[TYPO3-english] fluid/extbase: Securityquestion - example autocomplete

Hauke Hain newgrp at googlemail.com
Fri Mar 16 08:37:39 CET 2012


Hi there,

I just had a look at the sourcecode of the AutocompleteViewHelper

The example is the following:
  * <code title="Render lib object">
  * <input type="text" id="name" />
  * <f:widget.autocomplete for="name" objects="{posts}" 
searchProperty="author">
  * </code>
  * <output>
  * <input type="text" id="name" />
  * // the input field and the required JavaScript for the Ajax 
communication (see 
Resources/Private/Templates/ViewHelpers/Widget/Autocomplete/Index.html
  * </output>

The controller:
public function autocompleteAction($term) {
[...]
   $query->like($searchProperty, '%' . $term . '%', FALSE)


Will the searchterm be directly in a SQL statement later? Do I have to 
use some sort of ViewHelper to make the user input save for the application?

Regards
Hauke


More information about the TYPO3-english mailing list