QuoteSQL
Sybren Stuvel
sybrenUSE at YOURthirdtower.com.imagination
Tue Sep 26 05:02:26 EDT 2006
Lawrence D'Oliveiro enlightened us with:
> You're proposing two separate functions:
>
> 1) quoting of non-wildcard specials
> 2) quoting of wildcard specials
I'm suggesting functions based on the role of the string they need to
escape, not the characters in that string.
1) Quoting of wildcard strings for a query using LIKE etc.
2) Quoting of values for putting into queries.
You only need the first one, since every database interface that
follows PEP 249.
> I guess I don't have a strong preference for which way we do it, but
> I would suggest confining our discussion to non-stupid solutions.
Good suggestion. I'd say, write a function that escapes for use in
LIKE queries, and leave the other quoting to the database interface.
Sybren
--
Sybren Stüvel
Stüvel IT - http://www.stuvel.eu/
More information about the Python-list
mailing list