| ... |
... |
@@ -21,8
+21,6 @@ |
| 21 |
21 |
|
| 22 |
22 |
The entered SQL statement is executed as a prepared statement, which prevents SQL injection attacks. You should not and need not use inverted commas (` or '). Also, you can use question marks ( ? ) as placeholders to build queries dynamically. |
| 23 |
23 |
|
| 24 |
|
-{{version major="6" minor="4" patch="0"/}} [[Variables>>doc:Formcycle.UserInterface.Variables.WebHome]] can be used in the SQL statements. |
| 25 |
|
- |
| 26 |
26 |
== Using the database query == |
| 27 |
27 |
|
| 28 |
28 |
You can access the database query by making a HTTP request to the corresponding database servlet and providing the required parameters as GET parameters. The URL to the database query servlet is as follows. |
| ... |
... |
@@ -54,7
+54,7 @@ |
| 54 |
54 |
{{/info}} |
| 55 |
55 |
|
| 56 |
56 |
Database queries can be tested directly from the configuration UI. For this purpose a test console is provided below the SQL editor (see [[figure>>||anchor="fig_data_db_query"]]). |
| 57 |
|
-In the header of the console there is a row of buttons for controling the query: |
|
55 |
+In the header of the console ther is a row of buttons for controling the query: |
| 58 |
58 |
|
| 59 |
59 |
* {{ficon name="database-search"/}}**Perform query** |
| 60 |
60 |
Runs the database query. If //query parameters// ({{code}}?{{/code}}) are provided the user will be prompted to input values vor those parameters. Otherwise the result of the query will be displayed directly in the //table view//. |
| ... |
... |
@@ -106,7
+106,7 @@ |
| 106 |
106 |
|
| 107 |
107 |
This SQL statement returns the names of all persons with a certain first name. The first name to search for is specified via an URL parameter. |
| 108 |
108 |
|
| 109 |
|
-URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&queryParameter=Robinson{{/code}} |
|
107 |
+URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&sqlParameter=Robinson{{/code}} |
| 110 |
110 |
|
| 111 |
111 |
|
| 112 |
112 |
{{code language="sql"}} |
| ... |
... |
@@ -115,7
+115,7 @@ |
| 115 |
115 |
|
| 116 |
116 |
Retrieves the name of a person with a certain ID. The ID is given as an URL parameter. |
| 117 |
117 |
|
| 118 |
|
-URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&queryParameter=100{{/code}} |
|
116 |
+URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&sqlParameter=100{{/code}} |
| 119 |
119 |
|
| 120 |
120 |
|
| 121 |
121 |
{{code language="sql"}} |
| ... |
... |
@@ -124,22
+124,4 @@ |
| 124 |
124 |
|
| 125 |
125 |
Retrieves the names of all persons that live in certain city. The city and the ZIP code are given as URL parameters. |
| 126 |
126 |
|
| 127 |
|
-URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&queryParameter=Paris,75001{{/code}} |
| 128 |
|
- |
| 129 |
|
- |
| 130 |
|
-{{code language="sql"}} |
| 131 |
|
-select name, vorname from tabelle where ort like concat(?, '%') |
| 132 |
|
-{{/code}} |
| 133 |
|
- |
| 134 |
|
-This SQL statement returns the names of all persons who live in a place that **starts **with the given characters. The '%' character serves as a wildcard for any number of characters. Depending on the DBMS used, the syntax may differ slightly (here: MySQL). The requested value is passed via URL parameters. |
| 135 |
|
- |
| 136 |
|
-URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&queryParameter=Par{{/code}} |
| 137 |
|
- |
| 138 |
|
- |
| 139 |
|
-{{code language="sql"}} |
| 140 |
|
-select name, vorname from tabelle where lower(ort) like concat('%', lower(?), '%') |
| 141 |
|
-{{/code}} |
| 142 |
|
- |
| 143 |
|
-This SQL statement returns the names of all persons who live in a place that **contains **the given characters. Upper/lower case spelling is irrelevant becauce the statement converts both, the value column and the actual filter value to lower case (lower(...)). The requested value is passed via URL parameters. |
| 144 |
|
- |
| 145 |
|
-URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&queryParameter=aRi{{/code}} |
|
125 |
+URL for running the query: {{code}}http://myserver/formcycle/datenquelledb?mandantName=myself&name=demo&sqlParameter=Paris,75001{{/code}} |