M.-A. Lemburg mal@lemburg.com
Wed, 15 Aug 2001 12:38:26 +0200

moored@reed.edu wrote:
> On Tue, 14 Aug 2001, M.-A. Lemburg wrote:
> > You normally don't need to do that as long as you pass the BLOB
> > as bound parameter:
> >
> > cursor.execute('INSERT INTO ... VALUES (?,?)', (id, blob))
> >
> > mxODBC will then pass the BLOB data to the ODBC driver and the
> > driver will apply any escaping which might be necessary (if at all).
>  I have found that the mysql driver doesn't escape single quotes (')
> and that I have to do a string replace "\'" -> "\\\'" before my
> sql server could deal with a random datastream. I recommend that the
> first user test his driver to make sure the bound variable thingy does
> all that is claimed.

A good test for this should be running the test.py script included
in mxODBC (in the mx.ODBC.Misc subpackage). It tests the different
capabilities of the driver. It should also catch and display the 
above problem you see with the MyODBC driver.

Marc-Andre Lemburg
CEO eGenix.com Software GmbH
Consulting & Company:                           http://www.egenix.com/
Python Software:                        http://www.lemburg.com/python/