Due to limitations in the template::list code
any variable you need to pass needs to have an empty filter specified for it like this:
were right I needed a space after position_id and the braces.
-filters {
position_id {}
}
That said, DO NOT pass SQL fragments in the URL. That is a tremendous security vunerlability. Anything, ANYTHING, can be passed in that URL and the user has full access to your database. You really need to find another solution that passes in information in the URL that is then verified to be safe by your application before it is used to generate a SQL query.
