SQLObject's ForeignKey, MultipleJoin, and RelatedJoin column types make it easy to map database relationships to object relationships by creating attributes for your classes that return a list of related objects.
Whenever you need to get around SQLObject's limitations and hack directly into your database, you can use the queryAll method that just executes raw SQL against the database.
queryAll is nice when you need it, but it also means giving up all the good things that SQLObject brings to the table. Most important, you don't get automatic escaping, which means you should be careful whenever you use strings you got from a user into a SQL query.
SQLObject's SQLBuilder syntax gives you a way to create powerful queries without dropping down to raw SQL. This is the easiest way to avoid SQL injection attacks.
SQLBuilder lets you use standard Python comparisons to generate queries. But it also provides access to startswith, endswith, and other convenience functions to make creating joins easier.
When working with large result sets, it pays to pay attention to how much data you' re trying to keep in memory.
You can use Python's slice syntax on an SQLObject iterator to get only a subset of your data at a time.
When dealing with large datasets, you can save the cost of object instantiation by using queryAll, which doesn't turn your results into SQLObjects. If you have a billion records, this alone could mean a huge performance increase.
