[Twisted-web] Re: Nevow + adbapi
Luis N
tegmine at gmail.com
Mon Mar 21 15:13:49 MST 2005
On Fri, 11 Mar 2005 00:15:48 +0000, Matt Goodall <matt at pollenation.net> wrote:
> On Thu, 2005-03-10 at 17:59 -0600, Luis N wrote:
> This is bad. You should not use Python's string formatting to build
> queries - pass the queries args as a tuple and let the database module
> prepare the query:
>
> return dbpool.runQuery(
> "SELECT english FROM lang WHERE spanish LIKE %s",
> (data,))
>
> In particular, this lets the database module correctly quote ''data''
> and protects you from SQL insertion problems.
>
> - Matt
>
Thank you. Now that I know how to use nevow and adbapi, I'm confused
by xmlrpc and adbapi.
class Educators(xmlrpc.XMLRPC):
def xmlrpc_authEducator(self, educator, identify):
self.educator = educator
self.identify = identify
if authenticate(self.educator).addCallback(authResult) == self.identify:
return 1
else:
return 0
def authenticate(educator):
return dbpool.runQuery("SELECT password FROM educatorgroup WHERE
educator LIKE %s", (educator,))
def authResult(db):
if db:
return db[0][0]
else:
return 0
xmlrpc_authEducator always returns 0, but if I change authResult to
print I know that the result is correct.
More information about the Twisted-web
mailing list