InfiniteNow Posted April 4, 2008 Report Posted April 4, 2008 I've got a report function in our local training system, where we enter the manager ID of a group, then the course code. This will pull who in that managers group has completed that course code and who has not. I'm trying to find a way to replace putting a (or multiple) specific course code (or codes) with a "begins with" logic that will pull all course codes beginning with a certain term. However, I've messed around a bit with wildcards (like * and %), but either the wildcards don't work, or my syntax is wrong. An example of an actual report url for a specific manager and a specific course is as follows: http: //OurTrainingSite/reports/mgr_drill_multi.php?mgrid=IDgoesHere&QS_crse_codes=ExactCourseCode What I want is a way to do something similar, but with "QS_crse_codes" begins with "CodePrefix." Any ideas of syntax to try? If I can't get it to work this way, I'll just ask our DEV team to create a new report type with this logic, but my hope is that I can leverage existing functionality without the need for a production change request. My skills are limited, and this may not even be possible, but I figured it could not hurt to ask. Any and all ideas are welcome. Cheers. :hihi: Quote
InfiniteNow Posted April 5, 2008 Author Report Posted April 5, 2008 Ah... bugger. Prolly not gonna be able to do unless it's arlready programmed in or I get access to the code itself. Quote
Tormod Posted April 5, 2008 Report Posted April 5, 2008 Wouldn't this be done on SQL level with something like $coursecode = $_GET['QS_crse_codes']; SELECT bla blaFROM blablaWHERE tblQS_crse_codes LIKE "$coursecode%"; Quote
alexander Posted April 7, 2008 Report Posted April 7, 2008 no, T, i think that is what he is trying to avoid doing. Infy, it's all in how the search function is implemented, if it's looking for an exact value, and the code is written appropriately, then no matter what you try to do, you will not be able to search for a wild string. As T said, it's in the sql statement, if it says "like" then any search is going to be wild stringed, but if it says = then you can use speciffic wild string symbols. The problem is that a good developer will put a decent checking system in place to prevent people from making arbitraty strings for use with SQL injection, so all of the special database symbols will be replaced or backslashed, so you can't do the magic sql injection deed... i would suggest getting the code and implementing it in there, in some sort of way (would depend on what is currently being done) Quote
InfiniteNow Posted April 7, 2008 Author Report Posted April 7, 2008 Yeah, that's correct. We will need to leave the existing report as is. What I will have done is to create another report, very parallel to the existing, but with "begins with string" logic instead of "equals exact code" logic. Then, I can publish that new report on the same end user page as the existing report so both are available. Thanks again guys. I had a feeling that this was not something I could do with existing code, but you've definitely made me more comfortable that it won't be hard to make happen. Cheers. Quote
Tormod Posted April 7, 2008 Report Posted April 7, 2008 Ah, I see. Well! Something to wrap my brain around. B) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.