OK
items = [DIV(A(pacient.nombre,
_href="res%s"%j,
_onclick="copyToBox(jQuery('#res%s').html
()"%j),_id="resultLiveSearch") \
for (j,patience) in enumerate(pacientes)]
return TAG[''](*items)
On Jan 20, 11:11 am, Mandriluy <msr...@gmail.com> wrote:
> Sorry to reply again, i correct some mistakes i found and now is
> working :-) thing is.. with that method you make a hole div with the
> items.. what i need is a div per item . [div]item[/div]
>
> On 20 ene, 14:45, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > I rearranged your code to make is a little shorter, faster and
> > eliminate XSS vulnerability:
>
> > def ajaxlivesearch():
> > resultadoParcial = request.vars.values()[0]
> > array = resultadoParcial.split()
> > query = reduce(lambda a,b:a&b, [db.Paciente.like('%'+a+'%')
> > for a in array])
> > pacientes = db(query).select(db.Paciente.nombre,limitby=(0,7))
> > j = 0
> > items = [A(pacient.nombre,
> > _href="res%s"%j,
> > _onclick="copyToBox(jQuery('#res%s').html
> > ()"%j) \
> > for (j,patience) in enumerate(pacientes)]
> > return DIV(_id="resultLiveSearch",*items)
>
> > You code was not working probably because the you were returning a
> > list, instead of one of a dict() or string. If you return an iterable
> > (like a list) web2py thinks you want to do streaming.
>
> > Moreover every time you find yourself manipulating string to build
> > HTML like in '<div...' some is wrong. You are putting yourself at risk
> > of XSS vulnerabilities or just does not work because web2py escaped it
> > by default: '%ltg;div...'.
>
> > Let us know if this fixes your problem.
>
> > On Jan 20, 9:57 am, Mandriluy <msr...@gmail.com> wrote:
>
> > > Hey guys, im new to Web2Py AND python ... my goal was to learn python
> > > while i move a site i did in php to web2py and im almost finishing :D
>
> > > Im stuck a bit with ajax and partial queries , im going to detail a
> > > bit what i mean about partial queries.
>
> > > I have a field in the DB that has multiple text (yeah thats not
> > > relational definition) ... imagine i have a field called Name where i
> > > store the full name of a person. First Name , Second Name, Surname ,
> > > Second Surname, etc..
>
> > > What i want is to live search with ajax that DB field so if i write
> > > the first name it matches and second name also, and so on.
>
> > > What i did for that an array splitted by spaces and then what i need
> > > is a way i can use AND with LIKE ... the way i saw in the
> > > documentation (db.Table.name.like('%array[0]%''))&(db.Table.name.like
> > > ('%array[1]%'')) is not working for me.. im using ajax the same way i
> > > use it for PHP not using the ajax html file is providen.. im using my
> > > own files.
>
> > > I have to say its working without the AND so it works for the first
> > > name pretty well :-) . I will share my code commented because i write
> > > some part in spanish.
>
> > > def ajaxlivesearch():
> > > resultadoParcial = request.vars.values()[0] #I store the partial
> > > result the user is typing on the textbox
> > > array_resultadoParcial = resultadoParcial.split(' ') # i split
> > > with
> > > spaces and store in a list / array
>
> > > #so if the user type his first name.. the array has 1 item or
> > > none and this works like a charm
> > > if len(array_resultadoParcial) <= 1:
> > > query =
> > > db.Paciente.nombre.like('%'+array_resultadoParcial[0]+'%')
> > > else: #if the array has more items i will iterate it but i
> > > need to
> > > use the AND to "join" every iteration
> > > for index in range(0,len(array_resultadoParcial)-1):
> > > query = query &
> > > db().Paciente.nombre.like('%'+array_resultadoParcial
> > > [index]+'%')
>
> > > pacientes = db(query).select(db.Paciente.nombre,limitby=(0,7))
> > > j = 0
> > > retorno = []
> > > for paciente in pacientes: #i iterate into the query result object
> > > and return a list of data
> > > retorno.append('<div id="resultLiveSearch"><a href="#"
> > > id="res'+str
> > > (j)+'" onclick="copyToBox(document.getElementById(\'res'+str(j)
> > > +'\').innerHTML)">'+paciente.nombre+'</a></div>')
> > > j+=1
> > > return retorno
>
> > > Thanks in advanced :-)
>
>
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web...@googlegroups.com.
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
