[Zope] \'s in ZSQL methods with Postgresql
Casey Duncan
cduncan@kaivo.com
Fri, 04 May 2001 09:03:26 -0600
"Mayers, Philip J" wrote:
>
> This:
>
> update tb1 set cl1=<dtml-sqlvar val1 type=nb>,who=<dtml-sqlvar
> "REQUEST.AUTHENTICATED_USER">,time=now()
>
> Called with:
>
> sqlmethod(val1='\')
>
> Fails with:
>
> Error Type: ProgrammingError
> Error Value: ERROR: parser: parse error at or near "loginname" update tb1
> set cl1='\',who='loginname',time=now()
>
> Clearly the \ needs to be escaped. Is this Postgres specific? If so, why
> isn't the DA (ZPsycopg) quoting it? Running Zope 2.3.2
>
> Regards,
> Phil
>
Yes, the error is coming from postgres. In theory the sqlvar tag should
be dealing with this (it should be escaping '\' as '\\'). My hunch is
that it is a bug in the DA so it is not telling sqlvar how to properly
quote it.
--
| Casey Duncan
| Kaivo, Inc.
| cduncan@kaivo.com
`------------------>