XSS in htmldb Reports
I put together a simple report and a form using the wizard.
http://htmldb.oracle.com/pls/otn/f?p=42110:3:1507372630223102303::NO:::
Then I got this really evil idea and entered <script>alert('aa')</script> in the text field and saved. When I hit create, it took me back to the report - I saw the alert box. Not good.
I have added more regions to look at various report display modes. Looks like the only safe mode in a report is "Display as text - does not save state". Why isn't it the default? The default is standard report column.
I wonder how one can use the other report field formats without risk of XSS when data displayed is data captured in a form in the application.
Sriram - Please read the section on XSS in the Users Guide. The display type for report columns is something developers should carefully choose based on the vulnerability of the data. I agree that we should make "Display as text (escape special characters, does not save state)" the default and perhaps you'll see that in a future release. It is not the only safe type for reports, however, and not appropriate if the data contains tags that you want the browser to interpret or when the data has already been escaped, e.g., on input. The remaining nine display types are safe.
Scott
Similar Messages
-
How to print from HTMLDB Report
Hello
How to print a report developped in HTMLDB report page ?Hello Patrick
Thank you for the suggestion.
Is there any idea to tailore the MSExcel pattern so
that it does not permit final user to change the
report content.Have you looked into using FOP to create PDFs?
Here are a couple URLs:
tech note
http://www.oracle.com/technology/pub/notes/technote_htmldb_fop.html
installation thread
FOP installation
Earl -
Displaying images in a HTMLDB Report
I have a procedure(pdt_image_display) that accepts a imageid and returns a blob content and mime_type value in the select into clause.
The procedure is called through a SQL Report using the following image src tag
SELECT <col1>,
'<img src="#OWNER#.pdt_image_display?p_image_id=' || nvl(<imageidcolumn>,0) || '" height="50" width="50" />' img
from <Image Table >
The report when run couldnt display the images..
Can anyone help me to display an image in a htmldb report
Thankyou
Message was edited by:
user523354I have done this many times. Eventually you miss the right syntax or you didn't grant execute to your procedure to public. Here is one of my examples you may use to compare with yours:
SELECT NULL download, related_documents, subject,
|| get_category_type (category_type)
|| category_type,
|| get_subcategory_type (subcategory_type)
|| subcategory_type,
get_subcategory_description (subcategory_type) description,
'<im g src="#OWNER#.marketing_image_display?p_image_id='
|| NVL (ID, 0)
|| '" height="'
|| NVL (display_height, 100)
|| '" width="'
|| NVL (display_width, 70)
|| '" />' img,
SUBSTR (get_subcategory_type (subcategory_type), -1, 1) series_type,
sort_flag
FROM marketing_images
WHERE NVL (TO_CHAR (category_type), '%') LIKE
CASE
WHEN TO_CHAR (:p4_category_type) = '-1'
THEN '%'
ELSE :p4_category_type
END
AND NVL (TO_CHAR (subcategory_type), '%') LIKE
CASE
WHEN TO_CHAR (:p4_subcategory_type) = '-1'
THEN '%'
ELSE :p4_subcategory_type
END
AND LANGUAGE = :p0_choose_your_language</br>
Denes Kubicek -
Oracle HTMLDB report output in PDF format using FOP
Hi,
We are currently using Oracle HTMLDB1.6.I am trying to implement the HTMLDB report output in PDF format.I got at document but it is not clear.Could you please let use know wheether anybody has already used in their organization.
Appreciate your response.
Regards
MuraiHey Murai,
did you read the technote:
http://www.oracle.com/technology/pub/notes/technote_htmldb_fop.html
There is anything explained!
greets,
tim -
Parameter passing issue for HTMLDB report page
Hi,
I have created a HTMLDB report based on SQL query in which the where clause column needs to takeup dynamic value each time.
So I have defined a hidden item on the page PUSERID of Source type "Static Assigment".
And this variable is used in SQL as
Select Name
from employees
where employeeid = :PUSERID
Now when i try to run this report and pass the parameter thru the URL by edititng the URL to have parameter value as
http://localhost:33492/pls/htmldb/f?p=104:8:8320056215249064505:::::PUSERID:CPRASAD
This shows the page with no data found...though when i run the query manually it returns the result.
