String substitution VS proper mysql escaping

Nik Gr nikos.the.gr33k at gmail.com
Thu Aug 19 20:50:53 CEST 2010


  Στις 19/8/2010 6:58 μμ, ο/η Tim Chase έγραψε:
> It can be written as a non-3-quote string, you just have to escape the 
> inner quotes (single & double) and the backslash to be seen:
>
>   name = 'My name is "Nikos" and I\'m from Thessaloniki\\Greece'
>   name = "My name is \"Nikos\" and I'm from Thessaloniki\\Greece"
>

So if i enclose the string in double quotes the inner double quotes have 
to be escaped while
if i enclose the string in single quotes the inner single quotes have to 
be escaped.

But in 3-single-quoting thing became easier since i don't have to escape 
all kind of quotes right? just the backslashes.

>> And i dont have to use the 'r' in fornt of it too.
>
> Using the 'r' in front would make it much more challenging, because it 
> would prevent the backslashes from being seen as escaping. :)

So the best way to write the above assignment statement would be:

name = r'''My name is "Nikos" and I'm from Thessaloniki\Greece'''

It cannot get any easier that that can it? :)

''' ''' helps avoid escaping all kind of quotes!
'r' avoid escaping backslashes!

=============================
Why does the page variable which is actually a string needs to be a 
tuple or a list and not just as a string which is what it actually is?
I have a strong desire to use it like this:

cursor.execute( '''SELECT hits FROM counters WHERE page = %s''' , page )

opposed to tuple. Would i might facing a problem? Of what? MySQLdb 
instead of give the whole value to the placeholder to give just a single 
char?
Also do i need 3-single-quoting here as well or it can be written qith 
signle/double quotes?
What appleis to  strings apply to mysql queries as well?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20100819/6ab295ba/attachment.html>


More information about the Python-list mailing list