String substitution VS proper mysql escaping

Thu Aug 19 11:42:02 EDT 2010

  Στις 19/8/2010 2:32 μμ, ο/η Tim Chase έγραψε:
> So Python needs a way to express that you *explicitly* mean "this is 
> one of those rare one-element tuples, not an order of operations 
> prioritization":
>
>   (1,) + (2,)
> to return "(1,2)"
Yes i can see the difference now!! I just had to look at the big picture 
here! There is no other way of seperating this for that.

> You can also prefix any of them with "r" such as
>
>   file_path = r"c:\path\to\file.txt"
>   file_path = r'c:\path\to\file.txt
>   file_path = r"""c:\path\to\file.txt"""
>   file_path = r'''c:\path\to\file.txt''' 

'r' is to avoid escaping backslashes only or other special charcaters as 
well?

As for the string i noticed that if i'am to mix single quotes and double 
quotes(any number of them not just always pairs)
and backslashes and other special stuff in them then i'm best off using 
3-sinlge-quotes like

name='''My name is "Nikos" and i'am from Thessaloniki\Greece'''

The above example can only be written by using 3-single quoting right? 
Not by pairs of single or double quotes, correct?

And i dont have to use the 'r' in fornt of it too.

=======================

Also if you please comment on my mysql string substitution example i've 
posted in my previous post just to make it work.
I want it to be able to delete my data but it fails when i try to

http://webville.gr/index.html?page="100 ; DELETE FROM visitors; SELECT * 
FROM visitors" 
<http://webville.gr/index.html?page=%22100%20;%20DELETE%20FROM%20visitors;%20SELECT%20*%20FROM%20visitors%22>

please try it yourself, i dont mind lossign the data i just want to see 
if this mysql in jection can actually work.

Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20100819/efe69580/attachment.html>