On Mon, 13 Aug 2007 19:11:15 -0500 Carl Karsten <[EMAIL PROTECTED]> wrote:
> Mike Meyer wrote:
> > While I think your order is a little exaggerated, I'll merely point
> > out that it's a common thing to see when you're writing code that
> > writes code. SQL pretty much sucks for this, but Python is
Mike Meyer wrote:
> On Mon, 13 Aug 2007 19:11:15 -0500 Carl Karsten <[EMAIL PROTECTED]> wrote:
>> Mike Meyer wrote:
>>> While I think your order is a little exaggerated, I'll merely point
>>> out that it's a common thing to see when you're writing code that
>>> writes code. SQL pretty much sucks fo
On Tue, 14 Aug 2007 12:27:19 -0500 Carl Karsten <[EMAIL PROTECTED]> wrote:
> >> How often does an identifier come from an untrusted source?
> >
> > Um, how about in every web-based app that has a real search facility?
> > One that lets the user specify which column(s) they want to check, or
> > t
On Tue, 2007-08-14 at 10:18 -0400, Mike Meyer wrote:
> > How often does an identifier come from an untrusted source?
>
> Um, how about in every web-based app that has a real search facility?
> One that lets the user specify which column(s) they want to check, or
> that can search multiple tables?
On Tue, 14 Aug 2007 22:07:34 -0400 Carsten Haese <[EMAIL PROTECTED]> wrote:
> weighed down by requiring a feature of such little general use, but
> you're welcome to write a reusable toolkit module that lives outside of
> and on top of DB-API. Of course you'll need to code some per-database
> logic
