Jaroslav Lukesh wrote:
with discuss about security it is possible to query sql directly from dtml/zpt
with yourZSQLmethod like this:
sqlquery:string
and corresponding dtml method:
...
Yes, although you're opening yourself to a world of SQL injection
vulnerabilities by doing so ;-)
Dne čtvrtek, 28. dubna 2005 20:17 Andreas Jung <[EMAIL PROTECTED]>
napsal(a):
> You have not read the book correctly. First statement just said that you
> can't SQL queries using ZPT. In Zope you specify SQL queries using
> *ZSQL methods* that use DTML as markup language...this is not the same
> a
On 2005-04-28 at 20:26:47 [+0200], Ken Winter <[EMAIL PROTECTED]> wrote:
> Andreas -
>
> Thanks for your answer. I'm relieved to know that the ZPT-ZSQL combination
> will suffice for database accesses. As a Zope neophyte, though, I still
> need an example or tutorial showing me how to get data
uch a reference?
- Thanks, Ken
> -Original Message-
> From: Andreas Jung [mailto:[EMAIL PROTECTED]
> Sent: Thursday, April 28, 2005 2:17 PM
> To: [EMAIL PROTECTED]; zope-db@zope.org
> Subject: Re: [Zope-DB] ZPTs and database accesses
>
>
>
> --On Donnerstag, 28
--On Donnerstag, 28. April 2005 14:05 Uhr -0400 Ken Winter
<[EMAIL PROTECTED]> wrote:
The Zope Book (version 2.7,
http://www.plope.com/Books/2_7Edition/ZPT.stx#1-8) implies that you can't
do "SQL queries" from Zope Page Templates. If this implication is
correct, I (for one) have a problem, as I
The Zope Book (version 2.7, http://www.plope.com/Books/2_7Edition/ZPT.stx#1-8)
implies that you can’t do “SQL queries” from Zope Page
Templates. If this implication is correct, I (for one) have a problem, as
I’m trying to do all my work with ZPTs (rather than DTML) in order to use
my WYSIW