Select Name
from employees
where employeeid = 'CPRASAD'
Plz let me know the correct procedure to make this work?
Thanks
AJThanks Serigo..it works!
But why we need to remove the colon?Was it symbolizing that there was no parameter passed initially on URL and later when I was expecting one which was acting as two parametes in case of my url example(one parameter as nothing and another ad PUSERID) -
Htmldb report column templates
Hello,
htmldb version: 2.1.0.00.05
I have read all of the threads regarding the requirement of being able to conditionally format a column's background color based on the value of the data.
I can successfully get my entire report to have a red background when I use column templete expression 1=1. However, when I try to use something like #STATUS#='Green', I get error messages after running that report saying something like Yellow = 'Green', Yellow must be declared. I even tried using a plsql block that returns TRUE. Still no luck.
My report region is generated based on a dynamic sql query. I tried embedding the appropriate html tags in this query, but it seems htmdb is ignoring this html ?
Any help on this is greatly appreciated.
Thanks,
SamirSee
http://htmldb.oracle.com/pls/otn/f?p=11933:7 -
From Regions > Report Attributes I set the Enable CSV option to yes - Link Label (i.e export), but the link does not appear. Any hints/appreciated.
thanks for youe help.Hi,
See if this Denes blog post help
http://deneskubicek.blogspot.com/2007/03/csv-export-problem.html
Regards,
Jari -
Report Total Wrapping/Missing Data in CSV FIle
PROBLEM:
We have an application were the totals in the report region will wrap when the total is negative and formatted with a negative sign preceding the number (e.g. -43,567.99). The wrapping results in users being confused to wether or not a value is negative or positive. We want all non-numeric columns to wrap so that the user does not have to scroll horizontally.
SOLUTIONS TRIED
1. Set the CCS Style attribute of a column to white-space:nowrap.
The value of CCS Style is inserted into span tags associated with a column value which in turn elliminates the wrapping in the detailed area of the report. However, I have no found a way to insert this type of span tag to the Total of a report region.
2. Modifying the format mask to present negative numbers in brackets (e.g. <43,567.99>).
This solves the wrapping issue . . . however results in a problem when outputting the report to a CSV file. When outputting to a CSV file the negative number that have been formatted using bracket are not included in the output. I believe that it interprets them as html tags <> and therefore eliminates them from the output.
3. Create duplicate amount columns in the report and apply a number format that places a negative sign in front of negative numbers and make this column display conditionally for CSV output only Then change the original column format mask to use brackets. Although this will work it seem a bit clunky, results in unnecessary pull of excess data and will require a lot of re-work/re-testing of our system.
REQUEST
Does anyone have any ideas on how I might either:
1. Add white-space:nowrap to the totals of the report region
2. Overcome the exclusion of negative numbers containing brackets from the CSV output.
3. HAve another approach to resolving this wrapping issue.
Thanks,
DavidAccording to this article http://www.cs.tut.fi/~jkorpela/html/nobr.html this is a known wrapping issue with Internet Explorer. Wrapping will occure when the following characters exists -()[]{}«»%°·\/!?. The author of the article suggest that the only way around this issue is too place -a or use white-space:nowrap in a [td] or [tr] tag.
This would suugest that I need to find a way to add html to the total column in the htmldb report . . . which I don't believe I can do . . . Does anyone know of a way to insert html into these total columns similiar to how we can be done using the CCS Style or HTML Expression attributes.
Thanks,
David. -
Developer Security with HTMLDB (Application Express)
Hi folks. I would appreciate any help I could get with this problem - it's a fairly serious one and I'm hoping for some feedback.
We are using HTMLDB 2.0 and are using Oracle Applications. We have a rogue developer who has a bit of a control problem - he likes to run UPDATE, DELETE, and INSERT statements against our production database. However, he does develop HTMLDB reports for us and does a good job with that. Is there any way we can limit his developer account in HTMLDB so that he can't run these kinds of queries in the SQL Editor in HTMLDB?
