Using the " and ' characters in html text box
Fredrik Lundh
effbot at telia.com
Fri May 12 14:22:54 EDT 2000
tester89 at my-deja.com wrote:
> I have a problem with using the " and ' characters via a web page
> using a scrolling text box. In order to place the data into
> a mysql database I must change the " and ' characters to something
> else or esacpe them so I can put them in the database.
fyi, the same question has been asked (and answered)
several times this week. maybe it's time that someone
puts up a database FAQ ;-)
> Data Such as:
>
> string data: jdhasjdhdfjfhdjf\n"Hello there"\n'Bye1'\n
>
> tmpdata="insert into table values('%s')" % (string data)
first, figure out how to use variable binding in whatever
MySQL interface you're using. iirc, this should work for
the MySQLdb interface:
cursor.execute("insert into table values(%s)", [data])
if that doesn't work, you can use the escape_string method:
cursor.execute("insert into table values('%s')" %
MySQLdb.escape_string(data))
(if you're using MySQL, the corresponding function is called
"escape")
(using base64 encoding will make your database some 33%
larger, and mess things up if you want to access the data
from some other application...)
> print "<input type='text' name='foo' value='%s'>" % (string data)
>
> The string which contains the ' and " characters will corrupt the above
> line causing it not to display in the browser.
print "..." % cgi.escape(data)
</F>
<!-- (the eff-bot guide to) the standard python library:
http://www.pythonware.com/people/fredrik/librarybook.htm
-->
More information about the Python-list
mailing list