QuoteSQL

Lawrence D'Oliveiro ldo at geek-central.gen.new_zealand
Fri Sep 29 01:52:26 CEST 2006


In message <efc5b3$can$1 at lust.ihug.co.nz>, I wrote:

>     def EscapeSQLWild(Str) :
>         """escapes MySQL pattern wildcards in Str."""
>         Result = []
>         for Ch in str(Str) :
>             if Ch == "%" or Ch == "_" :
>                 Result.append("\\")
>             #end if
>             Result.append(Ch)
>         #end for
>         return "".join(Result)
>     #end EscapeSQLWild

Correction, backslashes need to be escaped at this level as well. So that
should become

     def EscapeSQLWild(Str) :
         """escapes MySQL pattern wildcards in Str."""
         Result = []
         for Ch in str(Str) :
             if Ch == "\\" or Ch == "%" or Ch == "_" :
                 Result.append("\\")
             #end if
             Result.append(Ch)
         #end for
         return "".join(Result)
     #end EscapeSQLWild




More information about the Python-list mailing list