Python MySQLdb.escape_string() Examples
The following are 10
code examples of MySQLdb.escape_string().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
MySQLdb
, or try the search function
.
Example #1
Source File: mdf_mysql_converter.py From Wilayah-Administratif-Indonesia with MIT License | 6 votes |
def write_provinces(path): write_insert_header("provinces") counter = 0 rows = csv_to_list(path) last_row = len(rows) - 1 for row in rows: if (counter % SPLIT_ROWS == 0): print "INSERT INTO `provinces` VALUES" if (counter == last_row or counter % SPLIT_ROWS == SPLIT_ROWS - 1): print " ('%s', '%s');" % (row[0], MySQLdb.escape_string(row[1])) else: print " ('%s', '%s')," % (row[0], MySQLdb.escape_string(row[1])) counter += 1 write_insert_footer("provinces")
Example #2
Source File: mysql.py From asm3 with GNU General Public License v3.0 | 6 votes |
def escape(self, s): """ Makes a string value safe for database queries """ if s is None: return "" if asm3.utils.is_str(s): s = MySQLdb.escape_string(s) s = asm3.utils.bytes2str(s) # MySQLdb.escape_string can return bytes on python3 elif asm3.utils.is_unicode(s): # Encode the string as UTF-8 for MySQL escape_string # then decode it back into unicode before continuing s = s.encode("utf-8") s = MySQLdb.escape_string(s) s = s.decode("utf-8") # This is historic - ASM2 switched backticks for apostrophes so we do for compatibility s = s.replace("'", "`") return s
Example #3
Source File: mysql_escape_warp.py From iOS-private-api-checker with GNU General Public License v2.0 | 5 votes |
def _str_escape(s, d): if s == None: return '' return MySQLdb.escape_string(s)
Example #4
Source File: mysql_escape_warp.py From iOS-private-api-checker with GNU General Public License v2.0 | 5 votes |
def mysql_escape(f): @wraps(f) def decorated_function(*args, **kwargs): newargs = [] #先转义参数,再执行方法 for arg in args: #字符串,包括中文 if type(arg) is types.StringType or type(arg) is types.UnicodeType: newargs.append(MySQLdb.escape_string(arg)) #字典 elif isinstance(arg, dict): newargs.append(MySQLdb.escape_dict(arg, { types.StringType: _str_escape, types.UnicodeType: _str_escape, types.IntType: _no_escape, types.FloatType: _no_escape })) #其他类型不转义 else: newargs.append(arg) newargs = tuple(newargs) func = f(*newargs, **kwargs) return func return decorated_function
Example #5
Source File: mysqlutil.py From pykit with MIT License | 5 votes |
def _safe(s): return '"' + MySQLdb.escape_string(str(s)) + '"'
Example #6
Source File: mdf_mysql_converter.py From Wilayah-Administratif-Indonesia with MIT License | 5 votes |
def write_insert_body(table_name, rows): counter = 0 last_row = len(rows) - 1 for row in rows: if (counter % SPLIT_ROWS == 0): print "INSERT INTO `%s` VALUES" % (table_name) if (counter == last_row or counter % SPLIT_ROWS == SPLIT_ROWS - 1): print(" ('%s', '%s', '%s');" % (row[0], row[1], MySQLdb.escape_string(row[2]))) else: print(" ('%s', '%s', '%s')," % (row[0], row[1], MySQLdb.escape_string(row[2]))) counter += 1
Example #7
Source File: run.py From Malicious_Domain_Whois with GNU General Public License v3.0 | 5 votes |
def genstr(str1): if str1: return "'" + MySQLdb.escape_string(str1) + "'" else: return "''"
Example #8
Source File: run.py From Malicious_Domain_Whois with GNU General Public License v3.0 | 5 votes |
def genstr(str1): if str1: return "'" + MySQLdb.escape_string(str1) + "'" else: return "''"
Example #9
Source File: sql.py From django-find with MIT License | 5 votes |
def _mk_condition(db_column, operator, data): op = operator_map.get(operator) if not op: raise Exception('unsupported operator:' + str(operator)) # I would prefer to use a prepared statement, but collecting arguments # and passing them back along the string everywhere would be awful design. # (Also, I didn't find any API from Django to generate a prepared statement # without already executing it, e.g. django.db.connection.execute()) if isinstance(data, int): return db_column+op.format(data) return db_column+op.format(escape_string(data).decode('utf-8'))
Example #10
Source File: registration_sensor.py From st2incubator with Apache License 2.0 | 4 votes |
def _check_new_registration(self, email): email = MySQLdb.escape_string(email) c = self.db.cursor() query = 'SELECT * FROM user_registration WHERE email="%s"' % email try: c.execute(query) self.db.commit() except MySQLdb.Error, e: self.logger.info(str(e)) return False