| From: | Dorian Hoxha <dorian(dot)hoxha(at)gmail(dot)com> |
|---|---|
| To: | Daniele Varrazzo <daniele(dot)varrazzo(at)gmail(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Ludovic Gasc <gmludo(at)gmail(dot)com>, "psycopg(at)postgresql(dot)org" <psycopg(at)postgresql(dot)org> |
| Subject: | Re: Sanitize schema name |
| Date: | 2015-05-07 12:25:06 |
| Message-ID: | CANsFX06SaSxg--2MMaodAtQJvf+6wMuyAJ-aXOYU08QCmpggpw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | psycopg |
Since it will be an optional separate function, and won't interfere with
old code, I don't see a problem with it being in 2.6.1
On Thu, May 7, 2015 at 2:01 PM, Daniele Varrazzo <daniele(dot)varrazzo(at)gmail(dot)com
> wrote:
> On Thu, May 7, 2015 at 12:35 PM, Dorian Hoxha <dorian(dot)hoxha(at)gmail(dot)com>
> wrote:
> > He wants to dynamically pass the table name:
> >
> > cursor.execute("SELECT * FROM %s", (table,)) # won't work
>
> Looks like there is more and more the need of exposing a function like
> libpq's PQescapeIdentifier [1]. Too bad psycopg 2.6 has been released
> so recently, I'm reluctant to add such a function to 2.6.1.
>
> Maybe releasing a small Python module exposing just that function,
> then add the functionality to psycopg 2.7?
>
> [1]
> http://www.postgresql.org/docs/9.4/static/libpq-exec.html#LIBPQ-PQESCAPEIDENTIFIER
>
> -- Daniele
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Karsten Hilbert | 2015-05-07 12:28:37 | Re: Sanitize schema name |
| Previous Message | Daniele Varrazzo | 2015-05-07 12:01:48 | Re: Sanitize schema name |