variable SQL statements
Hey everyone! I'm working on a strange database project, and I've run into a little stumbling block. Thought I'd bounce this off the group and see if there's any workarounds... my goal: build a SQL statement that will create a table with a name provided by an external method. -- my first attempt | this is the contents of a sql method -- CREATE TABLE <dtml-sqlvar tablename type=nb>_<dtml-sqlvar tabletype type=nb> ( testfield VARCHAR(75) ) ------------------------ But when it gets rendered, the variables get quoted. =( So, I found jPenny's Variable SQl statement how-to, and tried using it instead: -- my second attempt | this is the contents of a sql method -- <dtml-var "sqltablecall"> ------------------------ -- this is the contents of an external method -- mastertablename = "somename_standardtable" sqltablecall = "CREATE TABLE " + mastertablename + " ( testfield VARCHAR(75) )" self.SQL_create_master_table(sqltablecall=sqltablecall) ------------------------ This returns a "bad request" error... Apparently the variable cannot be passed directly like this..?? My questions: Is there a way to disable quoting in SQLvars? OR, how do I go about adding the sqltablecall variable into the request (which I'm assuming is where it's looking). Thanks for any ideas! -ed-
Yes, the quoting is a security option used with dtml-sqlvar and sql-test. Try only dtml-var. CREATE TABLE <dtml-var tablename>...... Regards Antonio Carrasco "If you look heedfully Reality, You will be able to see pixels" ----- Original Message ----- From: "ed colmar" <ecolmar@qwest.net> To: <zope@zope.org> Sent: Monday, September 10, 2001 9:01 PM Subject: [Zope] variable SQL statements
Hey everyone!
I'm working on a strange database project, and I've run into a little stumbling block. Thought I'd bounce this off the group and see if there's any workarounds...
my goal:
build a SQL statement that will create a table with a name provided by an external method.
-- my first attempt | this is the contents of a sql method --
CREATE TABLE <dtml-sqlvar tablename type=nb>_<dtml-sqlvar tabletype type=nb> ( testfield VARCHAR(75) )
------------------------
But when it gets rendered, the variables get quoted. =(
So, I found jPenny's Variable SQl statement how-to, and tried using it instead:
-- my second attempt | this is the contents of a sql method --
<dtml-var "sqltablecall">
------------------------
-- this is the contents of an external method --
mastertablename = "somename_standardtable" sqltablecall = "CREATE TABLE " + mastertablename + " ( testfield VARCHAR(75) )" self.SQL_create_master_table(sqltablecall=sqltablecall)
------------------------
This returns a "bad request" error... Apparently the variable cannot be passed directly like this..??
My questions: Is there a way to disable quoting in SQLvars? OR, how do I go about adding the sqltablecall variable into the request (which I'm assuming is where it's looking).
Thanks for any ideas!
-ed-
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
Antonio Carrasco -
ed colmar