[Zope] INSERT/UPDATE in SQL methods
Martijn Pieters
mj@antraciet.nl
Tue, 17 Aug 1999 12:08:19 +0200
At 04:38 17/08/99 , Evan Simpson wrote:
>UPDATE "addressbook" SET "email" = '<!--#var email sql_quote-->' WHERE
>"name" =
><!--#sqlvar name type=string-->
Wow, don't confuse poor Bradford, who has been hassled enough I am sure,
with erroneous code as well!
Above line should read:
UPDATE addressbook SET email = <!--#var email sql_quote--> WHERE name =
<!--#sqlvar name=name type=string-->
because sql_quote will add the quotes for you, you don't have to do this
yourself, and 'name' is not only the name of the variable you want to
insert, but also the name of an attribute of the sqlvar tag.
Better would be using sqltest in stead of name = <!--#sqlvar-->:
UPDATE addressbook SET email = <!--#sqlvar email type=string-->
WHERE <!--#sqltest name=name type=string-->
because sqltest also knows how to handle the case where 'name' contains a
list (it will do a "name IN ('list', 'of' 'values')" instead of a
"name='1value'").
--
Martijn Pieters, Web Developer
| Antraciet http://www.antraciet.nl
| Tel: +31-35-7502100 Fax: +31-35-7502111
| mailto:mj@antraciet.nl http://www.antraciet.nl/~mj
| PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149
------------------------------------------