Wiki source code of Datenbank-Abfrage
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
9.1 | 1 | {{figure image="db_statement_en.png" width="400" clear="h1"}} |
| 2 | User interface for actions of type //Database query//. | ||
 |
1.1 | 3 | {{/figure}} |
| 4 | |||
| |
9.1 | 5 | Actions of type //Database query// allows to execute a SQL query. For this purpose, a connection must have been previously created in Database Administration. Placeholders can be used within the query, for example to insert form data into the query. So-called prepared statements are generated, so that SQL injection is not possible. |
| |
1.1 | 6 | |
| |
9.1 | 7 | == Parameters == |
| |
1.1 | 8 | |
| |
9.1 | 9 | === Database query details === |
| |
1.1 | 10 | |
| |
9.1 | 11 | ; Use configured DB query? |
| 12 | : If this option is selected, a DB query preconfigured in the backend can be selected. Additionally, details about the query will be displayed. | ||
| 13 | ; Connection | ||
| 14 | : Database connection, which was preconfigured in the administration. | ||
| 15 | ; SQL statement | ||
| 16 | : Text field for the SQL statement. | ||
| |
6.1 | 17 | |
| |
9.1 | 18 | == Action variables == |
| |
6.3 | 19 | |
| |
9.1 | 20 | Actions of type //Database query// provide [[Action variables>>Formcycle.UserInterface.Variables||anchor="HActionvariables"]] which can be used in subsequent actions. |
| |
6.3 | 21 | |
| |
9.1 | 22 | === Standard action variables === |
| |
6.3 | 23 | |
| |
9.1 | 24 | ; [%$<action name>.SUCCESS%] |
| 25 | : Return whether action was successfully executed. Returns Boolean (true/false). | ||
| 26 | ; [%$<action name>.RESULT%] | ||
| 27 | : Return all results provided by the action in structured form. | ||
| |
6.3 | 28 | |
| |
9.1 | 29 | ; [%$<action name>.ERROR_CODE%] |
| 30 | : The error code thrown in case of an error in the action. Empty if no error occurred. | ||
| 31 | ; [%$<action name>.ERROR_MESSAGE%] | ||
| 32 | : The thrown error message in the action's error case. Empty if no error occurred. | ||
| |
6.3 | 33 | |
| |
9.1 | 34 | === Action specific action variables === |
| |
6.3 | 35 | |
| |
9.1 | 36 | ; [%$<action name>.RESULT.rows[i]['key']%] |
| 37 | : A JSON array containing the results of the SQL statement. Each entry in the JSON array is a JSON object, where the key corresponds to the database column name. The index i starts with 0. | ||
| 38 | ; [%$<action name>.RESULT.updateCount%] | ||
| 39 | : For an update statement: the number of affected rows in the database. Otherwise, the value is always 0. | ||
| |
7.2 | 40 | |
| |
9.1 | 41 | == Note == |
| |
1.1 | 42 | |
| |
9.1 | 43 | The entered statement is executed as //Prepared-Statement//, so that no so-called //SQL-Injection// is possible. Therefore do not use quotation marks. |
| |
1.1 | 44 | |
| |
9.1 | 45 | (% style="color:#38761d" %)**Correct** |
| |
1.1 | 46 | |
| 47 | {{code language="sql"}} | ||
| |
9.1 | 48 | INSERT INTO test_table (firstname, lastname) values ([%tffirstname%], [%tfname%]) |
| |
1.1 | 49 | {{/code}} |
| 50 | |||
| |
9.1 | 51 | (% style="color:#cc0000" %)**False**. |
| |
1.1 | 52 | |
| 53 | {{code language="sql"}} | ||
| |
9.1 | 54 | INSERT INTO test_table (firstname, lastname) values ('[%tffirstname%]', '[%tfname%]') |
| |
1.1 | 55 | {{/code}} |