| ID | Name | Address 1 | Address 2 | City | State | Zip Code | Credit Limit | Discount Code |
|---|---|---|---|---|---|---|---|---|
| 25 | Wren Computers | 8989 Red Albatross Drive | Suite 9897 | Houston | TX | 85638 | 25000 | M |
This example demonstrates an inline SQL Query being used to render a table.
An JSONObject is created to pull data from page parameters with blank string
defaults for the case where a parameter was not passed. The JSONObject
is then bound to the query, overriding the default of pulling values from
the JSP scopes. (i.e. page, request, session, application)
Values are encoded using the
${virge:html(value)}
function to prevent HTML injection.
<%@taglib uri="convirgance:web" prefix="virge" %>
<virge:object var="binding">
<virge:key name="zipcode" value="${param.zipcode}" default="" />
<virge:key name="state" value="${param.state}" default="" />
<virge:key name="discountCode" value="${param.discountCode}" default="" />
</virge:object>
<virge:query var="customers" jndi="jdbc/sample" binding="${binding}">
select * from APP.CUSTOMER
where (:zipcode = '' or ZIP = :zipcode)
and (:state = '' or STATE = :state)
and (:discountCode = '' or DISCOUNT_CODE = :discountCode)
<//virge:query>
<virge:iterate var="customer" items="${customers}">
<tr>
<td>${virge:html(customer.CUSTOMER_ID)}</td>
<td>${virge:html(customer.NAME)}</td>
<td>${virge:html(customer.ADDRESSLINE1)}</td>
<td>${virge:html(customer.ADDRESSLINE2)}</td>
<td>${virge:html(customer.CITY)}</td>
<td><a href="?state=${virge:html(customer.STATE)}">${virge:html(customer.STATE)}</a></td>
<td><a href="?zipcode=${virge:html(customer.ZIP)}">${virge:html(customer.ZIP)}</a></td>
<td>${virge:html(customer.CREDIT_LIMIT)}</td>
<td><a href="?discountCode=${virge:html(customer.DISCOUNT_CODE)}">${virge:html(customer.DISCOUNT_CODE)}</a></td>
</tr>
</virge:iterate>