Thank you both for the help and advice, things are working perfectly now.
On Jun 30, 9:25 am, Ross Peoples <[email protected]> wrote: > I did something similar to demonstrate common vulnerabilities, such as SQL > injection and changing hidden values in forms before submission. It was > really tough to make this app with web2py, as I had to skirt around most of > the framework to make it happen. This is a GOOD THING though. I learned a > lot about the extent that web2py goes to in order to keep apps secure. > > You have to wrap everything in XML(), like Anthony mentions, you also have > to use db.executesql() and define and handle your own forms manually, > without using FORM or SQLFORM.
