Michael Bayer wrote:
> you can execute DDL statements as literal text strings straight from an
> engine or connection. the Session object has a connect() method on it
> which will also use an underlying engine (if the session is bound to
> one), or you can pass it a mapper which it can relate to the underlying
> engine.
>
> once you have your connection, you can just execute:
>
> connection.execute("alter user foo set password='hoho'")
Thanks; that works very well. Next question ;-) If "foo" and "hoho" are
variable, how can I validate they have no illegal characters and escape
such chars so they cannot do anything evil on the database (the string
"hoho" must not contain an apostrophe; the string "foo" must not contain
a semicolon etc.)...
-- Chris
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"sqlalchemy" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/sqlalchemy
-~----------~----~----~----~------~----~------~--~---
