The reason to save some rules into the database is because sometimes these rules are changing with time. So maybe every year we have a new version of rules. We may add some new rules in the future. What is a better solution?
2009/5/26 BearXu <[email protected]> > yesMaybe the customer is a system-administrator. > > > 2009/5/26 dlypka <[email protected]> > > >> In "By the way, what is your circumstance which need user to create a >> function to manipulate data in db? Sounds vulnerable. " >> and in >> "Thus the customer can create or modify their own function >> to manipulate other data in the database. " >> >> I believe "customer" / "user" really refers to 'developer", not "end >> user", not "customer" >> >> i.e I believe BerXu meant to say >> "Thus the developer can create or modify their own function >> to manipulate other data in the database. ' >> >> I hope my guess is correct... >> >> On May 25, 9:28 pm, Iceberg <[email protected]> wrote: >> > This is not identical to your request, but if you can accept "app >> > developer (you) create your own function, user submit data", you can >> > try the accepts(...,onvalidation=callback) >> > >> > By the way, what is your circumstance which need user to create a >> > function to manipulate data in db? Sounds vulnerable. >> > >> > On May26, 7:53am, BearXu <[email protected]> wrote: >> > >> > >> > >> > > can we design a custom column that can save a function in it? >> > > Thus the customer can create or modify their own function >> > > to manipulate other data in the database. >> > >> > > So such kind of field saves the code instead of the value. >> > >> > > 2009/5/25 mdipierro <[email protected]> >> > >> > > > formula? >> > >> > > > On May 25, 1:16 pm, BearXu <[email protected]> wrote: >> > > > > Can I save a formula in it? >> > >> > > > > 2009/5/25 mdipierro <[email protected]> >> > >> > > > > > you are right. it was just an example >> > >> > > > > > On May 25, 12:45 am, Alexey Nezhdanov <[email protected]> >> wrote: >> > > > > > > I think that's handy. Dropping cross-db compartibility is bad >> indeed, >> > > > > > > but you just need to have a big warning in the place where >> user have >> > > > > > > to make that choice. >> > >> > > > > > > Also - I don't think that you can safely replace ' with " on >> pickled >> > > > > > > object. Most likely you are ruining it. Either proper sql >> escaping >> > > > > > > should be introduced or better yet - base64 encoding. If I am >> not >> > > > > > > mistaken - pickled objects are binary. >> > >> > > > > > > On May 25, 9:17 am, mdipierro <[email protected]> >> wrote: >> > >> > > > > > > > I do not know if this is a good idea and I'd like to hear >> your >> > > > > > > > opinions: >> > > > > > > > I have added in trunk to define custom column types >> > >> > > > > > > > Here is an example of usage: >> > >> > > > > > > > import cPickle >> > > > > > > > from gluon.sql import SQLCustomType >> > > > > > > > from decimal import Decimal >> > >> > > > > > > > decimal = >> SQLCustomType(native='NUMERIC(10,2)',decoder=(lambda x: >> > > > > > > > Decimal(str(x)))) >> > >> > > > > > > > pickable = SQLCustomType(type='text',encoder=(lambda x: >> > > > > > > > "'%s'"%cPickle.dumps(x).replace("'","''")),decoder=(lambda >> x: >> > > > > > > > cPickle.loads(x))) >> > >> > > > > > > > db.define_table('test', >> > > > > > > > SQLField('my_decimal',type=decimal), >> > > > > > > > SQLField('my_pickle',type=pickable)) >> > >> > > > > > > > the SQLCustomType constructor takes the following arguments: >> > > > > > > > - type indicates how web2py sqlform should treat this field >> > > > > > > > - native indicates how the database should treat this field >> > > > > > > > - encoder indicates how to represent (and escape) a value in >> SQL >> > > > > > > > - decoder indicates how to process the value once it is >> extracted >> > > > from >> > > > > > > > the database >> > >> > > > > > > > It seems to work well with migrations. Of course using >> native=.... >> > > > > > > > makes the custom table not portable across databases. >> > >> > > > > > > > The implementation is not very clean but can be improved. >> > >> > > > > > > > Is this a good idea? >> > >> > > > > > > > Massimo >> >> >> > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
