No, add_item doesn't have an associated view with it. I tried doing just a "return" and also tried omitting the return statement entirely. jquery still tells me it's failed.
On Monday, May 6, 2013 5:33:04 PM UTC-4, Anthony wrote: > > 1. For some reason every click results in a javascript alert saying that >> it Failed, even though I can successfully do stuff with the data in the >> controller. Is there some sort of code I'm supposed to return through the >> controller to let jquery know that it's been successful? >> > > Does the add_item() function have an associated view? If not, it may be > generating an error (when a function returns a dict(), web2py looks for an > associated view to execute). Instead, you can just return nothing. > > >> >> 2. To be safe, I'll sanitize the expected integers like so: >> >> def add_item(): >> # get json data as 'data' ... >> item_id = int(data['test']['item_id']) >> other_data = int(data['test']['some_detail']) >> >> # Insert that item_id and other_data into db... >> >> But if I expected a string, how would I sanitize that string before >> using it to do something with the database? Is there a safe practice for >> this type of approach of getting data from json? >> > > web2py already does escaping to prevent SQL injection (assuming you use > the DAL, though not with .executesql()). > > Anthony > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
