ansaurus

Question

psycopg2 equivalent of mysqldb.escape_string?

Answer 1

+1 A:

Psycopg2 doesn't have such a method. It has an extension for adapting Python values to ISQLQuote objects, and these objects have a getquoted() method to return PostgreSQL-compatible values.

See this blog for an example of how to use it: Quoting bound values in SQL statements using psycopg2

Bill Karwin 2010-09-29 16:40:25

Notice that the guy there is wrong: what he wants to do can be obtained using the `mogrify()` method (http://initd.org/psycopg/docs/cursor.html#cursor.mogrify)

piro 2010-10-06 10:15:55

Thanks @piro, that looks easier, though it is probably intended for using on full SQL expressions or queries, not just individual values to quote.

Bill Karwin 2010-10-06 15:42:22

Answer 2

+1 A:

Escaping is automatic, you just have to call:

cursor.execute("query with params %s %s", ("param1", "pa'ram2"))

(notice that the python % operator is not used) and the values will be correctly escaped.

You can escape manually a variable using extensions.adapt(var), but this would be error prone and not keep into account the connection encoding: it is not supposed to be used in regular client code.

piro 2010-10-06 10:06:21

ansaurus

tags:

views:

answers:

psycopg2 equivalent of mysqldb.escape_string?

related questions