Any suggestions on how we can limit what kinds of queries he runs?
Thanks so much!
SteveAre queries run in the SQL Editor logged?
SQL> desc flows_020000.wwv_flow_sw_sql_cmds
Name Null? Type
ID NOT NULL NUMBER
COMMAND CLOB
PARSED_SCHEMA VARCHAR2(30)
CREATED_BY VARCHAR2(255)
CREATED_ON DATE
SECURITY_GROUP_ID NOT NULL NUMBERThe security_group_id maps to the workspace.
To get the security group id for your workspace, run
select provisioning_company_id,short_name
from flows_020000.wwv_flow_companies
where provisioning_company_id>10;Then you can keep an eye for
select * from flows_020000.wwv_flow_sw_sql_cmds
where security_group_id=<that long number>
and lower(command) like '%update%' -
How can we generate the reports in html or text file formats?
Hi,
Is there any package that can help in creating HTMLDB reports in .txt files or .html files? (Similar to TEXT_IO in Oracle Forms)
How can we generate the reports in html or text file formats from HTMLDB?
Thanks in Advance
RenjithHello all.
Bi Publisher is great, but has a very high price tag. It's even more expensive than Forms & Reports Services. We are considering APEX to replace Forms & Reports on the web, but the reporting limitations are still a problem.
I wonder if there is another option.
Thanks -
Causing a Report page to be opened in Excel or MS Word
Hello Every body
I want to redirect an HTMLDB Report page to an excel spread sheet or MS Word
in read only mode and with an order to directly send content to printer.
Can any body tell me how to procede ?
thanks in advance
sidatyI'm not sure if something like this might help...
Using SQL/XML you can build a view that is compliant with the Excel 2K3 Spreadsheet ML XML Schema. You can then folder the rows in the view as documents in the XML DB repository. When you open one of these documents in Excel Excel will treat it as worksheet.
The missing piece here would be can you embed an macro in excel that will force the document to print when it's opened...
set define off
set echo on
create or replace view DEPARTMENT_WORKBOOK_XML of xmltype
with object id
substr
extractValue
object_value,
'/Workbook/Worksheet/Table/Row[@ss:Index="2"]/Cell[@ss:Index="8"]/Data/text()',
'xmlns="urn:schemas-microsoft-com:office:spreadsheet"
xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet"'
1,32
as
select xmlroot
xmlconcat
xmlPI(NAME "mso-application",'progid="Excel.Sheet"'),
xmlElement
"Workbook",
xmlAttributes
'urn:schemas-microsoft-com:office:spreadsheet' as "xmlns",
'urn:schemas-microsoft-com:office:office' as "xmlns:o",
'urn:schemas-microsoft-com:office:excel' as "xmlns:x",
'urn:schemas-microsoft-com:office:spreadsheet' as "xmlns:ss",
'http://www.w3.org/TR/REC-html40' as "xmlns:html"
xmlElement
"DocumentProperties",
xmlAttributes('urn:schemas-microsoft-com:office:office' as "xmlns"),
xmlForest
USER as "Author",
USER as "LastAuthor",
'2002-10-11T15:47:35Z' as "Created",
'Oracle Corporation' as "Company",
'11.5703' as "Version"
xmlElement
"OfficeDocumentSettings",
xmlAttributes('urn:schemas-microsoft-com:office:office' as "xmlns"),
xmlElement("DownloadComponents"),
xmlElement
"LocationOfComponents",
xmlAttributes('file://' as "HRef")
xmlElement
"ExcelWorkbook",
xmlAttributes('urn:schemas-microsoft-com:office:excel' as "xmlns"),
xmlForest
'8835' as "WindowHeight",
'14220' as "WindowWidth",
'480' as "WindowTopX",
'60' as "WindowTopY",
'False' as "ProtectStructure",
'False' as "ProtectWindows"
xmlElement("HideHorizontalScrollBar")
xdburiType('/home/SCOTT/Workbooks/Styles.xml').getXML(),
xmlElement
"Worksheet",
xmlAttributes(d.DEPARTMENT_NAME as "ss:Name"),
xmlElement
"Table",
xmlAttributes
'11' as "ss:ExpandedColumnCount",
( select '' || 14 + count(*) || '' from HR.EMPLOYEES e where e.DEPARTMENT_ID = d.DEPARTMENT_ID) as "ss:ExpandedRowCount",
'1' as "x:FullColumns",
'1' as "x:FullRows"
