PgSQL and double quotes...
sorular
sorular at netscape.net
Thu Dec 14 01:23:24 EST 2000
On Wed, 13 Dec 2000 18:38:02 -0500, "Steve Holden"
<sholden at holdenweb.com> wrote:
>SQL data containing single quotes can be problematic, although you should
>not experience any difficulty with double quotes.
>
>> I wrote a simple class before the execute sintax
>> as :
>> string.join(string.split(text, "'"), "''")
>> but that still doesnt get rid of this "parsing
>> error" from PgSQL... anyone has any ideas?
>>
>This seems to be a fairly convoluted way to write
>
> string.replace(text, "'", "''")
>
>but appears to give the same result, at least in common cases (I didn't do
>exhaustive testing).
>
>This works for me using mxODBC to drive SQL Server 6.5 and 7.0, as well as
>Access. So I can only conclude that either it's the fact you're working
>with bonary data or some implementation deficiency of PgSQL (not, I must
>say, a system I am familiar with).
>
>A small code example might allow the group to exercise its collective mind a
>little more creatively on solving your problem, if you can isolate the
>problem to a ten- or twenty-line test case.
>
>regards
> Steve
thanks for the reply. Just last night, after a careful re-read of psql
docs and a great help from "Bill.Allie at mug.org", I've solved the
problem by replacing the line :
self.cursor.execute("INSERT INTO log (id,type, command,ip_addr) \
values (%d,'%s','%s','%s')" % (conn_id, write_type, data, ip_addr))
with
self.cursor.execute("INSERT INTO log (conn_id, write_type,command,\
ip_addr) VALUES (%s,%s,%s,%s)" ,conn_id, write_type,data, ip_addr)
^^ ^^
which sends following command to postgreSQL:
insert into test values(id,type,data, ip_addr)
execute statement fixes the double/single quotes etc...
ciao
Aus
)
Note that % and () are excluded and all the data is %s with no %d...
More information about the Python-list
mailing list