pypgsql-users

[Pypgsql-users] Special characters

[Aleksandar K. <kac...@ya...>]

I work with the pypgsql and love the library. It is very
well designed peace of code and works extremely well for
me.
However I have question that I need help with.
I am designing web interface in python to accommodate
automation of the product database.
Everything works flawlessly, but special characters will
not pass in the insert SQL statement.
how should I handle case when I have special chars included
into value text or character varying.
I would pool something like this: dict = {'key':"value's"}
which will get me error back.
do I need to deal with the special chars prior to adding
values to  execute statement, or I am missing something on
the design of the table - fields

Please send response to kac...@ya...

Thanks


=====
------
     *  "Last night I dreamed I ate a ten-pound marshmallow, and when I woke up the pillow was gone."

__________________________________________________
Do You Yahoo!?
Yahoo! Sports - sign up for Fantasy Baseball
http://sports.yahoo.com

Re: [Pypgsql-users] Special characters

[Christian T. <ct...@go...>]

Hi.


This is a question that *should* be only postgres specific,
but i don't know exactly:

THe only special character i can think of having troubles beeing inserted
is - as you showed down in your dictionary example, the ' quote, which you
should escape with a double ' ('') because postgres uses ' to start and finish strings.

hope that helps ...


christian.

On Sun, Mar 03, 2002 at 08:26:06PM -0800, Aleksandar Kacanski wrote:
> I work with the pypgsql and love the library. It is very
> well designed peace of code and works extremely well for
> me.
> However I have question that I need help with.
> I am designing web interface in python to accommodate
> automation of the product database.
> Everything works flawlessly, but special characters will
> not pass in the insert SQL statement.
> how should I handle case when I have special chars included
> into value text or character varying.
> I would pool something like this: dict = {'key':"value's"}
> which will get me error back.
> do I need to deal with the special chars prior to adding
> values to  execute statement, or I am missing something on
> the design of the table - fields
> 
> Please send response to kac...@ya...
> 
> Thanks

-- 
Christian Theune - ct...@go...
gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt
tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981

reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])

Re: [Pypgsql-users] Special characters

[Adam B. <ad...@po...>]

> how should I handle case when I have special chars included
> into value text or character varying.

The library can handle such situations automatically.  However, You
should allow it to construct final SQL queries itself (don't use
Python's % operator).  Look at the code below:

	from pyPgSQL import PgSQL
	dbc = PgSQL.connect( ... )
	c = dbc.cursor()
	a = "string'with\\quotes'\"' and\r\n\t %stuff%"
	b = None
	c = 123.45
	c.execute("insert into tab values (%s, %s, %s);",
	          a, b, c);

What happens here?  First passed value is a string, so all special
characters are automatically backslashed and the whole value is
enclosed between quotes (').  The second one is None, so it is
converted to SQL's null.  The third is passed almost as-is, because
it's a number.

The best You can do is looking at the source code of PgSQL module and
DBI 2.0 standard (it's easy to find it in Python website), the
full explanation is right there.

Regards,

-- 
Adam Buraczewski <ad...@po...> * Linux registered user #165585
GCS/TW d- s-:+>+:- a- C+++(++++) UL++++$ P++ L++++ E++ W+ N++ o? K? w--
O M- V- PS+ !PE Y PGP+ t+ 5 X+ R tv- b+ DI? D G++ e+++>++++ h r+>++ y?