Re: [sqlalchemy] Fwd: [Gnukhata-devel] not able to put & in account name field

[Krishnakant Mane]

I really don't think that's the issue.
no eval is used.
Secondly it did work through psycopg2 directly with postgresql
If some would have the kindness to look at the code I am paisting it here.
Sorry for making it long, it contains comments to explain the situation.
    def xmlrpc_setAccount(self,queryParams,client_id):
        '''
        Purpose : Adds new account i.e row to the account table in the 
database
        Parameters : It expects a list of queryParams which 
contains[suggestedcode(datatype:integer),groupcode(datatype:integer),subgroupcode(datatype:integer),accountname(datatype:text)openingbalance(datatype:numeric),openingdate(datatype:timestamp),balance(datatype:numeric)]
        Returns : Boolean
        Description : Querys the account table and add new row.
            To add account first time check wether max of accountcode 
if there is nothing in that coloumn maxAccountcode will increament by 1 
and if there is max value then go to else condition and increament by 1
            It takes  which is a foreign key from the group 
table,account name which is name of the account, and openingbalance 
which is previous financial year balance amount and opening date i.e 
when a new account is added (it always takes the todays date), balance 
is the balance amount remaining with that account.
            When record entered successfully  it returns True else 
returns False.
        '''
        connection = dbconnect.engines[client_id].connect()
        Session = dbconnect.session(bind=connection)
        account_creation_date = str(strftime("%Y-%m-%d %H:%M:%S"))
        if queryParams[5] != 0:
            
Session.add(dbconnect.Account(queryParams[5],queryParams[0],queryParams[1],queryParams[2],queryParams[3],account_creation_date,queryParams[4]))
        else:
            maxAccountCode = 0
            maxAccountCode = 
Session.query(func.count(dbconnect.Account.accountcode)).scalar()
            if maxAccountCode == None:
                maxAccountCode = 0
                maxAccountCode = int(maxAccountCode) + 1
            else:
                maxAccountCode = int(maxAccountCode) + 1

            
Session.add(dbconnect.Account(maxAccountCode,queryParams[0],queryParams[1],queryParams[2],queryParams[3],account_creation_date,queryParams[4]))
        Session.commit()
        Session.close()


Mind you, it is an  xmlrpc call.
and the constructor of the table instance takes all the parameter hence 
the way in which session.add is coded.
Happy hacking.
Krishnakant.


On 07/08/11 21:11, Michael Bayer wrote:

On Aug 7, 2011, at 8:19 AM, Krishnakant Mane wrote:

Hello all.
This might be interesting.
I don't know if we are doing some thing wrong.
We use session.query on a table and for adding records we use the orm.
But look at the forwarded email, I don't know what's wrong.
happy hacking.

you'd need to know what happens when someone enters "A & B".  If for 
example you're calling eval() on that or something, "&" is a Python 
operator.



Krishnakant.




-------- Original Message --------
Subject:        [Gnukhata-devel] not able to put & in account name field
Date:   Sun, 7 Aug 2011 17:35:51 +0530
From:   ankita shanbhag <ankita.shanbhag...@gmail.com>
To:     gnukhata dev <gnukhata-de...@cis-india.org>



Hello All,

This may sound silly but entering&  in account field eg "A&  B" can
cause difficulty in retrival of that account from database.

I tried to query the Account table using postgres and its able to
fetch record properly.

I feel its a problem of SqlAlchemy.I am afraid if we want '&' then we
have to look through rpc_account.py specially getAccount!!

Thanking you.


--
"FOSS is not just about coding..its more of collaborative project management"

----
ankita shanbhag
_______________________________________________
Gnukhata-devel mailing list
gnukhata-de...@cis-india.org
http://lists.cis-india.org/mailman/listinfo/gnukhata-devel


--
You received this message because you are subscribed to the Google 
Groups "sqlalchemy" group.
To post to this group, send email to sqlalchemy@googlegroups.com 
<mailto:sqlalchemy@googlegroups.com>.
To unsubscribe from this group, send email to 
sqlalchemy+unsubscr...@googlegroups.com 
<mailto:sqlalchemy+unsubscr...@googlegroups.com>.
For more options, visit this group at 
http://groups.google.com/group/sqlalchemy?hl=en.

--
You received this message because you are subscribed to the Google 
Groups "sqlalchemy" group.
To post to this group, send email to sqlalchemy@googlegroups.com.
To unsubscribe from this group, send email to 
sqlalchemy+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/sqlalchemy?hl=en.

--
You received this message because you are subscribed to the Google Groups 
"sqlalchemy" group.
To post to this group, send email to sqlalchemy@googlegroups.com.
To unsubscribe from this group, send email to 
sqlalchemy+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/sqlalchemy?hl=en.