xmlElement("Column",xmlAttributes('25' as "ss:Width")),
xmlElement("Column",xmlAttributes('75' as "ss:Width")),
xmlElement("Column",xmlAttributes('60' as "ss:Width", '1' as "ss:Span")),
xmlElement("Column",xmlAttributes('5' as "ss:Index", '75' as "ss:Width")),
xmlElement("Column",xmlAttributes('100' as "ss:Width", '1' as "ss:Span")),
xmlElement("Column",xmlAttributes('8' as "ss:Index", '100' as "ss:Width")),
xmlElement("Column",xmlAttributes('60' as "ss:Width")),
xmlElement("Column",xmlAttributes('60' as "ss:Width")),
xmlElement("Column",xmlAttributes('75' as "ss:Width")),
xmlElement
"Row",
xmlAttributes('2' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('2' as "ss:Index", '3' as "ss:MergeAcross", '2' as "ss:MergeDown",'DepartmentName' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Department : ' || DEPARTMENT_NAME )
xmlElement
"Cell",
xmlAttributes('7' as "ss:Index", 'Caption' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'ID :' )
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), d.DEPARTMENT_ID )
xmlElement
"Row",
xmlAttributes('4' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('7' as "ss:Index", 'Caption' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Location :' )
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), STREET_ADDRESS )
xmlElement
"Row",
xmlAttributes('5' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), CITY )
xmlElement
"Row",
xmlAttributes('6' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), STATE_PROVINCE )
xmlElement
"Row",
xmlAttributes('7' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), POSTAL_CODE )
xmlElement
"Row",
xmlAttributes('8' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), COUNTRY_NAME )
xmlElement
"Row",
xmlAttributes('10' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('7' as "ss:Index", 'Caption' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Manager :' )
xmlElement
"Cell",
xmlAttributes('8' as "ss:Index", 'Bold' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), m.FIRST_NAME || ' ' || m.LAST_NAME )
xmlElement
"Row",
xmlAttributes('12' as "ss:Index"),
xmlElement
"Cell",
xmlAttributes('2' as "ss:Index", 'BoldRight' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Employee ID')
xmlElement("Cell", xmlAttributes('BoldLeft' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'First Name')),
xmlElement("Cell", xmlAttributes('BoldLeft' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Last Name')),
xmlElement("Cell", xmlAttributes('BoldLeft' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Email Address' )),
xmlElement("Cell", xmlAttributes('BoldCentered' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Phone Number' )),
xmlElement("Cell", xmlAttributes('BoldRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Hire Date')),
xmlElement("Cell", xmlAttributes('BoldRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Job Title')),
xmlElement("Cell", xmlAttributes('BoldRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Salary')),
xmlElement("Cell", xmlAttributes('BoldRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), 'Commission'))
xmlElement
"Row",
xmlElement("Cell",xmlAttributes('2' as "ss:Index", 'BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID"))
( select xmlAgg
xmlElement
"Row",
xmlElement
"Cell",
xmlAttributes('2' as "ss:Index", 'BodyDefault' as "ss:StyleID"),
xmlElement("Data", xmlAttributes('Number' as "ss:Type"), e.EMPLOYEE_ID)
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), e.FIRST_NAME)),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), e.LAST_NAME)),
xmlElement("Cell", xmlAttributes('BodyDefault' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), e.EMAIL )),
xmlElement("Cell", xmlAttributes('BodyRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), e.PHONE_NUMBER )),
