SQL and CSV
Lawrence D'Oliveiro
ldo at geek-central.gen.new_zealand
Sat May 9 00:50:55 EDT 2009
In message <mailman.5299.1241800722.11746.python-list at python.org>, andrew
cooke wrote:
> even if you're not open to injection attacks, you're still less likely to
> get escaping correct than a puprose written, widely used library.
Escaping isn't really that hard to do. For example, the rules for MySQL
literals are clearly spelled out here
<http://dev.mysql.com/doc/refman/5.0/en/string-syntax.html>. You can easily
check that against my quoting routines here
<http://codecodex.com/wiki/index.php?title=Useful_MySQL_Routines#Quoting>.
More information about the Python-list
mailing list