[Erp5-report] r24937 - /erp5/trunk/products/ERP5Type/Utils.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Thu Dec 18 14:13:10 CET 2008
Author: vincent
Date: Thu Dec 18 14:13:08 2008
New Revision: 24937
URL: http://svn.erp5.org?rev=24937&view=rev
Log:
Add a method to escape SQL.
Modified:
erp5/trunk/products/ERP5Type/Utils.py
Modified: erp5/trunk/products/ERP5Type/Utils.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/Utils.py?rev=24937&r1=24936&r2=24937&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/Utils.py [utf8] (original)
+++ erp5/trunk/products/ERP5Type/Utils.py [utf8] Thu Dec 18 14:13:08 2008
@@ -1132,8 +1132,8 @@
value = cache[key]
except KeyError:
value = category_tool._getOb(base_cat, None)
- if value is None:
- LOG('ERP5Type.Utils.getExistingBaseCategoryList', PROBLEM, 'base_category "%s" is missing, can not generate Accessors' % (base_cat))
+ #if value is None:
+ # LOG('ERP5Type.Utils.getExistingBaseCategoryList', PROBLEM, 'base_category "%s" is missing, can not generate Accessors' % (base_cat))
cache[key] = value
if value is not None:
new_base_cat_list.append(base_cat)
@@ -2702,3 +2702,26 @@
[ get_value(row, column) for column, get_value in column_list ]
for row in data
]))
+
+#####################################################
+# SQL text escaping
+#####################################################
+def sqlquote(x):
+ """
+ Escape data suitable for inclusion in generated ANSI SQL92 code for
+ cases where bound variables are not suitable.
+
+ Inspired from zope/app/rdb/__init__.py:sqlquote, modified to:
+ - use isinstance instead of type equality
+ - use string member methods instead of string module
+ """
+ if isinstance(x, basestring):
+ x = "'" + x.replace('\\', '\\\\').replace("'", "''") + "'"
+ elif isinstance(x, (int, long, float)):
+ pass
+ elif x is None:
+ x = 'NULL'
+ else:
+ raise TypeError, 'do not know how to handle type %s' % type(x)
+ return x
+
More information about the Erp5-report
mailing list