[Ricardo Rodriguez] eBioTIC. wrote:
> Thanks!
>
> Caleb James DeLisle wrote:
>> #set($species =
>> $doc.getObject('Species.SpeciesClass').getProperty('GalicianName').getValue())
>> That should do it.
>>
>
> Yeah! The hierarchy is pretty clear now... that you have wrote it down!
> :-) Thanks!
>
>> Note:
>> For better security the query should be:
>> #set($query = ", BaseObject as obj, LargeStringProperty as prop where
>> doc.fullName = obj.name and
>> obj.className='Users.PdrUserClass' and obj.id=prop.id.id and
>> prop.id.name='Species' and prop.value
>> like ? order by doc.fullName asc")
>> then
>> #set($results = $xwiki.searchDocuments($query, [$species])
>>
>> This makes sure $species is escaped preventing sql injection.
>>
>>
> Thanks! Security matters!
>
> Just to avoid some lost of time to others: a closing right parenthesis
> here...
>
> #set($results = $xwiki.searchDocuments($query, [$species])
>
> It must read...
>
> #set($results = $xwiki.searchDocuments($query, [$species]))
haha yup they get me all the time.
>
> What I get here with the #set directive above is, let's say, choco. But
> I do need '%choco%'. Please, how could I get this? I've tried a number
> of concatenation options, but I'm not able to get the right string.
>
> Thanks once again. Cheers,
>
#set($species = '%'
"$doc.getObject('Species.SpeciesClass').getProperty('GalicianName').getValue()"
+ '%')
^- that should work.
if not try this:
#set($species =
"%${doc.getObject('Species.SpeciesClass').getProperty('GalicianName').getValue()}%")
Hint about velocity, "this" gets interpreted as syntax, then pasted as a string
'this' is just non
parsed content.
Caleb
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