xmlElement("Cell", xmlAttributes('HireDate' as "ss:StyleID"), xmlElement("Data", xmlAttributes('DateTime' as "ss:Type"), to_char(to_char(e.HIRE_DATE,'YYYY-MM-DD"T00:00:00.000"')))),
xmlElement("Cell", xmlAttributes('BodyRight' as "ss:StyleID"), xmlElement("Data", xmlAttributes('String' as "ss:Type"), j.JOB_TITLE)),
xmlElement("Cell", xmlAttributes('Currency' as "ss:StyleID"), xmlElement("Data", xmlAttributes('Number' as "ss:Type"), e.SALARY)),
xmlElement("Cell", xmlAttributes('Percent' as "ss:StyleID"), xmlElement("Data", xmlAttributes('Number' as "ss:Type"), e.COMMISSION_PCT))
from HR.EMPLOYEES e, HR.JOBS j
where e.DEPARTMENT_ID = d.DEPARTMENT_ID
and e.JOB_ID = j.JOB_ID
xmlElement
"Row",
xmlElement("Cell", xmlAttributes('2' as "ss:Index", 'TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID")),
xmlElement("Cell", xmlAttributes
'SalaryTotal' as "ss:StyleID",
'SUM(R[-' || ( select '' || count(*) || '' from HR.EMPLOYEES e where e.DEPARTMENT_ID = d.DEPARTMENT_ID) || ']C:R[-1]C)' as "ss:Formula")
xmlElement("Cell", xmlAttributes('TableBottom' as "ss:StyleID"))
xmlElement
"WorksheetOptions",
xmlAttributes('urn:schemas-microsoft-com:office:excel' as "xmlns"),
xmlElement
"Print",
xmlElement("ValidPrintInfo"),
xmlElement("HorizontalResolution",96),
xmlElement("VerticalResolution",96),
xmlElement("NumberOfCopies",0)
xmlElement("DoNotDisplayGridlines"),
xmlElement("Selected"),
xmlElement
"Panes",
xmlElement
"Pane",
xmlElement("Number",1),
xmlElement("ActiveRow",1),
xmlElement("ActiveCol",1)
xmlElement("ProectedObjects",'False'),
xmlElement("ProectedSecenarios",'False')
),VERSION '1.0'
from HR.DEPARTMENTS d, HR.LOCATIONS l, HR.COUNTRIES c, HR.EMPLOYEES m
where d.LOCATION_ID = l.LOCATION_ID
and l.COUNTRY_ID = c.COUNTRY_ID
and d.MANAGER_ID = m.EMPLOYEE_ID
show errors
create or replace trigger DEPARTMENT_WORKBOOK_DML
instead of INSERT or UPDATE or DELETE on DEPARTMENT_WORKBOOK_XML
begin
null;
end;
show errors
pause
declare
targetPath varchar2(1024) := '/home/SCOTT/Workbooks';
xmlText CLOB :=
'<Styles xmlns="urn:schemas-microsoft-com:office:spreadsheet" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:x="urn:schemas-microsoft-com:office:excel">
<Style ss:ID="Default" ss:Name="Normal">
<Alignment ss:Vertical="Bottom" ss:Horizantal="Left"/>
<Borders/>
<Font/>
<Interior ss:Color="#FFFFFF" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="Caption">
<Font x:Family="Swiss" ss:Bold="1" ss:Italic="1"/>
</Style>
<Style ss:ID="Bold">
<Font x:Family="Swiss" ss:Bold="1"/>
</Style>
<Style ss:ID="BodyDefault">
<Alignment ss:Vertical="Bottom" ss:Horizantal="Left"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="TableBottom">
<Alignment ss:Vertical="Bottom" ss:Horizantal="Left"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Bottom" ss:LineStyle="Double" ss:Weight="3"/>
</Borders>
<Font/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="SalaryTotal">
<Alignment ss:Vertical="Bottom" ss:Horizantal="Left"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Bottom" ss:LineStyle="Double" ss:Weight="3"/>
</Borders>
<Font/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat ss:Format="_("$"* #,##0.00_);_("$"* \(#,##0.00\);_("$"* "-"??_);_(@_)"/>
<Protection/>
</Style>
<Style ss:ID="HeadDefault">
<Alignment ss:Vertical="Bottom" ss:Horizantal="Left"/>
<Borders/>
<Font/>
<Interior ss:Color="#00CCFF" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="HireDate">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Right"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat ss:Format="[ENG][$-409]mmmm\ d\,\ yyyy;@"/>
<Protection/>
</Style>
<Style ss:ID="DepartmentName">
<Alignment ss:Vertical="Center" ss:Horizontal="Left"/>
<Borders>
<Border ss:Position="Bottom" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Left" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Right" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Top" ss:LineStyle="Double" ss:Weight="3"/>
