Whenever I'm using SQL databases in zope, I always seem to have to make
a ZSQL instance for inserting into every table in my database, and they
are all nearly the same - they just have a list of all the fields in the
database in the parameters, then they say:
insert into [table] ([list of fields])
Great idea. Not to be recommended in general.
This works because every field is textual, and you are
sql-quoting by using type=string.
Here are the problems:
1) if someone reads this and does not use the type=string
tag, or equivalent, they will be wide open to sql injection.
2) OR, they can p
"Robert (Jamie) Munro" <[EMAIL PROTECTED]> wrote:
> I'd much rather have a dictionary of fields and values, and just throw
> it at the DB, not having to make those queries for every table. I have
> acheived it like so:
I have achieved a similar result, although for update methods in my
case, in wh
Robert (Jamie) Munro wrote:
Whenever I'm using SQL databases in zope, I always seem to have to make
a ZSQL instance for inserting into every table in my database, and they
are all nearly the same - they just have a list of all the fields in the
database in the parameters, then they say:
insert i
I agree. I am just starting to work with zalchemy in Zope3 and looking
to try and make it work with Five so I have it for Zope2.
Regards,
David
Chris Withers wrote:
Robert (Jamie) Munro wrote:
Whenever I'm using SQL databases in zope, I always seem to have to make
a ZSQL instance for insertin
Hi,Have you tried Rakun Project for this problem. It supports MySQL, PostgreSQL and SQLite for now. But it can handle all kind of SQL databases.Please take a look at its web site:
http://www.rakun.org/For all kind of questions about it, you can contact me>Content-Type: text/plain; charset="US-ASCII
