On 11/29/05, jws <[EMAIL PROTECTED]> wrote: > I'd like to clarify the reasoning, since I think it pertains to a > larger issue. My understanding of Adrian's comment is that there > currently is no infrastructure in Django to escape special characters > in strings in a way that is specific to each backend. Admittedly, I > haven't dug in very far yet, but that seems like an odd omission.
Sure, I'd be happy to clear up the reasoning -- You're correct that there's no infrastructure in Django to escape special characters for a given database backend. That's because the underlying Python database libraries -- psycopg, MySQLdb and py-sqllite -- handle this automatically when you pass them a database query with parameters. The problem is that those libraries don't expose that functionality. (I'd love to be proved wrong on this!) Adrian -- Adrian Holovaty holovaty.com | djangoproject.com | chicagocrime.org
