[Zope-DB] Properly quoting string in ZSQLMethod for Postgresql
(psycopg2)
Charlie Clark
charlie at egenix.com
Wed Aug 9 13:05:29 EDT 2006
Maciej Zięba wrote:
> Hi :-)
>
> Thank you for your suggestions I think I will have to try that...
>
> In the meantime I've managed to get the "dollar-quotation" to work -
> well, kind of. Previously I was making a very stupid mistake - the $$
> should be in template and not in the string itself. I mean something
> like this:
>
>
> 'INSERT INTO records (zope_id, title, long_description)
> VALUES (<dtml-sqlvar zope_id type="string">,
> <dtml-sqlvar title type="string">,
> $long_description$<dtml-sqlvar long_description
> type="string">$long_description$)'
mm, interesting as I've never worked with this form of quoting. Normally
you can use a <dtml-var> rather than <dtml-sqlvar> to stop ZSQL quoting
a value for you but this is not advisable or safe.
Can you supply an example of something you need to do that is causing
problems?
Charlie
More information about the Zope-DB
mailing list