Revision 2583
Added by Aaron Marcuse-Kubitza over 12 years ago
| lib/sql_gen.py | ||
|---|---|---|
| 10 | 10 |
##### Escaping |
| 11 | 11 |
|
| 12 | 12 |
def is_safe_name(name): |
| 13 |
'''A name is safe *and unambiguous* if it contains only lowercase word (\w) |
|
| 14 |
characters and doesn't start with a digit''' |
|
| 15 |
return re.match(r'^(?!\d)[^\WA-Z]+$', name) |
|
| 13 |
'''A name is safe *and unambiguous* if it: |
|
| 14 |
* contains only *lowercase* word (\w) characters |
|
| 15 |
* doesn't start with a digit |
|
| 16 |
* contains "_", so that it's not a keyword |
|
| 17 |
''' |
|
| 18 |
return re.match(r'^(?=.*_)(?!\d)[^\WA-Z]+$', name) |
|
| 16 | 19 |
|
| 17 | 20 |
def esc_name(name, quote='"'): |
| 18 | 21 |
if is_safe_name(name): return name |
Also available in: Unified diff
sql_gen.py: is_safe_name(): Fixed bug where keywords were incorrectly considered safe