On Mon, Feb 24, 2003 at 11:41:42PM +0100, Charlie Clark wrote:
By "formatting" you mean linebreaks? These vary from platform to platform so it's not a good idea to rely on them anyway. Look at the following rows I stored without doing anything special:
select * from whatever:
This is "text" This is 'text' a new line\n
What's missing?
You definitely shouldn't use <dtml-var> because it's unsafe.
Note: <dtml-sqlvar bah type=string> and '<dtml-var bah sql_quote>' produce the same thing by the time the ZSQL engine sees it. Each is equally safe. You must, however, never omit the sql_quote if you use dtml-var in a ZSQL method. That is completely unsafe. And there are times when ZSQL methods require the usage of dtml-var, extra data munging, or an auxilliary method, most often in LIKE expressions. As the sqlvar syntax does a better job of keeping your from shooting yourself in the foot, it is generally to be preferred; but it does no harm to have an extra arrow in your quiver. Jim Penny
_______________________________________________ Zope-DB mailing list Zope-DB@zope.org http://mail.zope.org/mailman/listinfo/zope-db