[Zope] Cannot pass parameters to Externa Method From inside a DTML Method

Thomas Apostolou tomatbiz-tominfo at yahoo.co.uk
Thu Aug 4 09:44:26 EDT 2005 

> This is not a good idea anyway.
> 1) it lets every user knowing the external method
>    connect to every database on your host (depending
> 
>    on credentials if any)
> 
> 2) even worser it enables the user to issue any
>    raw SQL string to the database, including but not
>    limited to DROP table; DROP database; etc.

This is not be the real thing on the site. It is just
what i develop and see. The site is not up yet and the
interface and the credentials are not set. I just have
the spefific interface now for
trying-testing-learning.
I can see your point and agree 100%

> 
> 3) by not using ZOPEs infrastructure (read:
> Z(yourdb)DA,
>    ZSQL-Methods), you have the expensive connect
> operation
>    every time, loose the ability to easily work with
> zopes
>    transactions, have to quote and unquote values
> and so on.
> 
> So get a ZODBCDa or something like that and use it.

I have allready used that and i am trying what i wrote
just for learning some python and do some custom
things.
I am sure you are right and sooner or later i will
also prefer what you suggest (when i know more about
what zopes transactions etc. are about) after reading
some more on the Zope book.

> 
> here you would write:
> 
> <dtml-in expr="TestODBCEM(sysDSN=sysDSN, ...)">
> 
> because your external Method does not magically 
> read the REQUEST object. (You could do that there
> by using self.REQUEST.get('sysDSN','default') )

I knew that it should be some other way that the
correct syntax should be used. i had wrote 
<dtml-in expr="TestODBCEM('<dtml-var
sysDSN>','<dtml-var usr>', '<dtml-var mypass>',
'<dtml-var sSQL>')">
witch was realy wrong and maybe stupid, but i'm sure
i'll get better soon with that kind of community and
documentation. I am realy sory if i ask some stupid
questions but as i told you i will soon get better.
Thank you  very much for both DTML and Python.

> See also:
> 
>
http://www.plope.com/Books/2_7Edition/RelationalDatabases.stx
> 
> 
> 
> -- 
> Tino Wildenhain <tino at wildenhain.de>


Thank you for your precious help on this.

Thomas Apostolou


	

	
		
___________________________________________________________ 
Χρησιμοποιείτε Yahoo!; 
Βαρεθήκατε τα ενοχλητικά μηνύματα (spam); Το Yahoo! Mail 
διαθέτει την καλύτερη δυνατή προστασία κατά των ενοχλητικών 
μηνυμάτων http://login.yahoo.com/config/mail?.intl=gr

More information about the Zope mailing list