string class variable to sqlite3

Chris Angelico rosuav at gmail.com
Sun Oct 18 20:36:19 EDT 2015 

On Mon, Oct 19, 2015 at 3:10 AM, andybrookestar--- via Python-list
<python-list at python.org> wrote:
> I acknowledge the security points & also by the way I omitted using any Try Catch statements , because  at this stage coming from PHP I was more focused on getting a select statement to actually work in python.
>

That's fine when you're just playing around, starting to get to know
the basics. But I hope you'll shift your thinking before deploying
anything to production. The PHP model is, as you describe, "do your
best to keep going, regardless of what's going wrong". It results in
web pages that spew warnings everywhere (possibly revealing internal
details of the code's layout, empowering future attacks), tell the
user their changes have been saved despite getting an error back from
the database, and so on. The Python philosophy is that a
correctly-working program is best, next best is one that crashes out
with a clean exception, and the very worst is one that barges on and
does the wrong thing. I would MUCH rather have my web app throw me
back a little 500 (and, by the way, it'll show the end user a simple
500 page, and log the details of the exception for admin eyes only) so
it's _obvious_ that the data wasn't saved, or the email wasn't sent,
or whatever.

Unlike PHP, Python has a simple and trustworthy [1] error handling
system. Everything is signalled with a thrown exception; if you know
about the error and can handle it, you catch that exception and deal
with it. Otherwise, ignore the exception, and someone else will deal
with it. You don't have to religiously check return values and
remember to handle all those errors that never come up in local
testing (like DNS failures and timeouts), not to mention those more
obscure errors that you wouldn't even think of (like "disk full" or
"out of memory"). Whatever happens, it's an exception. Write your code
in this style, and you don't have to worry about the details.

ChrisA

[1] In PHP, sometimes errors become exceptions, sometimes they become
messages printed to the output file, sometimes they get logged,
sometimes completely suppressed... and all based on a very complicated
set of rules.

More information about the Python-list mailing list