Table of Contents
Warning | ||
---|---|---|
| ||
When using Hash Variable that uses URL parameter or user-inputted value in the SQL query, ensure that these hash variable(s) are escaped in the query! Make use of hash variable escape keywords, see Hash Variable - Escaping the Resultant Hash Variable. Example of VULNERABLE query:
To fix this, use ?sql hash variable escape:
|
Introduction
English |
---|
JDBC Datalist Action allows you to perform SQL queries on one (a row action) or more records (a bulk action) in your datalist. You can specify which database to perform the SQL function, either the current Joget database (default datasource) or a custom datasource (external database). JDBC Datalist Action can be used to delete records or perform an update on one or more records based on user selection in the datalist checkboxes. |
JDBC Datalist Action Properties
Configure JDBC Datalist Action
...
...
Datalist button label.
Figure 1 : JDBC Action Menu
Figure 2 : JDBC Datalist Action
Properties
Name | Description | ||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Label | Datalist button label. | ||||||||||||||||||||||||||||||||||||||||||||
Confirmation Message | Confirmation message before performing action, for example "Are you sure?". | ||||||||||||||||||||||||||||||||||||||||||||
Datasource | Target database to execute SQL statements on. Choices:-
| ||||||||||||||||||||||||||||||||||||||||||||
Custom JDBC Driver | Custom JDBC Driver. This field is required when Custom Datasource is selected in Datasource above JDBC driver name. Example values: com
Only applicable to "Custom Datasource" option. | ||||||||||||||||||||||||||||||||||||||||||||
Custom JDBC URL | Custom JDBC URL. This field is required when Custom Datasource is selected in Datasource above Database connection URL. Example: jdbc:mysql://localhost:3306/jwdb ?characterEncoding=UTF8&useSSL=false | Custom JDBC UsernameOnly applicable to "Custom Datasource" option. | |||||||||||||||||||||||||||||||||||||||||||
Custom JDBC Username | Database username. Example: root Only applicable to "Custom Datasource" option . This field is required when Custom Datasource is selected in Datasource above. | ||||||||||||||||||||||||||||||||||||||||||||
Custom JDBC Password | Specified database user's password. Only applicable to "Custom Datasource" option Custom JDBC Password. This field is required when Custom Datasource is selected in Datasource above.
| ||||||||||||||||||||||||||||||||||||||||||||
Query |
Insert your SQL statement here. Use syntax like {id} in query to inject the selected row key. Use {uuid} to generate a unique id (or primary key). Examples:
|
...
Download Demo
...
App
APP_datalist_using_jdbc_dx_kb.jwa
height
150