get the parameter for the query from the URL

[enigma]

In the PHP version this was really easy, we just added the parameter like this:

Code: Select all

http://localhost/stimulsoft/index.php?stimulsoft_client_key=ViewerFx&stimulsoft_report_key=Report.mrt&Param1=10

and then we used it in the report (query) using SELECT * FROM table1 WHERE id='{Param1}'

How can we achieve this in the JS version?

Right now I have this:

Code: Select all

http://localhost/stimulsoftjs/viewer.php?ses1234rfsdfgsdfg&rid=1

where ses parameter is checked in the viewer.php file, but rid parameter needs to be used in the query inside report. How can that be achieved?

And 2nd question: I've read that there is a new version of Reports.PHP, is this still based on Flash? Or is now JS fully implemented there?

[Vladimir]

Hello,

You can assign parameters to the report as follows:

Code: Select all

function getUrlVars() {
    var vars = {};
    var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi,
        function (m, key, value) {
            vars[key] = value;
    });
    return vars;
}

var vars = getUrlVars();
report.dictionary.variables.list.forEach(function(item, i, arr) {
    if (typeof vars[item.name] != "undefined") item.valueObject = vars[item.name];
});

viewer.report = report;

Also, you can optionally add code to validate the values of variables in accordance with your requirements.

Thank you.

[enigma]

Hello, I tried this but I think I am missing something...

This is my viewer.php script:

Code: Select all

<script type="text/javascript">
		var options = new Stimulsoft.Viewer.StiViewerOptions();
		options.appearance.fullScreenMode = true;
		options.toolbar.showSendEmailButton = false;
	
		var viewer = new Stimulsoft.Viewer.StiViewer(options, "StiViewer", false);
		
		viewer.onBeginProcessData = function (event, callback) {
			<?php StiHelper::createHandler(); ?>
		}
		/*
		viewer.onEndExportReport = function (event) {
			//event.preventDefault = true; // Prevent client default event handler (save the exported report as a file)
			<?php StiHelper::createHandler(); ?>
		}
		viewer.onEmailReport = function (event) {
			<?php StiHelper::createHandler(); ?>
		}
		*/
		var report = new Stimulsoft.Report.StiReport();
                report.loadFile("reports/re.mrt");
		function getUrlVars() {
			var vars = {};
			var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi,
				function (m, key, value) {
					vars[key] = value;
			});
			return vars;
		}

		var vars = getUrlVars();
		console.log(vars);
		report.dictionary.variables.list.forEach(function(item, i, arr) {
			if (typeof vars[item.name] != "undefined") item.valueObject = vars[item.name];
		});
		
		viewer.report = report;
		viewer.renderHtml("viewerContent");
	</script>

and then the query in the report is like this:

Code: Select all

SELECT r.*,
s1.uname AS creuser,
s2.uname AS moduser
FROM td_re r
LEFT JOIN sec_users s1 ON r.re_creuser=s1.login
LEFT JOIN sec_users s2 ON r.re_moduser=s2.login
WHERE r.id='{rid}'

and I 'm still not getting anything. What am I missing? Do I need to configure something special in the report?

[Vladimir]

Hello,

You need to create a variable with the name "rid", because currently as a parameter, you can only use report variables.

Thank you.

[enigma]

thank you, i tried it before, didn't work and now again and it worked, maybe it was a cache. Can you tell me one more thing, do I need to check the passed parameters before I pass them to dictionary? Because parameters I pass will be used in the query I want to know is it save from SQL Injection (is this already proved somewhere in the Stimulsoft code or do I need to check it by myself)?

[HighAley]

Hello.

We will add protection from SQL Injection.
If you are using a string parameter, all apostrophes are escaped there.
If you use parameters of other types all values are converted to this type.
So you will not have problems with SQL injection if you use string parameters in this way:

Code: Select all

SELECT * FROM table WHERE name = '{parameter}'

This feature will be available in our next build this week.

Thank you.

[enigma]

thank you for great support

[HighAley]

Hello.

We are always glad to help you.
Let us know if you need our help.

Thank you.

[suyonob]

Please let me know where should/how to add rid variabel into this :

SELECT ALL
<script type="text/javascript">
var options = new Stimulsoft.Viewer.StiViewerOptions();
options.appearance.fullScreenMode = true;
options.toolbar.showSendEmailButton = false;

var viewer = new Stimulsoft.Viewer.StiViewer(options, "StiViewer", false);

viewer.onBeginProcessData = function (event, callback) {
<?php StiHelper::createHandler(); ?>
}
/*
viewer.onEndExportReport = function (event) {
//event.preventDefault = true; // Prevent client default event handler (save the exported report as a file)
<?php StiHelper::createHandler(); ?>
}
viewer.onEmailReport = function (event) {
<?php StiHelper::createHandler(); ?>
}
*/
var report = new Stimulsoft.Report.StiReport();
report.loadFile("reports/re.mrt");
function getUrlVars() {
var vars = {};
var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi,
function (m, key, value) {
vars[key] = value;
});
return vars;
}

var vars = getUrlVars();
console.log(vars);
report.dictionary.variables.list.forEach(function(item, i, arr) {
if (typeof vars[item.name] != "undefined") item.valueObject = vars[item.name];
});

viewer.report = report;
viewer.renderHtml("viewerContent");
</script>

[suyonob]

thank you for pointer.
i have success to get variable in urls.
it was clear.

suyono