Re: Encountered an error

The value of the textbox is in String. I just have to call a "get_text()"
method on a textbox object and I get the string value. I used it just a few
minutes ago. It's working now. Thanks a lot. I'm not too worried about sql
injections just yet because the only people about to use this application
are supposed to have all access anyway.

On Tue, Mar 15, 2016 at 12:00 AM, Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net>
wrote:

> On Mon, Mar 14, 2016 at 08:41:04PM +0530, Shaan Repswal wrote:
>
> > I tried to format the strings the Python way but... I'm getting this
> error:-
> >
> > Traceback (most recent call last):
> > File "C:\Python34\prototype_husk.py", line 133, in submit_data
> > cur.execute(add_column)
> > psycopg2.ProgrammingError: syntax error at or near "26.2"
> > LINE 2: ADD 26.2 LTRS int DEFAULT NULL
>
> That is what I have been trying to point out - you can't add
> a column named "25.2 LTRS" even if the user entered that
> value. You will need code to sanitize user input to become
> suitable for column names. I seem to remember you saying you
> already have such code ?
>
> Karsten
> --
> GPG key ID E4071346 @ eu.pool.sks-keyservers.net
> E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
>
>
> --
> Sent via psycopg mailing list (psycopg(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/psycopg
>