[Zope-dev] simple array-ish things in SQL/Zope
Pavlos Christoforou
pavlos@gaaros.msrc.sunysb.edu
Fri, 5 Mar 1999 12:04:21 -0500 (EST)
On Fri, 5 Mar 1999, Jeffrey P Shell wrote:
> Running eval on any external data source can be potentially risky. An
> option is to write pickles to the RDBMS. This allows storage of much more
> complex objects and it's harder for a third party with access to the
> database to write a potentially damaging pickle to a field than it is to
> write a potentially damaging expression.
>
> The downside is that storing a string repr of a python list or dict is
> still semi-searchable/readable through SQL for other operations. A stored
> pickle is not.
>
Or you can use on of the xml marshalling libs. I am familiar with
Fredrik's Lundh xmlrpclib:
www.pythonware.com
Pavlos