2

I'm trying to create an result page with structr 2.0.1.

enter image description here

Within these page I want to show the results of the user input. The string typed into my input field should be transferred via cypher query to my Neo4j-DB. 

Input = "admin" -> Cypher(Match (n) Where n.name = 'admin' Return n)

The return value will be used to instantiate a graph obj via an integer-id (that works totally fine and is no issue).

After hours of investigating unfortunately I'm not able to do it witch the built-in functionality. I tried a lot with the "Query & Data Binding", & "HTML-Properties"-Page and Java Script as well but I couldn't transfer the value from my html element to my cypher query function within my fronted.

[input field ("String")--> button fuction()--> cypher (Query) --> function input {graph.addNode(ID)}]

There must be a solution within structr to solve this problem without a direct ajax-call.

Maybe someone of you discovered the same problem or has a solution for this.

I would very appreciate some help in this case.

Thanks!

Maze

M4Z3
  • 27
  • 6

1 Answers1

2

the value of your request parameter is available in StructrScript, see https://support.structr.com/article/119 for more details on that.

In the scripting context, there is an object named request that you can access directly, which will contain any request parameter you send to Structr. So in your case, you can access the value of your input field (provided that you set the name to name) like this:

${request.name}

The following steps are needed to make that work:

  1. create <form method="POST" action="/${page.name}">
  2. insert <input type="text" name="name" value="${request.name}">
  3. insert <input type="submit" value="submit">

When you submit the form, the request parameter "name" will be available in the Structr context as described above.

To insert that value into a Cypher query, you have to construct the query around the request value, for example like that:

${cypher(concat('MATCH (n) WHERE n.name = "', request.name, '" RETURN n'))}

But be very careful with a setup like that, because the above code is vulnerable to a query injection attack (aka SQL injection, or rather CQL injection in this case).

Christian Morgner
  • 319
  • 1
  • 8