</Borders>
<Font x:Family="Swiss" ss:Bold="1" ss:Size="18"/>
<Interior ss:Color="#FFCC00" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BoldCentered">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Center"/>
<Borders>
<Border ss:Position="Top" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Bottom" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font ss:Color="#FFFFFF" x:Family="Swiss" ss:Bold="1"/>
<Interior ss:Color="#0000FF" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BoldLeft">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Left"/>
<Borders>
<Border ss:Position="Top" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Bottom" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font ss:Color="#FFFFFF" x:Family="Swiss" ss:Bold="1"/>
<Interior ss:Color="#0000FF" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BoldRight">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Right"/>
<Borders>
<Border ss:Position="Top" ss:LineStyle="Double" ss:Weight="3"/>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Bottom" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font ss:Color="#FFFFFF" x:Family="Swiss" ss:Bold="1"/>
<Interior ss:Color="#0000FF" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BodyCentered">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Center"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font x:Family="Swiss"/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BodyLeft">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Left"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font x:Family="Swiss"/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="BodyRight">
<Alignment ss:Vertical="Bottom" ss:Horizontal="Right"/>
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Font x:Family="Swiss"/>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat/>
<Protection/>
</Style>
<Style ss:ID="Currency" ss:Name="Currency">
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat ss:Format="_("$"* #,##0.00_);_("$"* \(#,##0.00\);_("$"* "-"??_);_(@_)"/>
</Style>
<Style ss:ID="Percent" ss:Name="Percent">
<Borders>
<Border ss:Position="Left" ss:LineStyle="Continuous" ss:Weight="1"/>
<Border ss:Position="Right" ss:LineStyle="Continuous" ss:Weight="1"/>
</Borders>
<Interior ss:Color="#C0C0C0" ss:Pattern="Solid"/>
<NumberFormat ss:Format="0%"/>
</Style>
</Styles>';
res boolean;
begin
if (not dbms_xdb.existsResource(targetPath)) then
res := dbms_xdb.createFolder(targetPath);
end if;
targetPath := targetPath || '/' || 'Styles.xml';
if dbms_xdb.existsResource(targetPath) then
dbms_xdb.deleteResource(targetPath);
end if;
res := dbms_xdb.createResource(targetPath,xmlText);
end;
commit
pause
declare
cursor getDepartments is
select ref(d) XMLREF,
substr
extractValue
object_value,
'/Workbook/Worksheet[1]/@ss:Name',
'xmlns="urn:schemas-microsoft-com:office:spreadsheet"
xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet"'
1,32
) NAME
from DEPARTMENT_WORKBOOK_XML d;
res boolean;
targetFolder varchar2(1024) := '/home/SCOTT/Workbooks/Departments';
begin
if dbms_xdb.existsResource(targetFolder) then
dbms_xdb.deleteResource(targetFolder,dbms_xdb.DELETE_RECURSIVE);
end if;
res := dbms_xdb.createFolder(targetFolder);
for dept in getDepartments loop
res := DBMS_XDB.createResource(targetFolder || '/' || dept.NAME || '.xml', dept.XMLREF);
end loop;
end;
commit
pause
quitThe above example assumes user SCOTT (yeah I know !), and that user SCOTT has access to the HR schema and write access to an xdb repository folder called /home/SCOTT. It will create a document for each DEPARTMENT containing the employees for that department. -
Number of rows returned for a report
I want to create reports on serveral tables, the number of rows in these tables varies a lot (5, 5000, and the other one can have 10000+ rows).
