view tests/cookieJsec.ur @ 2238:7f92d70a326e

Only use string (rather than numeric, etc.) primitives in parsed SQL statements.
author Ziv Scully <ziv@mit.edu>
date Mon, 06 Jul 2015 01:31:04 -0700
parents 796e42c93c48
children
line wrap: on
line source
table t : {Id : int}

cookie c : int

fun setter r =
    setCookie c (readError r.Id);
    return <xml>Done</xml>

fun writer () =
    ido <- getCookie c;
    case ido of
        None => error <xml>No cookie</xml>
      | Some id => dml (INSERT INTO t (Id) VALUES ({[id]}))

fun preWriter () = return <xml><body onload={onConnectFail (alert "RPC error")}>
  <button onclick={writer ()} value="Write to database"/>

  <a link={main ()}>Back</a>
</body></xml>

and main () = return <xml><body>
  <form>
    <textbox{#Id}/> <submit value="Get cookie" action={setter}/>
  </form>

  <form><submit action={preWriter} value="Prepare to write to database"/></form>
</body></xml>