On Sat, Jan 9, 2010 at 1:00 PM, Dennis Lee Bieber <wlfr...@ix.netcom.com>wrote:
> After the table design is complete you can move to business logic > operations (SQL for standard/fixed actions), along with criteria to > maintain the integrity of the data (foreign key constraints, etc.). This > should result in a set of SQL statements that are parameterized so that > only end-user data VALUES need to be supplied -- no ad hoc creation of > SQL by plugging in table names or column names (and especially no such > where the plugged in names were directly entered by the end-user -- I > acknowledge that there are some situations where generating SQL is > useful -- typically when you give the end user a dynamic search page*) > Can you please give me an example of what I *shouldn't* do in the above? TIA, beno
-- http://mail.python.org/mailman/listinfo/python-list
