[Twisted-Python] quoting strings in db transactions

Federico Di Gregorio fog at initd.org
Tue Feb 18 11:08:23 EST 2003

hi *,

i'm going through the twisted.enterprise python code and i find almost
everywhere commens as:

        Make a string safe to include in an SQL statement

        escape_string(self, text) 
        Escape a string for use in an SQL statement.
imho, this is plain wrong. twisted uses dbapi compliant adapters and
they *should* provide safe argument quoting (as per DBAPI-2.0.) it is
almost impossible to manage the quoting the right way for every db
adapter, but it is possible to call the driver the right way and let it
do the quoting.

or did i missed something?

also, how much mature is the enterprise code? it is a stable API or
there is space for contributions?

Federico Di Gregorio
Debian GNU/Linux Developer                                fog at debian.org
INIT.D Developer                                           fog at initd.org
  Mi piace schioccare la lingua fortemente.
                                        -- Maria Luisa Benedetta Panzani
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20030218/631f4654/attachment.pgp 

More information about the Twisted-Python mailing list