On 6 May 2007 11:22:52 -0700, Daniele Varrazzo [EMAIL PROTECTED]
Every serious database driver has a complete and solid SQL escaping
mechanism. This mechanism tipically involves putting placeholders in
your SQL strings and passing python data in a separate tuple or
dictionary. Kinda
On 7 Mag, 08:55, krishnakant Mane [EMAIL PROTECTED] wrote:
On 6 May 2007 11:22:52 -0700, Daniele Varrazzo [EMAIL PROTECTED] Every
serious database driver has a complete and solid SQL escaping
mechanism. This mechanism tipically involves putting placeholders in
your SQL strings and passing
On Mo, 7.05.2007, 10:30, Daniele Varrazzo wrote:
On 7 Mag, 08:55, krishnakant Mane [EMAIL PROTECTED] wrote:
On 6 May 2007 11:22:52 -0700, Daniele Varrazzo
[EMAIL PROTECTED] Every serious database driver has a
complete and solid SQL escaping
mechanism. This mechanism tipically involves
On 7 Mag, 10:46, Stefan Sonnenberg-Carstens
[EMAIL PROTECTED] wrote:
On Mo, 7.05.2007, 10:30, Daniele Varrazzo wrote:
On 7 Mag, 08:55, krishnakant Mane [EMAIL PROTECTED] wrote:
On 6 May 2007 11:22:52 -0700, Daniele Varrazzo
[EMAIL PROTECTED] Every serious database driver has a
complete
On Mo, 7.05.2007, 11:32, Daniele Varrazzo wrote:
On 7 Mag, 10:46, Stefan Sonnenberg-Carstens
[EMAIL PROTECTED] wrote:
On Mo, 7.05.2007, 10:30, Daniele Varrazzo wrote:
On 7 Mag, 08:55, krishnakant Mane [EMAIL PROTECTED] wrote:
On 6 May 2007 11:22:52 -0700, Daniele Varrazzo
[EMAIL
cur.execute(INSERT INTO datatable (data) VALUES (%s);,
(pickled_data,))
%s is not a placeholder IMHO.
What happens when using %s is, that the string given will be inserted where
%s is; that is something python does as with every print or such.
It is indeed. The behavior you
On Mo, 7.05.2007, 16:26, Daniele Varrazzo wrote:
cur.execute(INSERT INTO datatable (data) VALUES (%s);,
(pickled_data,))
%s is not a placeholder IMHO.
What happens when using %s is, that the string given will be inserted
where
%s is; that is something python does as with every
Ashes on my head.
My fault: the difference is hard to spot indeed in the rather long
line of the example. I should have been more explicit stating that the
differences were:
1. missing explicit quotes around the placeholders (they are part of
the escaped values),
2. no % operator: two
On Mon, 2007-05-07 at 07:26 -0700, Daniele Varrazzo wrote:
cur.execute(INSERT INTO datatable (data) VALUES (%s);,
(pickled_data,))
%s is not a placeholder IMHO.
What happens when using %s is, that the string given will be inserted where
%s is; that is something python does
On Mo, 7.05.2007, 16:50, Carsten Haese wrote:
On Mon, 2007-05-07 at 07:26 -0700, Daniele Varrazzo wrote:
cur.execute(INSERT INTO datatable (data) VALUES (%s);,
(pickled_data,))
%s is not a placeholder IMHO.
What happens when using %s is, that the string given will be inserted
hello,
I finally got some code to push a pickled list into a database table.
but now the problem is technically complex although possible to solve.
the problem is that I can nicely pickle and store lists in a blob
field with the help of dumps() for picklling into a string and then
passing the
I further discovered that the string variable that contains the
pickled object contains a lot of single quots ' and this is what is
probably preventing the sql insert from succedding. can some one
suggest how to work around this problem?
Every serious database driver has a complete and solid
12 matches
Mail list logo