Sql types

headerlogo.jpg

 

Sql based query answer types are another powerful feature of FeedbackServer.

 

Using Sql based type you can expose and use existing data directly in your survey.

 

At this time the data will be exposed as a drop down list, you can choose if you want to have it mandatory or not. By default there aren't any out of the box Sql based answer types as these are related to your own database.

 

If you whish to create your own Sql type you will need to :

 

  1. Go to the form builder / answer type editor section.
  2. Click on create new type
  3. Give it a new name eg : Customer list
  4. Select Sql query as a datasource
  5. Enter your Sql query eg: select customerid, customername from tbcustomers. Only Sql "select" based queries are allowed.
  6. If it requires a selection check the "selection required" box.
  7. Create type.

 

You can now use this new answer type in any new or existing question.

 

Answer Piping

You can pipe answers from previous pages using the standard [[pipealias]]] tags directly in your Sql query, so in our previous example we could have for example a form that ask the user on the first page for his country and we could then retrieve through piping on the other pages the list of customers of the selected country.

 

e.g. : select customerid, customername from tbcustomer where country = [[countryalias]]

 

Its also possible to use other piping tags like :

##yourquerystringvariablename##

@@yoursessionvariablename@@

&&yourcookievariablename&&

%%servervariablename%%

 

Security considerations

 

In some scenarios allowing select queries against a database can be a security threat. By default all FeedbackServer administrator can create / change sql based type.

 

If you create a new user you will need to give him explicitly the rights to create sql based answer type, its strongly recommended that if you don't give sql based answer type right to also remove Xml import rights for the user as a user could change the Xml file and inject his own Sql code.

 

You can also disable the feature for all admin from the web.config by setting the SqlBasedAnswerTypesAllowed to false.

 

 

(c) 2011 Data Illusion Zumbrunn. All Rights Reserved