Lawrence D'Oliveiro <[EMAIL PROTECTED]> wrote: > In message <[EMAIL PROTECTED]>, Duncan Booth wrote: >> Deary me. Did you actually test out that bit of code before you >> posted it? > >>>> execfile("QuoteSQL.py") >>>> EscapeSQLWild(r"\%") > '\\\\%' >>>> SQLString("%" + EscapeSQLWild(r"\%") + "%") > '"%\\\\\\\\%%"' >>>> EscapeSQLWild(r"\%") == r"\\%" > True >>>> SQLString("%" + EscapeSQLWild(r"\%") + "%") == r'"%\\\\%%"' > True > Ah, so that's a 'no' then. I can't see any tests there. How do you know that those strings work correctly MySQL queries?
Please, open your mind to what I'm saying. I'm not trying to criticise your aims, just trying to point out the simple fact that your EscapeSQLWild function has a bug. If nothing else, the fact that you are finding this so hard to understand shows that there is a need for a correctly written function to do this. The fix to EscapeSQLWild to get test_escapebackslashwild2 to work is a trivial change, and not suprisingly also makes the other failing test in my script (the one using parameterised queries and EscapeSQLWild) pass. Again, please, try running the script I posted, and in particular test_escapebackslashwild2. It uses the SQL query you yourself created, and it fails because it matches something it shouldn't. -- http://mail.python.org/mailman/listinfo/python-list