[Zope] Zope/PostgreSQL/PoPy. Solution v0.0.1. Author: Jim Penny
Hannu Krosing
hannu@tm.ee
Fri, 24 Aug 2001 13:58:10 +0200
Antonio Carrasco wrote:
>=20
> Hello again. I=C2=B4m at work now and I=C2=B4ve tried some codes. Sorry=
again, I=C2=B4m
> spanish and my english is quite bad.
>=20
> ----- Original Message -----
> From: "Jim Penny" <jpenny@universal-fasteners.com>
> To: "Antonio Carrasco" <antoniojezu@hotmail.com>
> Sent: Thursday, August 23, 2001 11:59 PM
> Subject: Re: [Zope] Zope/PostgreSQL/PoPy
>=20
> > On Wed, Aug 22, 2001 at 11:50:05PM +0200, Antonio Carrasco wrote:
> > > Ok, Jim, Let?s go again...
> > >
> > > > select from Departments where name=3D<dtml-sqlvar name type=3Dstr=
ing>
> > > I tried it.
> >
> >
> > > >
> > > > Also,
> > > > does
> > > > select from Departments where name=3D'<dtml-var name sql_quote>'
> > > > work?
>=20
> OK! It works successfully! And it seems to be a good solution. Because:
> "<< sql_quote
> Converts single quotes to pairs of single quotes. This is needed to
> safely include values in SQL strings. >>". From Zope Help System, DTML
> Reference, var.
>
> But, Why doesn=C2=B4t <dtml-sqlvar name type=3Dstring> work?. I think e=
veryone of
> us want to know.
>=20
IIRC the sql-quoting of dtml-sqlvar's is done by the database adapter
used=20
(the one you use is probably broken) whereas dtml-var sql_quote is done
by=20
a generic function, as it has no associated DB adapter.
--------------
Hannu