My custom sql works great unless there is an ' in the query, then of
course it fails. The question is how do I escape the apostrophe? For
example the query is "pete's". I first tried:
query = query.replace("'", "\'")
If you printed the query out it does say "pete\'s", but as soon as it
gets substituted into the query the backslash character somehow
dissapears. The relevant code:
from django.db import connection
cursor = connection.cursor()
query = "pete's"
sql = """
SELECT MAX(`table`.`id`)
FROM `table`
WHERE `table`.`name` LIKE '%(kw)s'
GROUP BY `table`.`original_id`;"""
sql = sql % {'kw' : '%%' + query + '%%'}
cursor.execute(sql)
Again this works fine if the query has no apostrophe, but if there is
one it will fail which makes sense. So if I can't use query =
query.replace("'", "\'"), is there a builtin function that will escape
apostrophes? I was under the impression that the db module handled
escaping for you.
Thanks in advance.
Aaron
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
