You are here

Klotin SqlLabel

Klotin SqlLabelAbout The Module

SqlLabel is a DotNetNuke module that allows inserting results of an Sql Query into the html text.

Admin, or module Editor, can define a piece of Html text with specially formatted tags inside and then define several Sql Queries that would produce the values which will be used at runtime in place of tags.

The module gives freedom to the editor. Any data that can be retrieved using the default DNN connection string can be output into the label. It also lets editor put any custom Html as the Label contents, including styles, JavaScript and other Html tags and objects.

All Sql queries and the label itself are capable of handling a set of predefined parameters as well as query string, page form, cache, session, cookies and server variables.

The module gives you freedom, but it comes along with responsibility. Protect yourself, be careful with the way you use the module.

How To Use

1. Add the module to the page. It will appear absolutely empty with no default text.

2. Use the module menu to select Edit Sql Label Settings

3. Define the label. As said, it can contain any html markup as well as predefined, query string, page form, session, cookies, server variables and sql parameters.

Klotin SqlLabel Settings

Parameters are defined in a form of $(name).

4. Define the Sql Parameters using the Add Parameter button.

Klotin SqlLabel Settings

For each parameter you must define:

  • Name which is used inside the Label
  • Format, that allows to control the way the value is out put using the .Net string.Format method
  • HtmlEncode will encode the value to prevent the XSS injection
  • Sql query itself, which can also take predefined, query string,page form, session, cache, cookies and server variables. However unlike in the label, here all string parameters are always enclosed in single quotes and single quotes inside them are replaced with two single quotes, to prevent Sql Injection

 

You can also use the following parameters inside Sql:

  • $(tabId) - current Tab ID
  • $(tabModuleId) - current Tab Module ID
  • $(moduleId) - current Module ID
  • $(userId) - current User ID
  • $(parameter) - Cache, Session, Query String or Form parameter, Cookie value or Server Variable - the string values have single quote symbol escaped and are wrapped into single quotes

Once done, you can click Validate to validate the Sql. ExecuteScalar is used to retrieve the value, so it should return just one row/column. If more than that is returned, it will display first value in the first row.

If you are using inserts/updates/deletes in your query, you should set NOCOUNT on in the beginning of the query

5. Cache - you can elect to cache the label for a certain amount of time. This way Sql queries will not be executed every time the page containing the module is requested, speeding up the load time.

6. Once done - click Save Settings and you would be able to see the label output.

Klotin SqlLabel example

 

Version History

Version Date DNN Notes
01.00.05 5/6/2012 5.x,6.x
  • Increased label length to more than 2000 chars
  • TabId, moduleId, tabModuleId and userId are inserted as integers into Sql scripts, without quotes around them
  • Removed unneeded css links
01.00.04 4/5/2012 5.x,6.x
  • Added support for Cache, Session, Server variables, and Cookies
01.00.03 3/24/2012 5.x,6.x
  • Initial public release

 

Licensing

The module is licensed per production DNN instance. Clustered DNN configuration is considered a single instance. Publicly accessible DNN is considered a production.

Download

You can purchase and download the module from the DotNetNuke store.

 

Related

The module is a part of the Klotin Sql DNN Productivity Kit. The other modules in the set are:

If you have any comments or suggestions, you can either email me or use a form below.

Social Buttons: 

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Get Updates

RSS Twitter

Subscribe by Email:

Recent Comments

Who's online

There are currently 0 users online.