Re: [SQLObject] Generic "find" & findOne method
SQLObject is a Python ORM.
Brought to you by:
ianbicking,
phd
Menu
▾
▴
Re: [SQLObject] Generic "find" & findOne method
|
From: Oleg B. <ph...@ma...> - 2004-12-22 09:14:39
|
On Tue, Dec 21, 2004 at 07:39:58PM -0200, Carlos Ribeiro wrote:
> At this point, please bear in mind that I am just *locating* a record,
> not filling it with data. So most of the security issues that you
> point out are not really valid.
There is a huge security risk even in locating data. Does the term
"SQL injection" appeal to you?!
> While I respect you opinion, I still think that the proposed function
> is useful enough. However, I think that I may not have presented it
> clearly enough. I'll try to write a less verbose (and cleaner)
> explanation and present it again.
Please do.
Oleg.
--
Oleg Broytmann http://phd.pp.ru/ ph...@ph...
Programmers don't die, they just GOSUB without RETURN.
|
