A good way to escape quotes in a database query string?

Question

I’ve tried all manner of Python modules and they either escape too much or in the wrong way.
What’s the best way you’ve found to escape quotes (“, ‘) in Python?

Asked By: Jonathan Prior

||

Source

Answer 1

Answer #1:

If it’s part of a Database query you should be able to use a Parameterized SQL Statement.

As well as escaping your quotes, this will deal with all special characters and will protect you from SQL injection attacks.

Answered By: Dave Webb

Answer 2

Answer #2:

Use json.dumps.

>>> import json

>>> print json.dumps('a"bc')

"a"bc""
Share this:
Facebook
Tweet
WhatsApp
Related posts:
How do I access dictionary keys that contain hyphens from within a Django template?
Why is the command bound to a Button or event executed when declared?
How do you change the value of one attribute by changing the value of another? (dependent attributes)

A good way to escape quotes in a database query string?

Question :

Answer #1:

Answer #2:

Leave a Reply Cancel reply