I prefer to translate the <option> values within the application to
assure that only valid SQL is submitted.
Be careful you are not permitting a SQL injection attack.
On Nov 2, 2006, at 11:28 AM, Quinn Mclaughlin wrote:
Hi all,
Here's an interesting one for a serious Witango head... I noticed
the search builder allows an <@arg> to set the Operator used in the
search query. (see pic which should appear inline, but may be
attached)
______________________________________________________________________
__
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
<pastedGraphic.png>
Also interesting is how the argument is set:
<pastedGraphic.png>
seems like we have some secret code words working as operators as
SQL queries are built.
Anyway, what I was trying to do is avoid building custom DBMS
actions for queries with a "NOT IN" operator. What I want to run
is a NOT IN operator:
<pastedGraphic.png>
It seems the "NOT IN" is translated to a simple "=" sign in the
generated SQL. I also tried setting a variable with that value in
that space, just in case the item had to be evaluated for some
reason - doesn't work either.
Anyone know if there is a way to get that operator over into the
SQL statement? Seems like there would be, or should be a way...
Quinn McLaughlin
Bill
William M. Conlon, P.E., Ph.D.
To the Point
345 California Avenue Suite 2
Palo Alto, CA 94306
vox: 650.327.2175 (direct)
fax: 650.329.8335
mobile: 650.906.9929
e-mail: mailto:[EMAIL PROTECTED]
web: http://www.tothept.com
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
