Edgewall Software

Changes between Initial Version and Version 2 of Ticket #7988


Ignore:
Timestamp:
Jan 23, 2009, 9:09:34 AM (15 years ago)
Author:
Christian Boos
Comment:

made description readable

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #7988

    • Property Status newclosed
    • Property Resolutionworksforme

  • Ticket #7988 – Description

    initial v2  
    1 Function sql_escape_percent(sql) from module trac/db/util.py is escaping quite to much characters.
    2 It's automatically used when executing sql statements with cursor.execute() and it replaces every '%' (percent sign) with '%%'.
     1Function `sql_escape_percent(sql)` from module trac/db/util.py is escaping quite too many characters.
     2It's automatically used when executing sql statements with `cursor.execute()` and it replaces every '%' (percent sign) with '%%'.
    33But '%' is sql special sign used in 'like' clauses - for example:
    4 "SELECT oldvalue FROM ticket_change WHERE filed = 'comment' AND oldvalue LIKE '%.comment_number OR oldvalue = comment_number"
    5 which may be useful for gettnig comment from database by comment_number.
    6 When above statement is executed via cursor.execute("SELECT oldvalue FROM ticket_change WHERE filed = 'comment' AND oldvalue LIKE '%.comment_number OR oldvalue = comment_number") the percent sign is doubled so the really executed query is:
    7 "SELECT oldvalue FROM ticket_change WHERE filed = 'comment' AND oldvalue LIKE '%%.comment_number OR oldvalue = comment_number"
    8 which teoretically gives the same results but is somehow strange...
     4{{{
     5"SELECT oldvalue FROM ticket_change WHERE filed = 'comment' AND
     6oldvalue LIKE '%.comment_number OR oldvalue = comment_number"
     7}}}
     8which may be useful for getting comment from database by comment_number.
     9When above statement is executed via
     10{{{
     11cursor.execute("SELECT oldvalue FROM ticket_change WHERE filed =
     12 'comment' AND oldvalue LIKE '%.comment_number OR oldvalue =
     13 comment_number")
     14}}}
     15the percent sign is doubled so the really executed query is:
     16{{{
     17"SELECT oldvalue FROM ticket_change WHERE filed = 'comment' AND
     18oldvalue LIKE '%%.comment_number OR oldvalue = comment_number"
     19}}}
     20which theoretically gives the same results but is somehow strange...