Re: Sanitize schema name

Sounds good, thanks for the feedback. I should have time to work on this
today and tomorrow.

On 05/20/2015 04:14 AM, Federico Di Gregorio wrote:
> On 13/05/2015 16:13, Elliot S wrote:
>> I like this idea and drafted it up.
>>
>> Looking for comments on this patch:
>>
>> https://github.com/yieldsfalsehood/psycopg2/commit/f86f773de6ee99e2d7a2807136dcb458d97ba852
>>
>>
>> In short:
>> 1. identifier quoting may use PQescapeIdentifier if it's available,
>> otherwise the pure-psyco escaping is done
>> 2. the %t format is now accepted, and its value must be either a
>> string or bytes (no error handling is done yet if this isn't the case) -
>> replacement for this calls out to the identifier quoting
>
> The patch looks fine to me but your tests should cover all corner cases:
>
> 1) spaces in identifiers
> 2) double quotes in identifiers
> 3) a mix of upper- and lower-case characters
>
> I'd also like to see the tests compare the result with the result of a
> "SELECT quote_ident(...)" call, just to be future proof.
>
> Also, I'd expose the quoting function in psycopg.extensions to let the
> user build the query string separately from the .execute() call: this
> is useful if you want to stick to DBAPI in your .execute() call. I.e.,
> to allow something like:
>
> from psycopg.extensions import quote_ident
>
> query = "SELECT %s FROM %s WHERE id = %%s" % (
> quote_ident('table'), quote_ident('col'))
>
> curs.execute(query, (id_value,))
>
> federico
>