QuoteSQL

Tue Sep 26 05:02:26 EDT 2006

Lawrence D'Oliveiro enlightened us with:
> You're proposing two separate functions:
>
>     1) quoting of non-wildcard specials
>     2) quoting of wildcard specials

I'm suggesting functions based on the role of the string they need to
escape, not the characters in that string.

    1) Quoting of wildcard strings for a query using LIKE etc.
    2) Quoting of values for putting into queries.

You only need the first one, since every database interface that
follows PEP 249.

> I guess I don't have a strong preference for which way we do it, but
> I would suggest confining our discussion to non-stupid solutions.

Good suggestion. I'd say, write a function that escapes for use in
LIKE queries, and leave the other quoting to the database interface.

Sybren
-- 
Sybren StÃ¼vel
StÃ¼vel IT - http://www.stuvel.eu/