[Zope] safe sql queries
Graham Chiu
anon_emouse@hotmail.com
Wed, 14 Jul 1999 09:04:29 +1200
In article <B059671903C6D211A0D500C0F0301C79139BC2@kubrick.mop.no>,
Alexander Staubo <alex@mop.no> writes
>This should work (untested):
>
><!--#sqlvar "'%' + _.string.upper(_['sequence-item']) + '%'"
>type=string-->
Thanks for the quick reply. I will try this out, but in the meantime it
just occurred to me that changing the query to
description containing <!--#sqlvar sequence-item type=string-->
should do what I require.
-------
Regards, Graham Chiu
gchiu<at>compkarori.co.nz