria in the page context (by encoding it into a
string representation?).  It seems like a large number of sites store
their search criteria into the pages URL in one manner or another,
however this results in some rather long and ugly URLs



IMHO, this isn't ugly, at least with a not large number of parameters. And  
Tapestry's activation context is way prettier than normal parameters  
(?a=1&b=2). The page context is exactly what I would choose in this  
scenario.



(on the bright
side, the user can bookmark their searches and come back to them,
right?).


Right. ;)


Also, I believe that I would have to be careful how I
implemented this so that the search results page isn't open to SQL
Injection attacks right?



Not right. SQL injection is a database issue, not a Web layer one. Your  
database access classes must deal with sanitizing inputs, not Tapestry  
page classes. By the way, if you use JDBC, using PreparedStatement solves  
the SQL Injection problem completely. If you use Hibernate or some JPA  
implementation, you don't even need to worry about it, because they use  
PreparedStatements.


Obligatory XKCD reference: http://xkcd.com/327/


This seems like a fairly common thing to want to do on a website, is
there some sort of Tapestry Patterns page that has best practices for
common things like this?



There isn't an specific Tapestry Patterns page, but the Tapestry wiki and  
Geoff's JumpStart (http://jumpstart.doublenegative.com.au/) are good  
places to begin searching for examples. Anyway, that's a very good idea. :)


--
Thiago H. de Paula Figueiredo
Independent Java consultant, developer, and instructor
http://www.arsmachina.com.br/thiago

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]























					Reply via email to