Of course! The dede:loop tag is a powerful and flexible tag in DedeCMS (织梦CMS) used to execute a custom SQL query and display the results. The "limit" in dede:loop refers to controlling how many records are retrieved from the database.
There are two primary ways to handle limits with dede:loop:
- The Built-in
rowAttribute: The simplest way to limit the number of results. - Using a Custom
LIMITClause in SQL: The most flexible way, allowing for more complex pagination or offsetting.
Using the row Attribute (Simple Limit)
This is the most common and straightforward method. The row attribute tells the dede:loop tag how many records to fetch from the result set of your SQL query.
Syntax
{dede:loop table='your_table_name' sort='' row='N' if=''}
<!-- Template content for each record -->
[field:your_field_name/]
{/dede:loop}
Key Attributes:
table: (Required) The name of the database table you are querying (e.g.,#@__archives,#@__arctype).row: (Optional) The number of records to retrieve. This is your limit. If omitted, it defaults to 10.sort: (Optional) The field to sort the results by (e.g.,id DESC,pubdate ASC).if: (Optional) A condition to filter the records, similar to aWHEREclause in SQL.
Example: Display the 5 Most Recently Updated Articles
Let's say you want to show the 5 most recently edited articles from the #@__archives table.
<h3>最新更新的5篇文章</h3>
<ul>
{dede:loop table='#@__archives' sort='uptime DESC' row='5'}
<li>
<a href="[field:arcurl/]">[field:title/]</a>
<span>更新时间: [field:uptime function="MyDate('Y-m-d H:i',@me)"/]</span>
</li>
{dede:loop}
</ul>
Explanation:
table='#@__archives': We are querying the articles table.sort='uptime DESC': We sort the articles by theuptime(update time) field in descending order (newest first).row='5': This is the crucial part. It tells DedeCMS to only fetch the top 5 records after sorting.
Using a LIMIT Clause in the SQL Query (Advanced & Flexible)
Sometimes, you need more control than just a simple number of rows. For example, you might want to skip the first few records (for pagination) or set a different limit. In this case, you can put the LIMIT clause directly into your sql attribute.
Syntax
{dede:loop sql='your_custom_sql_query' ''}
<!-- Template content for each record -->
[field:your_field_name/]
{/dede:loop}
Key Attributes:
sql: (Required) A complete custom SQL query string. You must include theLIMITclause directly in this string.
Example 1: Get the First 10 Records (Same as row='10')
{dede:loop sql='SELECT id, title, litpic FROM `#@__archives` WHERE arctypeid=1 LIMIT 10'}
<a href="[field:arcurl/]"><img src="[field:litpic/]" alt="[field:title/]"></a>
{/dede:loop}
Example 2: Pagination (Offset + Limit)
This is where the SQL LIMIT clause shines. To get records 11 through 20, you would use LIMIT 10, 10. The first number is the offset (how many records to skip), and the second is the number of records to return.
<!-- Assuming $page is a PHP variable for the current page number -->
{php $offset = ($page - 1) * 10;}
{dede:loop sql="SELECT id, title FROM `#@__archives` ORDER BY pubdate DESC LIMIT $offset, 10"}
<a href="[field:arcurl/]">[field:title/]</a>
<br>
{/dede:loop}
Explanation:
sql="... LIMIT $offset, 10": The SQL query is dynamically constructed.- If
$pageis1,$offsetis0, so the query becomesLIMIT 0, 10(records 1-10). - If
$pageis2,$offsetis10, so the query becomesLIMIT 10, 10(records 11-20).
Important Considerations and Best Practices
-
Security (SQL Injection):
- NEVER use variables directly from the URL (like
?id=123) in yoursqlattribute without sanitizing them. - If you need to pass a variable, use the
ifattribute with thedede:looptag or, more safely, use{dede:php}to prepare the variable first. - Bad (Vulnerable):
{dede:loop sql="SELECT * FROM `#@__archives` WHERE id=~id~"} - Good (Safe using
ifattribute):{dede:loop table='#@__archives' if="id='~id~'" row='1'} - Good (Safe using
{dede:php}):{dede:php} $safe_id = intval($aid); // Get the ID and convert it to an integer $query = "SELECT * FROM `#@__archives` WHERE id = $safe_id LIMIT 1"; {/dede:php} {dede:loop sql="$query"}
- NEVER use variables directly from the URL (like
-
Performance:
dede:loopbypasses DedeCMS's built-in caching and data processing. For complex queries or on high-traffic sites, running custom SQL directly on the database can be slower than using DedeCMS's native tags like{dede:arclist}or{dede:looplist}, which are highly optimized.- Always try to use specific
WHEREconditions to limit the number of rows the database has to scan. AvoidSELECT *if you only need a few columns.
-
Table Prefix (
#@__):- Always use
#@__as a prefix for your table names (e.g.,#@__archives). DedeCMS will automatically replace this with the actual table prefix you set during installation (e.g.,dede_). This makes your templates portable.
- Always use
Summary: row vs. sql Attribute
| Feature | row Attribute |
sql Attribute with LIMIT |
|---|---|---|
| Use Case | Simple, fixed number of records. | Complex queries, pagination, custom offsets. |
| Syntax | row='N' |
sql='... LIMIT offset, count' |
| Flexibility | Low. Only sets a limit. | High. Full control over the SQL query. |
| Performance | Generally good. | Can be slower if the query is complex. |
| Security | Safer, as it's harder to inject malicious SQL. | Requires careful handling to prevent SQL injection. |
For most simple use cases where you just need "the top 10 items," stick with the row attribute. For anything more advanced, use the sql attribute and always prioritize security.
