i don't want him to be able to directly access (read/write) the
database i am using. *AFAIK*, ZSQLMethods won't do for this.
Then put constraints in on your database, or make the whole connection
I want to have full access rights on the database through the external
Usually you dont want that. Sane security constrains on database save
you a lot mistakes if done right. You can also use views and stored
functions to further tighten your security.
Bad done external methods are more likely to open security holes.
You're really buying nothing with all this other than wasting a lot of
I really hope i don't! :-) As Dieter said, my application is not a
conventional Zope application.
What is it instead? :)
I could say that, for this project, i am using Zope:
- as a much safer alternative to CGI
but not if compromized :)
- for its templating machinery
- because it is built on Python and the project is based on Python
- i like Zope :-)
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -