[Wolves] Tinkering with a url->sql select mapper in python
Alex Willmer
alex at moreati.org.uk
Mon Jul 3 23:14:57 BST 2006
Firstly, I hope noone minds the crossposting. Pleas berate me at the next
meeting if you do.
I'm developing a url->sql select mapper, something to take
http://host/sometable?givenname='fred' perform 'select * from sometable
where givenname=fred' and return the result to that url.
The first working code is done, attached as qndwebdb.py. To run the script
save to a directory, set the db='foods.db' to the location of an sqlite
database, then run python qndwebdb.py, the webserver will run on localhost
port 8000. I'd love to have your thoughts.
I'm sure someone must have done this before me, but I can't find the right
google incantation to uncover it. Have you ever come across something
similar?
I'm also certain the current code is riddled with security holes, SQL
injection attacks etc. Do you think such a mapping could ever be made
safe?
Ultimately I'd like to make a database web frontend crossed with wiki [*].
Something as simple to start developing with as Access, but in a browser.
Regards
Alex
[*] I know TWiki does something like this, but I don't know perl and I've
never managed to get it working.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: qndwebdb.py
Type: text/x-python
Size: 3369 bytes
Desc: not available
Url : http://mailman.lug.org.uk/pipermail/wolves/attachments/20060703/f69e34d7/qndwebdb.py
More information about the Wolves
mailing list