Re: Another Little MySQL Problem

2010-05-27 Thread Tim Golden
On 26/05/2010 23:24, Christian Heimes wrote: Actually, no. The names of tables are not quoted in SQL. One writes SELECT ID FROM mytable; not SELECT ID FROM "mytable"; nit picking mode: Some RDBMS support case sensitive table names. You have to quote the table name if you using the feature

Re: Another Little MySQL Problem

2010-05-26 Thread Alister
On Wed, 26 May 2010 15:30:16 -0700, John Nagle wrote: > Alister wrote: >> I think you should probably also write your execute differently: >> > clientCursor.execute('select ID from %s' , (personalDataTable,)) >> >> this ensures the parameters are correctly escaped to prevent mysql >> inj

Re: Another Little MySQL Problem

2010-05-26 Thread Christian Heimes
Actually, no. The names of tables are not quoted in SQL. One writes SELECT ID FROM mytable; not SELECT ID FROM "mytable"; nit picking mode: Some RDBMS support case sensitive table names. You have to quote the table name if you using the feature. Yeah I know, it's prett

Re: Another Little MySQL Problem

2010-05-26 Thread John Nagle
Alister wrote: I think you should probably also write your execute differently: clientCursor.execute('select ID from %s' , (personalDataTable,)) this ensures the parameters are correctly escaped to prevent mysql injection attacks,the "," after personalDataTable is necessary to ensure th

Re: Another Little MySQL Problem

2010-05-26 Thread Alister
On Wed, 26 May 2010 12:43:29 -0700, John Nagle wrote: > Kushal Kumaran wrote: >> On Tue, 2010-05-25 at 14:45 -0400, Victor Subervi wrote: >>> Hi; >>> I have this code: >>> >>> clientCursor.execute('select ID from %s' % (personalDataTable)) >>> upds = [itm[0] for itm in clientCursor] print

Re: Another Little MySQL Problem

2010-05-26 Thread John Nagle
Kushal Kumaran wrote: On Tue, 2010-05-25 at 14:45 -0400, Victor Subervi wrote: Hi; I have this code: clientCursor.execute('select ID from %s' % (personalDataTable)) upds = [itm[0] for itm in clientCursor] print "" % upds The problem is that the values passed are 1L, 2L When I r

Re: Another Little MySQL Problem

2010-05-26 Thread Victor Subervi
On Wed, May 26, 2010 at 11:25 AM, Kushal Kumaran wrote: > On Tue, 2010-05-25 at 14:45 -0400, Victor Subervi wrote: > > Hi; > > I have this code: > > > > clientCursor.execute('select ID from %s' % (personalDataTable)) > > upds = [itm[0] for itm in clientCursor] > > print "" % upds > > >

Re: Another Little MySQL Problem

2010-05-26 Thread Kushal Kumaran
On Tue, 2010-05-25 at 14:45 -0400, Victor Subervi wrote: > Hi; > I have this code: > > clientCursor.execute('select ID from %s' % (personalDataTable)) > upds = [itm[0] for itm in clientCursor] > print "" % upds > > The problem is that the values passed are 1L, 2L When I retrieve >