Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conversions turns list into 'pseudo-tuple' #10

Closed
wryun opened this issue Jan 23, 2013 · 3 comments
Closed

Conversions turns list into 'pseudo-tuple' #10

wryun opened this issue Jan 23, 2013 · 3 comments
Labels
bug

Comments

@wryun
Copy link

wryun commented Jan 23, 2013

In converters.py, there are rules to take ListTypes and TupleTypes to MySQL literals (which are used when you pass a list as a parameter).

Unfortunately, the code that does this (escape_sequence) uses a Python tuple to produce the string for MySQL insertion, which is a bad idea when you have a single element list (producing things like ('1',) - i.e. invalid SQL). I'm worried that I'm not understanding the intent of this code properly, though, since the action for a DictType appears to be completely insane (at least in the cursor.execute context). Should I only be using 'sets' (where the appropriate join is run)?

Currently I'm working around this as follows:

def fixed_escape_sequence(o, d):
    if len(o) == 1:
        return '(%s)' % MySQLdb.converters.escape(o[0], d)
    else:
        return MySQLdb.converters.escape_sequence(o, d)
from copy import copy
conversions = copy(MySQLdb.converters.conversions)
conversions[types.ListType] = fixed_escape_sequence
conversions[types.TupleType] = fixed_escape_sequence

But it would be nicer if escape_sequence was fixed in the C code.
@wryun
Copy link
Author

wryun commented Jan 31, 2013

Ok, having thought about this, I assume the intent is to take a single list as a parameter and have it by processed by Python's internal formatting. I'm guessing this is something that will be changed in moist.

@wryun wryun closed this as completed Jan 31, 2013
@maraujop maraujop mentioned this issue Aug 28, 2013
Closed
@wryun
Copy link
Author

wryun commented Dec 7, 2013

To clarify my somewhat opaque earlier remark now that I understand this more (and this is referenced elsewhere): MySQLdb's db.literal function is strangely overloaded so that it tries to deal with both the initial list/dict argument in the execute (i.e. all the parameters) and the content inside the parameters. That is, list/dict conversions are intended to process the parameters, whereas all other converters do the actual escaping for MySQL.

This has the unfortunate effect that it 'almost' supports lists/tuples for escaping (but not quite). I assume the almost support is a bug - it should just fail - so I'll reopen this, since I think people need to know. Though I understand fixing would require significant reworking.

PS This is why people get the db to parameterise, folks...

@wryun wryun reopened this Dec 7, 2013
@wryun
Copy link
Author

wryun commented Dec 7, 2013

Just saw #36 . Excellent!

@wryun wryun closed this as completed Dec 7, 2013
@rmca rmca mentioned this issue Oct 24, 2014
Open
Pablito9422 pushed a commit to Pablito9422/python that referenced this issue May 8, 2024
@maraujop
Fix in MySQL converters for one item sequences
a37543b 
MySQLdb1 currently has a bug that produces incorrect SQL when dealing
with one item sequences, closed as wontfix.

This bug is reported in:
farcepest/MySQLdb1#10

Added a converter function that deals with one item sequences.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wryun