> -----Original Message----- > From: [email protected] [mailto:[EMAIL PROTECTED] On > Behalf Of David Abrahams > Sent: Friday, June 06, 2008 11:04 AM > To: [email protected] > Subject: [Trac-dev] Re: DB cursors, sql_escape_percent, Postgresql > > > > on Thu Jun 05 2008, Christopher Lenz <cmlenz-AT-gmx.de> wrote: > > > On 05.06.2008, at 16:15, David Abrahams wrote: > >> Exception: invalid sql: > >> sql='SELECT name FROM tracforge_projects WHERE env_path=%s' > >> escaped sql='SELECT name FROM tracforge_projects WHERE env_path=%s' > >> args=('/usr/local/share/trac/projects/master',) > >> > >> So, there are a number of issues here. The code is apparently > >> trying to > >> execute: > >> > >> SELECT name FROM tracforge_projects WHERE > env_path=/usr/local/share/ > >> trac/projects/master > > > > No, the database or the database connector (psyco or whatever) is > > responsible for somehow applying the args to the SQL statement. > > I'm sorry, even if that's true, I don't understand how it is in > conflict > with my statement above... so let me ask some stupid questions to try > to > get a clearer picture of what you mean. > > 1. Are you saying that the code above is not trying to execute > something
What happens is Trac passes the SQL (with placeholders in it) and the argument tuple to the low-level database library. That library is what handles interpolating the arguments into the SQL+placeholders. When it does the interpolation, it should see that the argument is a str or Unicode object, and wrap it with quotes. If this is not happening, please file a ticket with whatever database library you use. --Noah --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en -~----------~----~----~----~------~----~------~--~---
