Antonio Carrasco wrote:
Hello again. I´m at work now and I´ve tried some codes. Sorry again, I´m spanish and my english is quite bad.
----- Original Message ----- From: "Jim Penny" <jpenny@universal-fasteners.com> To: "Antonio Carrasco" <antoniojezu@hotmail.com> Sent: Thursday, August 23, 2001 11:59 PM Subject: Re: [Zope] Zope/PostgreSQL/PoPy
On Wed, Aug 22, 2001 at 11:50:05PM +0200, Antonio Carrasco wrote:
Ok, Jim, Let?s go again...
select from Departments where name=<dtml-sqlvar name type=string> I tried it.
Also, does select from Departments where name='<dtml-var name sql_quote>' work?
OK! It works successfully! And it seems to be a good solution. Because: "<< sql_quote Converts single quotes to pairs of single quotes. This is needed to safely include values in SQL strings. >>". From Zope Help System, DTML Reference, var.
But, Why doesn´t <dtml-sqlvar name type=string> work?. I think everyone of us want to know.
IIRC the sql-quoting of dtml-sqlvar's is done by the database adapter used (the one you use is probably broken) whereas dtml-var sql_quote is done by a generic function, as it has no associated DB adapter. -------------- Hannu