Textpattern CMS support forum

You are not logged in. Register | Login | Help

#41 2008-06-11 10:51:02

Sheru
Member
From: Kathmandu, Nepal
Registered: 2007-05-09
Posts: 96

Re: smd_query: Talk to the database directly via SQL

Dear Stef, Thank you so much for your answers to solve my problem.

I used the code as you have suggested..

<txp:smd_if field="urlvar:criteria" operator="isused">
 <txp:asy_wondertag>
  <txp:smd_query query="<txp:smd_var_get name="files_query" />"
        form="show_results" wraptag="table" break="tr"
        label="Search results" labeltag="h3" />
 </txp:asy_wondertag>
<txp:else />
  // Display the page content and search box here so visitors can try again 
// Added here the content here
<form action="../downloads" method="get">
<tr><td>Search<td /><td><input type="text" name="criteria" value="criteria" /><td /><td><input type="submit" name="Search" value="Search" /><td /><tr />
</form>
</txp:smd_if>

While adding above code and using asy_wraptag in single tag produced blank screen. But as I added in </txp:smd_if debgu=“1”>, this time, everything( content + searchbox ) displayed with errors which is below

" form="show_results" wraptag="table" break="tr" label="Search results" labeltag="h3" />

Could not figure out.

Thank you for your great help and precious time.
Sheru

Offline

#42 2008-06-11 11:06:52

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,683
Website

Re: smd_query: Talk to the database directly via SQL

Sheru wrote:

While adding above code and using asy_wraptag in single tag produced blank screen. But as I added in </txp:smd_if debgu=“1”>, this time, everything( content + searchbox ) displayed with errors

That’s a shame, it sounds like asy_wondertag cannot handle the smd_query or smd_var_get call and is not very happy :-(

I’m not sure what to suggest now. Maybe this use of smd_vars will really only be of use in TXP 4.0.7 when the new tag parser is available. I will have to test it anyway soon so I will report if I find anything in the meantime.

I could really do with somebody letting me know what core functions I should be using to minimise the risk of SQL injection; then I could offer you the ability to plug the values directly into smd_query without smd_vars at all. If I get a chance later I might experiment some more with that but I’m working on a video today so I don’t have much time spare, sorry.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#43 2008-06-13 03:31:04

Sheru
Member
From: Kathmandu, Nepal
Registered: 2007-05-09
Posts: 96

Re: smd_query: Talk to the database directly via SQL

Warm Greetings! Dear Stef thank so much for your answers to my query. Sorry, I did’t reply quickly, I was on leave yesterday.
I love to learn something and have learnt many things with you.

Hope smd_query plugin will have ability to search values using urlvars without smd_vars. Let me know smd_query plugin status in coming days.

I will have to test it anyway soon so I will report if I find anything in the meantime.

I want to hear from you about this.

Thank you Stef for your generous help. You are great.
Will be in touch with you.
Sheru

Offline

#44 2008-06-14 15:42:49

redbot
Plugin Author
Registered: 2006-02-14
Posts: 1,410

Re: smd_query: Talk to the database directly via SQL

Hi Bloke,
I seem to have a problem with this plugin (I hope I’m not missing something obvious here)
If I use this code:

<txp:smd_query 
	column="Title"
    table="textpattern"
    where="section='my_section' AND custom_1='?custom_1'"
    form="my_form"  />

I have no output.
According to the plugin help (if I’ve not misunderstood) it shoud output a list of titles belonging to section “my_section” and having the same “custom_1” value of the currently displayed article.
I found the culprit is the “custom_1=’?custom_1’” part, if I omit it, it works.
It works also if I use:

custom_1='a_specific_value'

I have tried using the query attribute and the result is the same.
Any advice would be appreciated.
Thanks

P.S. the third example in the plugin help refers to “custom3” instead of “custom_3”. Maybe there is an error

Last edited by redbot (2008-06-14 15:45:52)

Offline

#45 2008-06-14 16:52:11

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,683
Website

Re: smd_query: Talk to the database directly via SQL

redbot wrote:

I have no output.

My guess (and it is a guess) is that you have to supply the name of your 1st custom field in the ? attribute. i.e. if you’ve defined custom_1 as product_description in the admin prefs you’d need:

"custom_1='?product_description'"

[ for anyone not familiar with the intricacies of the textpattern table, it has 10 columns named custom_1 thru custom_10 and these are what you use when referring to them on the left-hand-side of queries. But the ? notation is specific to my plugins and grabs values from the custom fields after they have been read from the database and put on the page. At that point, they have been associated with the names you defined and should thus be referenced by that name ]

It’s a curious hybrid of syntaxes and, yes, it’s confusing (sorry) but doing it this way enables automatic support for glz_custom_fields and consistency (rightly or wrongly!) among the smd_ plugins. Plus it’s easier for me to code :-)

So, in answer to your question about the plugin help, it’s not an intentional mistake but it could be clearer so thank you for pointing that out. I’ll adjust it in the next version.

Last edited by Bloke (2008-06-14 16:54:41)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#46 2008-06-14 17:03:32

redbot
Plugin Author
Registered: 2006-02-14
Posts: 1,410

Re: smd_query: Talk to the database directly via SQL

Thanks Bloke it works!!

Offline

#47 2008-06-16 12:59:55

merz1
Member
From: Hamburg
Registered: 2006-05-04
Posts: 994
Website

Re: smd_query: Talk to the database directly via SQL

Stef: Just to get the syntax clear (I am not yet using smd_query)

"custom_1='?individual custom field name'"
"custom_1='custom_1'"

Both possible?


Get all online mentions of Textpattern via OPML subscription: TXP Info Sources: Textpattern RSS feeds as dynamic OPML

Offline

#48 2008-06-16 14:23:58

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,683
Website

Re: smd_query: Talk to the database directly via SQL

merz1 wrote:

"custom_1='?individual custom field name'"

In theory yes. Spaces are allowed in custom field names so that should resolve properly. Can’t remember if I tested it but I think I did.

"custom_1='custom_1'"

Yes, if you have not renamed custom_1 from its default.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#49 2008-06-18 19:31:39

jpdupont
Member
From: Virton (BE)
Registered: 2004-10-01
Posts: 752
Website

Re: smd_query: Talk to the database directly via SQL

Hi,

I want to put some php code in the form.

My simplified form:

<txp:php>
echo "<h2>{Title}</h2>";
$test="{Body_html}";
</txp:php>

My query :

<txp:smd_query query="SELECT * FROM `mydb`.`txp_textpattern` WHERE `txp_textpattern`.`Section` != 'accueil' ORDER BY Posted DESC" form="affiche_article_news" />

When we have some html tags in {Body_html}, we get this error :

Parse error: syntax error, unexpected T_STRING in /home/www/ee1d834bc4a24e2803fc7f7db26ab389/web/textpattern/publish/taghandlers.php(2804) : eval()'d code on line ...

No problem, when I do $test=”{Body}”; or when Body_html have no html tag.

Any idea?

Offline

#50 2008-06-18 19:52:04

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,683
Website

Re: smd_query: Talk to the database directly via SQL

jpdupont wrote:

When we have some html tags in {Body_html}, we get this error [snip] No problem, when I do $test=”{Body}”; or when Body_html have no html tag.

It’s probably because I call html_entity_decode() which makes the parser cry, or it’ll be some random encoding issue like that.

Would you do me a favour please and add debug="1" or debug="2" (for more verbose output) to your smd_query. If you get any useful info out, please post some of it here (or email me if it’s a lot) and I’ll see if I can work out what I’m not doing that I should be doing! Thanks.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

Board footer

Powered by FluxBB