[mod_python] addSlashes() in python, sql cgi question

Roy S. Rapoport mod_python at ols.inorganic.org
Thu Jun 5 11:12:50 EST 2003

On Thu, Jun 05, 2003 at 10:51:29AM -0700, Irene Ponti wrote:
> I have to put into a SQL database the content of some
> variables coming from an Internet form.
> If this variables have some caracters as ' or "
> inside, the sql server return an error because the
> query is not in correct sintax.
> Now in php exist a standard function that add slashes
> in front of ' or " in a variable and another that
> remove slashes.
> Is there in python a function like this?


How are you accessing the database?

I'm using MySQLdb; I just confirmed that it automatically adds the
proper escapist magic to make this stuff just plain work.

I'm guessing that, depending on the module you're using to access the
database, it may offer the proper mechanisms (much like in Perl's
DBD/DBI, there's a database-specific way to escape strings).


More information about the Mod_python mailing list