GET APEX: Why can using HTML as part of SQL queries for Interactive Report be dangerous? / Sudo Null IT News FREE
Why ass using Hypertext markup language as part of SQL queries for Interactive Report be on the hook? Deal the screenshots! Inattentive enjoyment of HTML can top to problems that are not provable at the start glance:
Problem 1: From the point of view of a business substance abuser, the filtered lines exercise not contain the Word of God "default" (this word is restrained inside the HTML tag)
Problem 2: When filtering by status instead of text that is clear to the user he gets an HTML manifestation that looks like gibberish to him.
Export also looks frightening.
What is the best way to fix everything?
First, pay back attention to the separation of the business logic level and the presentation tier. In that location should atomic number 4 nothing in the business logic bed related to the display of information, especially HTML.
First, take a consider the original interrogation in Interactive Report.
The v_cost_report see returns the status column as HTML. Exploitation HTML in views is bad drill, Eastern Samoa it makes it catchy to further use the view in other views and PL / SQL procedures, specially when trying to fetch or link to other tables using this column.
For the correct division of system of logic into layers, it is necessary to take the expression that returns HTML to the Apex level.
Before | After |
Apex belongs to the presentation level, so there are zero such self-denying restrictions at this level. HTML in SQL queries can be used to a limited extent, however, IT is best to avoid the direct use of such HTML returning columns in Interactive Reports. These columns should be secret, and the results returned by them should not be shown like a shot, but using the "HTML Expression" property in some other columns.
This means that we need 2 columns instead of one, the foremost for HTML and the second for textbook description.
In our example, the "Status" column returns a total (ID) that identifies the corresponding status. We use LOV (list of values) to show the text edition verbal description instead of ID, which will be used for search, filtering and export.
Another column, "STAT_IMAGE", will be used for the simulacrum corresponding to each condition.
We can simply use DECODE operating room Casing in SQL to select the desired see, but it is more correct to use a static number (Static LOV), especially with a blown-up likely count of values. Using a convenient two-dimensional list editor (Grid Edit), their creation and editing is greatly simplified.
Some other advantage when using inactive lists is the ability to use the Subscribe function, which is an option for inheritance and makes it uncomplicated to synchronize changes between web applications.
In our example, the unmoving list STATUS_IMAGES consists of 4 elements.
To use the list of values, we add the function call APEX_ITEM.TEXT_FROM_LOV to the SQL query .
Now we need to laid the necessary properties of the "STAT_IMAGE" column.
First you need to alter the Display Eccentric property of the tower to Hidden. Thus, that column volition not be displayed or exported. Search by the value of this column is now also taboo.
Now let's work the "Position" column.
This column should be displayed. In order to display a text description rather of a status code, change the Display Type of the column to Display as Text (based on LOV, escape special characters) .
The list of STATUS_DESCRIPTION values contains the following statuses:
Now the column shows text descriptions of statuses, but instead we need pictures. We use the wonderful functionality of HTML Expression, which appeared in Apex 4.1. We can usance the templet #TITLE_NAME # to exhibit the values of both the current and other columns in the HTML expression.
Hither in the example, we use HTML Locution to display the value of another column, "STAT_IMAGE" , in a editorial . An extra title tag is needed to display a tooltip with a description of the status.
Pure HTML and # COLUMN # syntax looks and reads much better than when used inside SQL, in addition, there is no need for additional quotes escaping.
HTML Verbalism is only when used to output text and HTML to the browser. For search, filtering in drop-down lists, the freehanded column values are used .
Exportation is also performed aright.
Bottom line: the make up intention of WEB-applications, separation between layers and the correct use of Solar apex's functionality allows you to improve the life of the developer and avoid many hidden potential errors when searching, exporting, filtering, etc. Do everything the right way straightaway, and it bequeath bet towards you ....
DOWNLOAD HERE
GET APEX: Why can using HTML as part of SQL queries for Interactive Report be dangerous? / Sudo Null IT News FREE
Posted by: burrowswituabled.blogspot.com
0 Response to "GET APEX: Why can using HTML as part of SQL queries for Interactive Report be dangerous? / Sudo Null IT News FREE"
Post a Comment