On Oct 22, 2007, at 7:18 AM, Steffen wrote:
> > An '%' in a raw sql statement executed with execute will raise > following error because it is not properly escaped: > > <class 'sqlalchemy.exceptions.DBAPIError'>: (TypeError) 'dict' object > is unindexable > 2007/10/22 12:55:01 - /usr/lib/python2.5/site-packages/ > SQLAlchemy-0.4.0-py2.5.egg/sqlalchemy/engine/base.py:1115:execute > 2007/10/22 12:55:01 - /usr/lib/python2.5/site-packages/ > SQLAlchemy-0.4.0-py2.5.egg/sqlalchemy/engine/base.py:779:execute > 2007/10/22 12:55:01 - /usr/lib/python2.5/site-packages/ > SQLAlchemy-0.4.0-py2.5.egg/sqlalchemy/engine/base.py:789:_execute_text > 2007/10/22 12:55:01 - /usr/lib/python2.5/site-packages/ > SQLAlchemy-0.4.0-py2.5.egg/sqlalchemy/engine/base.py:852:__execute_raw > 2007/10/22 12:55:01 - /usr/lib/python2.5/site-packages/ > SQLAlchemy-0.4.0-py2.5.egg/sqlalchemy/engine/base.py: > 869:_cursor_execute > > Manuall escaping with '%%' solves the issue, but shouldn't that be > automatic ? > Others, like twisted adbapi does it correct - for example. this could possibly be done for text() clauses, although backwards compatibility would be a potential issue (not too worrisome). for raw SQL, this escaping should not be applied since the % character is also used for 'format' and 'pyformat' bind params. also its a dialect specific escaping which probably only applies to mysql and postgres (i.e. its *not* correct for sqlite, for example). --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~----------~----~----~----~------~----~------~--~---