[DB-SIG] API suggestion: expose 'quote' method

Chris Cogdon chris at cogdon.org
Mon Jun 2 21:31:29 EDT 2003 

I'd like to make the following proposal for the next revision of the 
API specfication:

New method to 'database' object: quote.

It has exactly the same parameter parsing semantics as the 'execute' 
method, but instead of sending the statement to the DBMS, it simply 
returns the string after the parameters have been quoted.

In effect, assuming the following:

cur = db.cursor ()

the following two statements would be equivalent:

cur.execute ( "some sql statement", parameters )
cur.execute ( db.quote ( "some sql statement", parameters ) )

Reasoning:

- There are many instances where you want to 'build up' the SQL 
statement in pieces. For example, I have an application where I create 
one object representing the interface to the database. To search for 
records of a particular class, you create a 'criteria' object, and pass 
that to the method of the database object. The criteria object is 
responsibile for building the SQL 'WHERE" clause necessary to find the 
required objects. The database method is responsible for building the 
tables necessary for the where to function correctly.

This would be VERY hard if I had to organise the SQL, and the list of 
parameters independantly before finally passing it to the 'execute' 
method which binds the two together.

- Some API's make their quoting functions available (pg has 'quote', 
pyPgSQL has '_quote'), but some do not (eg PoPy and psycopg) mostly 
because they're written in C, and requires explicit efforts to expose 
functions (as it should be, but it's inconvienient in this case).

- It would be best to have it as a method of a database object, even 
though typical implementation would not require knowing anything about 
the connection. This way, I can write code that is 'database agnostic', 
but ensure that the right version of 'quote' is called when required.


So... any support for this change? Any comments?


-- 
    ("`-/")_.-'"``-._        Chris Cogdon <chris at cogdon.org>
     . . `; -._    )-;-,_`)
    (v_,)'  _  )`-.\  ``-'
   _.- _..-_/ / ((.'
((,.-'   ((,/   fL

More information about the DB-SIG mailing list