[Zope] Zope SQL injection

[Andy Yates]

Could somebody either point me to an article or explain what precautions
should be taken to prevent SQL injection in Zope.  If user entered form
data is passed to a ZSQL method does something automajically db escape
the data or is the programmer responsible for doing this.  If the
programmer is responsible, how is it done in Zope?  Thanks!

 

Andy

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20050318/c63d49aa/attachment.htm