tags:

views:

156

answers:

2
+2  Q: 

python adds "E" to string

This string:

"CREATE USER %s PASSWORD %s", (user, pw)

always gets expanded to:

CREATE USER E'someuser' PASSWORD E'somepassword'

Can anyone tell me why?

Edit: The expanded string above is the string my database gives me back in the error message. I'm using psycopg2 to access my postgres database. The real code looks like this:

conn=psycopg2.connect(user=adminuser, password=adminpass, host=host)
cur = conn.cursor()

#user and pw are simple standard python strings the function gets as parameter
cur.execute("CREATE USER %s PASSWORD %s", (user, pw))
conn.commit()
+4  A: 

Not only the E but the quotes appear to come from whatever type user and pw have. %s simply does what str() does, which may fall back to repr(), both of which have corresponding methods __str__ and __repr__. Also, that isn't the code that generates your result (I'd assumed there was a %, but now see only a comma). Please expand your question with actual code, types and values.

Addendum: Considering that it looks like SQL, I'd hazard a guess that you're seeing escape string constants, likely properly generated by your database interface module or library.

Yann Vernier  2010-08-01 13:48:29
You are right. I'm using Psycopg2 and this is the string my database gives me back as an error. I'm going to put the actual code in the question now.
Kai  2010-08-01 15:12:41
It would appear the problem is %s is used for data fields, and a user name in [CREATE USER](http://www.postgresql.org/docs/8.2/interactive/sql-createrole.html) appears to be an identifier - so a string literal won't work there. Psycopg2 does not appear to have any validation or quoting functions for such identifiers.
Yann Vernier  2010-08-01 15:56:36
[Relevant psycopg discussion.](http://lists.initd.org/pipermail/psycopg/2009-March/thread.html#6344)
Yann Vernier  2010-08-01 16:02:27
+4  A: 

As the OP's edit reveals he's using PostgreSQL, the docs for it are relevant, and they say:

PostgreSQL also accepts "escape" string constants, which are an extension to the SQL standard. An escape string constant is specified by writing the letter E (upper or lower case) just before the opening single quote, e.g. E'foo'.

In other words, psycopg is correctly generating escape string constants for your strings (so that, as the docs also say:

Within an escape string, a backslash character () begins a C-like backslash escape sequence, in which the combination of backslash and following character(s) represents a special byte value.

(which as it happens are also the escape conventions of non-raw Python string literals).

The OP's error clearly has nothing to do with that, and, besides the excellent idea of studying PostgreSQL's excellent docs, he should not worry about that E'...' form in this case;-).

Alex Martelli  2010-08-01 15:39:11
I just read that by myself. So the string is correct, but why does my postgres server give it back to me with a syntax error at the E?
Kai  2010-08-01 16:18:10
@Kai, maybe you're using an obsolete version of PgSQL? Or perhaps @Yann's comments on the other answer are right and you need an identifier, _not_ a quoted string at all, in `CREATE USER` (in which case you'll have to insert it by string manipulation, before the `execute`, to avoid the escaping -- be sure to **check** it very thoroughly against SQL injections attacks of course!!!-).
Alex Martelli  2010-08-01 16:28:11
Looks like Yann's comment is right. Don't like this but at the moment I don't need to handle user generated values in these statements. So i will just use the standard python string manipulations. Still, I don't like it ;)
Kai  2010-08-01 16:41:40

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python