| ID | Name | Address 1 | Address 2 | City | State | Zip Code | Credit Limit | Discount Code |
|---|---|---|---|---|---|---|---|---|
| 1 | Jumbo Eagle Corp | 111 E. Las Olivas Blvd | Suite 51 | Fort Lauderdale | FL | 95117 | 100000 | N |
| 863 | Big Network Systems | 456 444th Street | Suite 45 | Redwood City | CA | 94401 | 25000 | N |
| 722 | Big Car Parts | 52963 Notouter Dr | Suite 35 | Detroit | MI | 48124 | 50000 | N |
This example demonstrates an inline SQL Query being used to render a table.
An JSONObject is created to pull data from page parameters with blank string
defaults for the case where a parameter was not passed. The JSONObject
is then bound to the query, overriding the default of pulling values from
the JSP scopes. (i.e. page, request, session, application)
Values are encoded using the
${virge:html(value)}
function to prevent HTML injection.
<%@taglib uri="convirgance:web" prefix="virge" %>
<virge:object var="binding">
<virge:key name="zipcode" value="${param.zipcode}" default="" />
<virge:key name="state" value="${param.state}" default="" />
<virge:key name="discountCode" value="${param.discountCode}" default="" />
</virge:object>
<virge:query var="customers" jndi="jdbc/sample" binding="${binding}">
select * from APP.CUSTOMER
where (:zipcode = '' or ZIP = :zipcode)
and (:state = '' or STATE = :state)
and (:discountCode = '' or DISCOUNT_CODE = :discountCode)
<//virge:query>
<virge:iterate var="customer" items="${customers}">
<tr>
<td>${virge:html(customer.CUSTOMER_ID)}</td>
<td>${virge:html(customer.NAME)}</td>
<td>${virge:html(customer.ADDRESSLINE1)}</td>
<td>${virge:html(customer.ADDRESSLINE2)}</td>
<td>${virge:html(customer.CITY)}</td>
<td><a href="?state=${virge:html(customer.STATE)}">${virge:html(customer.STATE)}</a></td>
<td><a href="?zipcode=${virge:html(customer.ZIP)}">${virge:html(customer.ZIP)}</a></td>
<td>${virge:html(customer.CREDIT_LIMIT)}</td>
<td><a href="?discountCode=${virge:html(customer.DISCOUNT_CODE)}">${virge:html(customer.DISCOUNT_CODE)}</a></td>
</tr>
</virge:iterate>