In the Reports Attributes page, is there a way to set the max number of rows return to the number of rows of the table? For example, for a table that has 10000 rows now, may grow to 20000 rows in the near future. If I specify the "Max Row Count" to 20000, the number may be outgrown yet again soon. If I can specify "Max Row Count" to "Current number of rows in the table" then this problem will not happen. Can it be done?that "Max Row Count" attribute is used to limit the number of rows returned by a htmldb report region. in your case it sounds as if you want to show all available rows all the time. in that case you'd be fine to just put a very large number into that field like 4million. that way you'd always show all your rows.
hope this helps,
raj -
Use report to display html data
Hi
I have multiple rows of text in a clob field that contains html tags. I want to display this data in html format in my htmldb application. Can I use an htmldb report to do this or am I better off using an item?
Thanksbump...
has anyone a solution to this?
I have a form that allows users to add raw HTML code. Now I want to display the formatted version in a report but the tags show in the report instead...any suggestions?
regards
Paul P -
Hi,
I'd be interested in ideas for producing a matrix-style report (similar to that possible with Oracle Discoverer or Pivot Tables in spreadsheets). Example below. I've tried dynamic SQL (report based on function returning a SQL query) but this quickly gets very complex.
Are API's available (similar to the form item api's) for laying out HTMLDB sytle report headings and rows directly ?
Matrix Example
Imagine you have sales data by product and date e.g.
Product Date Sales
A 2003 100
A 2004 75
B 2003 50
I would like to display a matrix report similar to
Sales 2003 2004 ...
A 100 75
B 50 ...
...htmldb currently installs with a package called wwv_flow_rewrite_query. it's not technically supported, but it's really solid code ...and i think it does pretty much what you're hoping to do (pivot sql query). if you look in your $OHS_HOME/marvel directory you should see a file there called wwv_flow_rewrite_query.sql. fortunately that package isn't wrapped. better yet, it's loaded down with documentation. i'd take a look there to see about your report. if you have questions on the concepts (not the package), the author can be found discussing the topic at...
http://asktom.oracle.com/pls/ask/f?p=4950:8:::NO::F4950_P8_DISPLAYID,F4950_P8_CRITERIA:766825833740,
...but basically, you'd us the package to rewrite your query, returning wwv_flow_rewrite_query.as_pivot to the htmldb reporting engine in your Function Returning SQL Query region.
...hope this helps,
raj -
HTML Display without Report Templates
Hi all
I am saving html page (with all data and formats) in a table. On next step I will query this table and will display this column and will disply it on the region. But I dont want to use HTMLDB report templates. Because I want to control the formatting (like color change, background color, fonts). Is there some way to gain control on this ?
Here is my homework. While creating the region, I tried PL/SQL and Reports. Is there some option where I can override everything with my html implementation (which is coming from the table). I tried HTML, but there you cant query the table.
Any help will be highly appreciated.
prashant bhandariHello,
You can't you will have to adjust your xslt to deal with the CDATA sections.
Carl
Maybe you are looking for
-
ADF 11.1.1.5 - Oracle Dynamic UI Template - Listener
Hi All, I am facing a strange issue while implementing Oracle Dynamic UI Template. I have implemented a context Listener to store few data in application scope. Correspondingly i have made the entry of the Listener in Web.xml. I am getting the follow
-
Should I backup my hard drive before I do a disk repair in disk utility?
I want to do a disk repair but I don't have an external hard drive to backup information on, so I'm wondering if I can just not back it up and do the disk repair? Does it kill information? How does disk repair even work? Is it a defragger?
-
Instructions on how to create a value table in Marketing Attributes.
Hello All, As i understood from one of the thread , Value Table in Marketing attributes is for search help, pls let me know how to define value table in SE11 with search help object. Thanks & Regards praneeth C
-
If I set the language on the main Adobe.com page to something other than English, the forum language also changes. I recently set it to French to look for a French helpx article, and some of the French forum content is displayed as garbage: The red-
-
What is the largest "manageable" size for a captivate project? (I think I've passed it)
Problem: It used to take perhaps 5 minutes for the Captivate software to open and the project to actually load. Now, Captivate loads (menu screen) but the project does not open - it just sits there. When I close the software it asks if I want to save