Escape parameters to the connection strings as required by PQconnectdb

author: Daniele Varrazzo <daniele.varrazzo@gmail.com> 2011-11-17 21:19:01 +0000
committer: Daniele Varrazzo <daniele.varrazzo@gmail.com> 2011-11-17 21:51:24 +0000
commit: 625cc1b402b33799757fb9b8fe421a2ea63e1236 (patch)
tree: 5df1ce82092b1344a7ad2770d425823eda23ebaa /lib
parent: 99ac79511cc69b3c16eb63044ede9f54ea852455 (diff)
download: psycopg2-625cc1b402b33799757fb9b8fe421a2ea63e1236.tar.gz
1 files changed, 20 insertions, 1 deletions
diff --git a/lib/__init__.py b/lib/__init__.py
index 7676f3c..f42d081 100644
--- a/lib/__init__.py
+++ b/lib/__init__.py
@@ -97,6 +97,24 @@ else:
     _ext.register_adapter(Decimal, Adapter)
     del Decimal, Adapter
 
+import re
+
+def _param_escape(s,
+        re_escape=re.compile(r"([\\'])"),
+        re_space=re.compile(r'\s')):
+    """
+    Apply the escaping rule required by PQconnectdb
+    """
+    if not s: return "''"
+
+    s = re_escape.sub(r'\\\1', s)
+    if re_space.search(s):
+        s = "'" + s + "'"
+
+    return s
+
+del re
+
 
 def connect(dsn=None,
         database=None, user=None, password=None, host=None, port=None,
@@ -147,7 +165,8 @@ def connect(dsn=None,
 
         items.extend(
             [(k, v) for (k, v) in kwargs.iteritems() if v is not None])
-        dsn = " ".join(["%s=%s" % item for item in items])
+        dsn = " ".join(["%s=%s" % (k, _param_escape(str(v)))
+            for (k, v) in items])
 
         if not dsn:
             raise InterfaceError('missing dsn and no parameters')
author	Daniele Varrazzo <daniele.varrazzo@gmail.com>	2011-11-17 21:19:01 +0000
committer	Daniele Varrazzo <daniele.varrazzo@gmail.com>	2011-11-17 21:51:24 +0000
commit	625cc1b402b33799757fb9b8fe421a2ea63e1236 (patch)
tree	5df1ce82092b1344a7ad2770d425823eda23ebaa /lib
parent	99ac79511cc69b3c16eb63044ede9f54ea852455 (diff)
download	psycopg2-625cc1b402b33799757fb9b8fe421a2ea63e1236.tar.gz