On Apr 11, 2:39 pm, Johann Spies <johann.sp...@gmail.com> wrote:
> With the help of firebug I determined that the problem was the link.
>
> I have changed the Controller to export the following:
>
> link=A('Download as csv',_href=URL(r=request,f='csv',args=query))
>
> And that resulted in a " Invalid request" error. The url was:
>
> http://localhost:8000/sadec/default/csv/LOWER%28sarua.author%29%20LIK...
>
> I want the csv-controller:
>
> db(request.vars.query).select(db.sarua.ALL,limitby=(0,250)).export_to_csv_file(s)
>
> to be expanded to
>
> db(db.sarua.author.lower().like('%'+' morkel' .lower()+'%')\
> .select(db.sarua.ALL,limitby=(0,250)).export_to_csv_file(s)
>
> Why the error?
Seriously? This looks like an SQL injection attack, so be happy that
web2py is not letting you "casually" do this.
You could find how to _make_ web2py allow this, but do not! Think
about what you want to do, then code up a controller which will make
sure the syntax passed is valid, and safe, and have the controller
build up the actual query.
Seriously.
- Yarko
>
> I use the same request.vars.query ot page to the next or previous pages.
>
> Regards.
>
> Johann
>
> Regards
> Johann
> --
> "Finally, brethren, whatsoever things are true, whatsoever things are
> honest, whatsoever things are just, whatsoever things are pure,
> whatsoever things are lovely, whatsoever things are of good report; if
> there be any virtue, and if there be any praise, think on these
> things." Philippians 4:8
