[Twisted-Python] quoting strings in db transactions
sean at twistedmatrix.com
Tue Feb 18 22:52:01 EST 2003
The twisted enterprise was in use for an on-line game development project at
Ninjaneering (http://www.ninjaneering.com) and I was the primary user, but
unfortunately, I am no longer at that company and future of the project may
be going in a different direction.
I'd say the twisted.enterprise code is relatively solid at what it does, but
its functionality is only really useful in a limited set of circumstances.
There have been some discussions about extending its functionality, but I no
longer have any time to devote to it. So, there is definitely room for
Regarding the particular issue of quoting strings, I was not aware of a
database independant way of safely quoting strings when that code was
written - is that actually part of the DBAPI?
From: twisted-python-admin at twistedmatrix.com
[mailto:twisted-python-admin at twistedmatrix.com]On Behalf Of Federico Di
Sent: Tuesday, February 18, 2003 10:08 AM
To: Twisted Mailing List
Subject: [Twisted-Python] quoting strings in db transactions
i'm going through the twisted.enterprise python code and i find almost
everywhere commens as:
Make a string safe to include in an SQL statement
Escape a string for use in an SQL statement.
imho, this is plain wrong. twisted uses dbapi compliant adapters and
they *should* provide safe argument quoting (as per DBAPI-2.0.) it is
almost impossible to manage the quoting the right way for every db
adapter, but it is possible to call the driver the right way and let it
do the quoting.
or did i missed something?
also, how much mature is the enterprise code? it is a stable API or
there is space for contributions?
Federico Di Gregorio
Debian GNU/Linux Developer fog at debian.org
INIT.D Developer fog at initd.org
Mi piace schioccare la lingua fortemente.
-- Maria Luisa Benedetta Panzani
More information about the Twisted-Python