| From: | Daniele Varrazzo <daniele(dot)varrazzo(at)gmail(dot)com> |
|---|---|
| To: | Dorian Hoxha <dorian(dot)hoxha(at)gmail(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Ludovic Gasc <gmludo(at)gmail(dot)com>, "psycopg(at)postgresql(dot)org" <psycopg(at)postgresql(dot)org> |
| Subject: | Re: Sanitize schema name |
| Date: | 2015-05-07 12:01:48 |
| Message-ID: | CA+mi_8anLX6H0ZnaH599n2TLezw5Q4dSy_v_n4Jz_CncDzMoEQ@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | psycopg |
On Thu, May 7, 2015 at 12:35 PM, Dorian Hoxha <dorian(dot)hoxha(at)gmail(dot)com> wrote:
> He wants to dynamically pass the table name:
>
> cursor.execute("SELECT * FROM %s", (table,)) # won't work
Looks like there is more and more the need of exposing a function like
libpq's PQescapeIdentifier [1]. Too bad psycopg 2.6 has been released
so recently, I'm reluctant to add such a function to 2.6.1.
Maybe releasing a small Python module exposing just that function,
then add the functionality to psycopg 2.7?
[1] http://www.postgresql.org/docs/9.4/static/libpq-exec.html#LIBPQ-PQESCAPEIDENTIFIER
-- Daniele
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dorian Hoxha | 2015-05-07 12:25:06 | Re: Sanitize schema name |
| Previous Message | Dorian Hoxha | 2015-05-07 11:35:31 | Re: Sanitize schema name |