On Feb 15, 2008, at 9:34 PM, Adrian Klaver wrote:
> The solution I came up is to use the setWhereClause() method of the
> dBizobj.
> This allows me to change the field I am filtering. For example
> biz.setWhereClause('p_item_no='+p_no) where p_no is derived from a
> value in a
> dOkCancelDialog. Or I can do biz.setWhereClause('common ilike '
> +srch_string)
> using the same method. This way I don't run in the problem of
> addWhere's
> accumulating. I then do:
> biz.requery()
> self.update()
> and presto the form has the correct values.
The problem with such approaches is SQL injection. Parameterized
queries are much safer.
-- Ed Leafe
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-users
Searchable Archives: http://leafe.com/archives/search/dabo-users
This message: http://leafe.com/archives/byMID/dabo-users/[EMAIL PROTECTED]
