Tor Hildrum schrieb:
> On 10/18/06, Lee McFadden <[EMAIL PROTECTED]> wrote:
>
>>Just as an addendum... Even if you do get `new_book = Book(**kw)` to
>>work, it's a seriously bad idea. The kw dict will also contain
>>anything you put as query arguments to the URL so, to break your app,
>>all anyone has to do is go to:
>>
>>http://example.com/addBook?extra=data
>>
>>It's best to explicitly initialise your SQLObject instances just so
>>you don't get errors cropping up later on.
>
>
> It will be like this:
> def foo(self, **kw):
> bar = kw
>
> ## Check all keys of bar against schema
> ## and do various actions
>
> new_book = Book(**bar)
I use this for that purpose:
def dict_to_attr(dict_, object_):
valid_attributes = object_.sqlmeta.columns.keys()
for attr, value in dict_.iteritems():
if attr in valid_attributes:
setattr(object_, attr, value)
--
Greg
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
