cPickle and pgsql...damn!!

Mike C. Fletcher mcfletch at rogers.com
Tue Jul 20 23:56:05 CEST 2004


Gerardo Herzig -Departamento de Proyectos Especiales e Internet- 
Facultad de Medicina wrote:
...

>>damnDict = {'foo' : 'bar'}
>>serializedDict = cPickle.dumps(damnDict)
>>print serializedDict
>>'}q\x01U\x03fooq\x03barq\x03s.'
>>pgconn.query('insert into TABLE values (%s)' % serializedDict)
>>result = pgconn.query('select * from TABLE').getresult()[0]
>>print result
>>'}qx01Ux03fooqx03barqx03s.'
>>    
>>
You should be letting the postgres driver escape the data.  Not sure 
what engine you're using (PyGreSQL, maybe?), but with a DB-API compliant 
driver you'd do something like this:

    conn.execute( 'insert into TABLE values (%s)',  serializedDict)

To let the driver do the escaping.

If you really want to do it yourself, you'd probably find that
    serializedDict.encode( 'quopri' ).replace( "'", "''")
before storing, and:
    result.replace( "''", "'" ).decode( 'quopri' )
is usable much (but probably not all) of the time.

HTH,
Mike

________________________________________________
  Mike C. Fletcher
  Designer, VR Plumber, Coder
  http://members.rogers.com/mcfletch/
  blog: http://zope.vex.net/~mcfletch/plumbing/




More information about the Python-list mailing list