For more information... RTFM!
NAVIGATION
PAGES THAT LINK HERE
ACCOUNT LOGIN

You are not logged in

Powered by Interchange version 5.7.0

TableRestrict

Restrict results from SQL-based searches to rows satisfying a given criteria.

Synopsis

TableRestrict  table  column_name=session_value

You can set restrictions for multiple tables at once by using the Perl-style "here document" syntax, as follows:

TableRestrict  <<EOT
    table1  column_name=session_value
    table2  column_name=session_value
EOT

Scope

This directive is only available for use in the local (catalog.cfg) configuration file.  It will not affect any other website in any way.  This directive will not work in the global (interchange.cfg) configuration file. 

Description

This directive can be used to emulate views in SQL-based searches.  Text file searches are not influenced by this directive at all.

The parameter takes the form of "column_name=session_value, where "column_name" is a column in the table being iterated over, and "session_value" is a key in the $Session hashref (i.e. [data session ...]).

Examples

Never allow anyone to see products that don't "belong" to their username

TableRestrict  products  owner=username

The above would prevent the table search from returning any rows except those where the "owner" column contains the current value of $Session->{username}.

On-the-fly restrictions using embedded Perl

This directive is probably most usefully set by embedded Perl code in certain situations.  For example: 

[calcn]
    $Config->{TableRestrict}->{products} = 'owner=username';
    return;
[/calcn]

When using SQL-based databases, search queries are effectively transformed as follows:

SELECT * FROM products
SELECT * FROM products WHERE owner = '$Session->{username}'

On-the-fly configuration changes only last for the duration of the current page.

Category:  Local config directives
Last modified by: Kevin Walsh
Modification date: Thursday 12 July 2007 at 9:30 AM (EDT)
Home  |  Legal nonsense  |  Privacy policy  |  Donations  |  Contact us