Hitachi Vantara Pentaho Community Forums
Results 1 to 3 of 3

Thread: Modify Input prior to SQL execution

  1. #1
    Join Date
    Mar 2009
    Posts
    5

    Default Modify Input prior to SQL execution

    I have a sql statement with a WHERE clause that looks like this: WHERE orderType in ({PREPARE:newOrderType})

    Prior to this action I have a javascript action that will set the values of newOrderType. newOrderType is a string.

    The problem I'm having is if I want the where clause to look like WHERE orderType in ('I', 'C') I am not sure how I need to assign those values in the javascript code. If I say
    newOrderType = 'I';
    that works fine, but newOrderType = "'I','C'"; does not work.

    How do I assign multiple values to the string so that the sql statement recognizes it correctly within the IN list?

    Thanks.

  2. #2
    Join Date
    Oct 2007
    Posts
    235

    Default

    If your going to mess around with your input in the javascript you can make sure that your users are not passing you garbage and then just use {VarName} rather than {PREPARE:VarName} this will not add the quotes around it and so should allow you to put your in clause as 'x', 'y', 'z'

    However the usual warnings about passing un-validated user input to your database apply when not using PREPARE. (http://xkcd.com/327/)

    Good luck

    Wil
    SQL: as much of a standard as the English language

  3. #3
    Join Date
    Mar 2009
    Posts
    5

    Default

    That works. I am also able to mess with the multiselect values in the preExecution function of the component.

    The thing that seems strange though if nothing is selected (user ctrl-clicks the only selected value so that it looks like nothing is selected) it still shows that one value is selected.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.