The <fmtcp SANDBLAST> call allows us to do search and replace on multiple variables automatically, much the same way that <fmtcp nbsp;query> does for query mark up.

Let's say we're selecting columns from a table, and we want to print them in comma-separated format for export to some other program, say a spreadsheet. To be robust, we need to check and escape sensitive characters like double-quote in our data. We can use SANDBLAST to do this quickly:

  <A NAME=printtbl>
    <$search = "\x22"     "\x0d?\x0a">
    <$replace= "\x22\x22" " ">
    <fmtcp SANDBLAST NOESC $search $replace>
    <SQL ROW "select a, b, c, x, y, z from mytbl">
      <sb>
        "$a","$b","$c","$x","$y","$z"
      </sb>
    </SQL>
  </A>

We have a list of two things to search and replace:

• Replace double-quote with two double-quotes
• Replace newlines with space so a row isn't truncated

We pass these lists to <fmtcp SANDBLAST> , which like <fmtcp nbsp;QUERY> just prepares for the search, it doesn't start yet.

In our <SQL> loop, we select six columns from mytbl . We simply print them in CSV format, inside a <sb> </sb> block. Like <mm> , <sb> turns on in-line search and replace - our CSV cleanup happens automatically without a <sandr> call for every variable. And as with <mm> , non-variable text is unaffected - our in-line quotes are not replaced, we want them as-is.

The NOESC flag says to not HTML-escape the variables as would normally happen - we're printing plain text.

Note that unlike <sandr> , no characters in the replace strings are special. This allows easy replace strings, without the need for escapement of backslash, etc.; SANDBLAST is meant for quick, bulk replacement of many variables.

(SANDBLAST was added July 8 1998, in version 2.1.899870000.)