[Zope] Double quote in ZSQL Method
jpenny at ykksnap-america.com
jpenny at ykksnap-america.com
Mon Feb 20 17:56:46 EST 2006
tablename.<dtml-var species sql_quote>
should work. Be sure that you check that species is valid
before this call. sql_quote should protect you from SQL injection,
but it is better to be safe.
jim
zope-bounces at zope.org wrote on 02/20/2006 05:46:49 PM:
> Hi,
>
> In a ZSQL Method, I have tablename.<dtml-sqlvar species type="string">
> and I get tablename.'species_value', what I need is
> tablename."species_value". Any idea how I can get Zope/ZSQL to not
> put in the single quotes (or use double quotes)?
>
> Thanks,
> Jason.
>
> --
> ........................................
> .... Jason C. Leach
> .... PGP Key: 0x62DDDF75
> .... Keyserver: gpg.mit.edu
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
>
More information about the Zope
mailing list