Revision 2374
Added by Aaron Marcuse-Kubitza about 12 years ago
sql.py | ||
---|---|---|
261 | 261 |
|
262 | 262 |
def esc_value(self, value): |
263 | 263 |
module = util.root_module(self.db) |
264 |
if module == 'psycopg2': return self.db.cursor().mogrify('%s', [value])
|
|
264 |
if module == 'psycopg2': str_ = self.db.cursor().mogrify('%s', [value])
|
|
265 | 265 |
elif module == 'MySQLdb': |
266 | 266 |
import _mysql |
267 |
return _mysql.escape_string(value)
|
|
267 |
str_ = _mysql.escape_string(value)
|
|
268 | 268 |
else: raise NotImplementedError("Can't escape value for "+module |
269 | 269 |
+' database') |
270 |
return strings.to_unicode(str_) |
|
270 | 271 |
|
271 | 272 |
def esc_name(self, name): return esc_name(self, name) # calls global func |
272 | 273 |
|
Also available in: Unified diff
sql.py: DbConn.esc_value(): Run strings.to_unicode() on the generated string so that if it contains unescaped non-ASCII characters, these will not cause problems when concatenated with plain strings