Hi > You can use a replaceable parameter in the FILTER clause if all you ... This introduces the hazard of SQL-Injection, doesn't it?
Bye Benedikt Rothe [email protected] schrieb am 24.01.2009 14:04:42: > On Sat, Jan 24, 2009 at 3:18 AM, Saka Royban <[email protected]> wrote: > > Hi all > > I'm looking for a way to change SQL dynamically via URL parameters. it > > sounds from doc that changing DATA element in map file is impossible. Is > > there any other way? > > You can use a replaceable parameter in the FILTER clause if all you > want to do is alter the WHERE clause. So for example: > FILTER "%criteria%" > and > criteria=id='value' > would work with a database like Postgres. > > When working with a database you put the whole SQL WHERE clause in the > FILTER, whereas with shapefiles or ORG data sources you use the > FILTERITEM and FILTER. > > -- > Richard Greenwood > [email protected] > www.greenwoodmap.com > _______________________________________________ > mapserver-users mailing list > [email protected] > http://lists.osgeo.org/mailman/listinfo/mapserver-users
_______________________________________________ mapserver-users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/mapserver-users
