18 Mar
2005
18 Mar
'05
5:23 p.m.
Could somebody either point me to an article or explain what precautions should be taken to prevent SQL injection in Zope. If user entered form data is passed to a ZSQL method does something automajically db escape the data or is the programmer responsible for doing this. If the programmer is responsible, how is it done in Zope? Thanks! Andy