| ID | Name | Address 1 | Address 2 | City | State | Zip Code | Credit Limit | Discount Code |
|---|---|---|---|---|---|---|---|---|
| 36 | Bob Hosting Corp. | 65653 Lake Road | Suite 2323 | San Mateo | CA | 94401 | 65000 | H |
| 753 | Zed Motor Co | 2267 NE Michigan Ave | Building 21 | Dearborn | MI | 48128 | 5000000 | H |
This example demonstrates an inline SQL Query being used to render a table.
An JSONObject is created to pull data from page parameters with blank string
defaults for the case where a parameter was not passed. The JSONObject
is then bound to the query, overriding the default of pulling values from
the JSP scopes. (i.e. page, request, session, application)
Values are encoded using the
${virge:html(value)}
function to prevent HTML injection.
<%@taglib uri="convirgance:web" prefix="virge" %>
<virge:object var="binding">
<virge:key name="zipcode" value="${param.zipcode}" default="" />
<virge:key name="state" value="${param.state}" default="" />
<virge:key name="discountCode" value="${param.discountCode}" default="" />
</virge:object>
<virge:query var="customers" jndi="jdbc/sample" binding="${binding}">
select * from APP.CUSTOMER
where (:zipcode = '' or ZIP = :zipcode)
and (:state = '' or STATE = :state)
and (:discountCode = '' or DISCOUNT_CODE = :discountCode)
<//virge:query>
<virge:iterate var="customer" items="${customers}">
<tr>
<td>${virge:html(customer.CUSTOMER_ID)}</td>
<td>${virge:html(customer.NAME)}</td>
<td>${virge:html(customer.ADDRESSLINE1)}</td>
<td>${virge:html(customer.ADDRESSLINE2)}</td>
<td>${virge:html(customer.CITY)}</td>
<td><a href="?state=${virge:html(customer.STATE)}">${virge:html(customer.STATE)}</a></td>
<td><a href="?zipcode=${virge:html(customer.ZIP)}">${virge:html(customer.ZIP)}</a></td>
<td>${virge:html(customer.CREDIT_LIMIT)}</td>
<td><a href="?discountCode=${virge:html(customer.DISCOUNT_CODE)}">${virge:html(customer.DISCOUNT_CODE)}</a></td>
</tr>
</virge:iterate>