QuoteSQL
Lawrence D'Oliveiro
ldo at geek-central.gen.new_zealand
Wed Sep 27 17:35:36 EDT 2006
In message <Xns984B8482155F6duncanbooth at 127.0.0.1>, Duncan Booth wrote:
> Lawrence D'Oliveiro <ldo at geek-central.gen.new_zealand> wrote:
>
>> I'm assuming you mean, how would you get from a Python expression to a
>> MySQL clause that looks like
>>
>> name like "%\\\\%%"
>>
>> (wildcard % followed by literal backslash \\ followed by literal
>> percent \% followed by wildcard %.) That's easy:
>>
>> EscapeSQLWild(r"\%") => r"\\%"
>> SQLString(r"\\%") => r'"\\\\%"'
>>
>> So the Python expression
>>
>> "name like %s" % SQLString("%" + EscapeSQLWild(r"\%") + "%")
>>
>> gives you what you want.
>>
> Deary me. Did you actually test out that bit of code before you posted it?
>>> execfile("QuoteSQL.py")
>>> EscapeSQLWild(r"\%")
'\\\\%'
>>> SQLString("%" + EscapeSQLWild(r"\%") + "%")
'"%\\\\\\\\%%"'
>>> EscapeSQLWild(r"\%") == r"\\%"
True
>>> SQLString("%" + EscapeSQLWild(r"\%") + "%") == r'"%\\\\%%"'
True
More information about the Python-list
mailing list