lists in cx_Oracle
Steve Holden
steve at holdenweb.com
Tue May 3 00:56:00 EDT 2005
Andrew Dalke wrote:
> infidel wrote:
>
>>I think perhaps you are asking for something that the OCI doesn't
>>provide.
>
>
> But it doesn't need to be supported by the OCI.
>
>
>>And really, it all boils down to the list comprehension:
>>
>>in_clause = ', '.join([':id%d' % x for x in xrange(len(ids))])
>
>
> And why can't the equivalent to that be supported in the
> DB-API interface, so I can pass in a list/tuple and have
> it just work?
>
>
>>... elegance is certainly subjective, and the above statement isn't the
>>cleanest ever, but it solves your main problem while avoiding the other
>>problem you mentiong (sql injection). Seems "elegant enough" to me.
>
>
> The problem I mentioned is supporting inexperienced developers
> (scientists writing software without local programming support)
> who, in my experience, don't know about this pitfall and are
> more likely to use a close but wrong solution than this correct
> one. repr(ids) is after all much easier to write.
>
Andrew:
I cannot help but agree that a more sympathetic treatment of the various
sequence types would help tyros and pros alike.
Do you think this is a DB-API 3-ish kind of a thing, or would it layer
over DB-API 2 in a relatively platform-independent manner? I suspect
that some of the code has to be inside the driver (and hence possibly at
least partly written in C) to hook into platform-dependent features like
quoting string literals.
but-you-may-know-better-ly y'rs - steve
--
Steve Holden +1 703 861 4237 +1 800 494 3119
Holden Web LLC http://www.holdenweb.com/
Python Web Programming http://pydish.holdenweb.com/
More information about the Python-list
mailing list