En Tue, 30 Jun 2009 03:33:52 -0300, Dennis Lee Bieber
<wlfr...@ix.netcom.com> escribió:
On Mon, 29 Jun 2009 11:59:59 -0300, "Gabriel Genellina"
<gagsl-...@yahoo.com.ar> declaimed the following in
gmane.comp.python.general:
The fact that it's the same character used for formatting strings with
the
% operator is an unfortunate coincidence (or a very bad choice, I don't
know).
At the core -- if one looks at the Python source of the module and
takes into account that, prior to MySQL 5.x, MySQL did not support
"prepared statements", everything being sent as a full string query --
MySQLdb actually uses string interpolation to fill in the fields...
AFTER, of course, passing all the arguments through a function that
"safes" them (escaping sensitive characters, converting numerics to
string equivalent, etc., wrapping quotes about them).
Thanks for the historical reference. Even then, the code *could* have used
other markers, like ?, doing the appropiate substitutions before the final
string interpolation...
(but critisizing the original design after many years isn't fair!)
--
Gabriel Genellina
--
http://mail.python.org/mailman/listinfo/python-list