Thanks Gabriel. You are correct - this is even documented in the MySQLdb User's
Guide (http://mysql-python.sourceforge.net/MySQLdb.html), but it's certainly
not intuitive, given how python string interpolation normally works.
Gabriel Genellina <[EMAIL PROTECTED]> wrote: En Tue, 23 Oct 2007 20:50
En Tue, 23 Oct 2007 20:50:55 -0300, Michael Pelz Sherman
<[EMAIL PROTECTED]> escribió:
> Leif B. Kristensen wrote:
>
SQL = 'INSERT into TEMP data = %s'
c.execute(SQL, """ text containing ' and ` and all other stuff we
>>> . might
>>> . read from the network""")
>>
>>> Sure, but do
Leif B. Kristensen wrote:
>>> You don't need to escape text when using the Python DB-API.
>>> DB-API will do everything for you.
>>> For example:
>>> SQL = 'INSERT into TEMP data = %s'
>>> c.execute(SQL, """ text containing ' and ` and all other stuff we
>>. might
>>. read from the network""
Leif B. Kristensen wrote:
>>> You don't need to escape text when using the Python DB-API.
>>> DB-API will do everything for you.
>>> For example:
>>> SQL = 'INSERT into TEMP data = %s'
>>> c.execute(SQL, """ text containing ' and ` and all other stuff we
>>. might
>>. read from the network""
Leif B. Kristensen wrote:
I'm working with a Python program to insert / update textual data into a
PostgreSQL database. The text has single and double quotes in it, and I
wonder: What is the easiest way to escape quotes in Python, similar to
the Perlism "$str =~ s/(['"])/\\$1/g;"?
Just for the reco
First, thanks to all who have replied. I learned a lot more than I had
expected :-)
This is a small part of a major project; converting my genealogy
database from a commercial FoxPro application to my homegrown Python /
PostgreSQL app. I'm still in a phase where I'm experimenting with
different mo
In <[EMAIL PROTECTED]>, Leif B. Kristensen wrote:
> Damjan skrev:
>
>> You don't need to escape text when using the Python DB-API.
>> DB-API will do everything for you.
>> For example:
>> SQL = 'INSERT into TEMP data = %s'
>> c.execute(SQL, """ text containing ' and ` and all other stuff we
>>
Leif B. Kristensen wrote:
Damjan skrev:
For example:
SQL = 'INSERT into TEMP data = %s'
c.execute(SQL, """ text containing ' and ` and all other stuff we
might read from the network""")
Sure, but does this work if you need more than one placeholder?
Yup.
FWIW,
here's the whole script. It will fet
Damjan skrev:
> You don't need to escape text when using the Python DB-API.
> DB-API will do everything for you.
> For example:
> SQL = 'INSERT into TEMP data = %s'
> c.execute(SQL, """ text containing ' and ` and all other stuff we
> might
> read from the network""")
>
> You see, the SQL st
Hey there,
str.replace('"', '\\"').replace("'", "\\'")
HTH, jbar
--
http://mail.python.org/mailman/listinfo/python-list
/g;"?
>
> I tried the re.escape() method, but it escapes far too much, including
> spaces and accented characters. I only want to escape single and double
> quotes, everything else should be acceptable to the database.
You don't need to escape text when using the Python DB-API.
e.escape() method, but it escapes far too much, including
spaces and accented characters. I only want to escape single and double
quotes, everything else should be acceptable to the database.
--
Leif Biberg Kristensen
http://solumslekt.org/
--
http://mail.python.org/mailman/listinfo/python-list
12 matches
Mail list logo
