On Dec 8, 11:54 pm, Malcolm Tredinnick <[EMAIL PROTECTED]> wrote: > On Sat, 2007-12-08 at 14:28 -0800, Nianbig wrote: > > I´m trying to use django.db.backend.quote_name function to prevent SQL- > > injection, as stated in the Django Book Security-chapter, > >http://www.djangobook.com/en/beta/chapter20/. > > > But I'm having difficulties in getting it working, "Could not import > > portal.objects.views.start. Error was: cannot import name quote_name". > > I´m using 0.9.1, is this function only available in the development > > branch? > > You aren't going to have much success at all using the Django Book with > 0.91. There were *massive* changes between 0.91 and 0.9, whereby the > source code was quite drastically rearranged, amongst other things. > Basically 0.91 and 0.96 (the version used for the book) are quite > different animals and the code you write with each one is sufficiently > different that if you're not able to search through the source to find > quote_name, you're going to be completely stuck further down the road. > > Quote_name() does exist in 0.91, but since django.db doesn't exist, you > need to look under django.core.db.* in that case. But seriously, trying > to use the Django Book with 0.91 will only lead to tears. In fact, > trying to use 0.91 for anything except unbelievably profitable legacy > code isn't recommended, there have been far too many improvements in the > intervening two years.
Sorry, my fault. I´m using _0.9.6.1_ not 0.9.1... Missed a "6" there. /Nianbig --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
