Commit 5c3a951c authored by Vincent Pelletier's avatar Vincent Pelletier

Add a method to escape SQL.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24937 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 59a07ca1
...@@ -1132,8 +1132,8 @@ def getExistingBaseCategoryList(portal, base_cat_list): ...@@ -1132,8 +1132,8 @@ def getExistingBaseCategoryList(portal, base_cat_list):
value = cache[key] value = cache[key]
except KeyError: except KeyError:
value = category_tool._getOb(base_cat, None) value = category_tool._getOb(base_cat, None)
if value is None: #if value is None:
LOG('ERP5Type.Utils.getExistingBaseCategoryList', PROBLEM, 'base_category "%s" is missing, can not generate Accessors' % (base_cat)) # LOG('ERP5Type.Utils.getExistingBaseCategoryList', PROBLEM, 'base_category "%s" is missing, can not generate Accessors' % (base_cat))
cache[key] = value cache[key] = value
if value is not None: if value is not None:
new_base_cat_list.append(base_cat) new_base_cat_list.append(base_cat)
...@@ -2702,3 +2702,26 @@ def mergeZRDBResults(results, key_column, edit_result): ...@@ -2702,3 +2702,26 @@ def mergeZRDBResults(results, key_column, edit_result):
[ get_value(row, column) for column, get_value in column_list ] [ get_value(row, column) for column, get_value in column_list ]
for row in data for row in data
])) ]))
#####################################################
# SQL text escaping
#####################################################
def sqlquote(x):
"""
Escape data suitable for inclusion in generated ANSI SQL92 code for
cases where bound variables are not suitable.
Inspired from zope/app/rdb/__init__.py:sqlquote, modified to:
- use isinstance instead of type equality
- use string member methods instead of string module
"""
if isinstance(x, basestring):
x = "'" + x.replace('\\', '\\\\').replace("'", "''") + "'"
elif isinstance(x, (int, long, float)):
pass
elif x is None:
x = 'NULL'
else:
raise TypeError, 'do not know how to handle type %s' % type(x)
return x
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment