Marco, yes, I could help you with this, and that would be great to test fixes and improvements in the DAL ;-)
Best regards, Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Thu, May 2, 2013 at 2:54 PM, Marco Túlio Cícero de M. Porto <[email protected]> wrote: > Thanks everyone for your time and knowledge. > > Mariano, I think I'll make a test server where I can compare both drivers. > When I have that done, if I have any problems, would it be ok to ask for > your help? > > > See you around. > Marco Tulio > > > 2013/5/2 Mariano Reingart <[email protected]> >> >> There is new activity in the "original" pg8000 repo, but AFAIK some of >> my changes where not merged, and others where not addressd, but you >> could try that: >> >> https://github.com/mfenniak/pg8000 >> >> About escaping, the difference with psycopg2 is that pg8000 uses the >> more advanced query protocol (Prepared Statement) that don't requires >> escaping and inlining the parameters in the SQL query (so, in theory, >> it is even safer than psycopg2. and more straightforward as it allows >> binary parameters directly). >> Another advantages of de prepared statement protocol is that it could >> be parsed/analyzed once, and executed many times, that should be >> faster in some circumstances. >> >> IIRC, psycopg2 uses the simple query protocol, with inlined parameters >> directly in the SQL. >> It has a mogrify function that escapes the parameters, that should be >> migrated to pg8000 to avoid this kind of issues, or better, just use >> the DBAPI call with parameters, so no scaping will be required (IIRC, >> this is not supported by web2py right now). >> Sadly, many connectors have different implentation of the DBAPI, so it >> would not be trivial to adapt, see for example: >> http://www.python.org/dev/peps/pep-0249/#paramstyle >> >> Also, psycopg2 uses libpq (the postgresql client C library), so it >> will be a lot faster (but a bit harder to install in some scenarios). >> Its depends highly on which kind of application you're writting (for >> simple apps, there wouldn't be a significative difference). >> >> BTW, if you have a test case with web2py, I could help to fix the >> issues with pg8000. >> >> Best regards, >> >> Mariano Reingart >> http://www.sistemasagiles.com.ar >> http://reingart.blogspot.com >> >> >> On Thu, May 2, 2013 at 10:13 AM, Massimo Di Pierro >> <[email protected]> wrote: >> > I do not remember what the bugs were but they were related to escaping >> > and >> > this poses a security issue. It has not been fixed to my knowledge. >> > >> > >> > On Thursday, 2 May 2013 03:02:26 UTC-5, Marin Pranjić wrote: >> >> >> >> I remember pg8000 having some bugs and I'm not sure if they are fixed. >> >> >> >> psycopg2 should be better choice >> >> >> >> Marin >> >> >> >> >> >> On Thu, May 2, 2013 at 1:59 AM, Marco Túlio Cícero de M. Porto >> >> <[email protected]> wrote: >> >>> >> >>> Are there any advantages on one or another or are they basically the >> >>> same >> >>> thing? >> >>> I'm using psycopg2 atm. >> >>> >> >>> -- >> >>> []'s >> >>> Marco Tulio >> >>> >> >>> -- >> >>> >> >>> --- >> >>> You received this message because you are subscribed to the Google >> >>> Groups >> >>> "web2py-users" group. >> >>> To unsubscribe from this group and stop receiving emails from it, send >> >>> an >> >>> email to [email protected]. >> >>> >> >>> For more options, visit https://groups.google.com/groups/opt_out. >> >>> >> >>> >> >> >> >> >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> > Groups >> > "web2py-users" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> > an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/groups/opt_out. >> > >> > >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> > > > > -- > []'s > Marco Tulio > > -- > > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > For more options, visit https://groups.google.com/groups/opt_out. > > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
