This project is archived and is in readonly mode.
Support for bind parameters in copy_expert()
Reported by Giles Brown | February 3rd, 2011 @ 04:56 PM
I'm working on something that uses copy_to/copy_expert to fetch query results into a file, but I'd like to be able to pass bind parameters so that I can feel comfortable about avoiding SQL injection problems in generating the query.
Comments and changes to this ticket
-
Daniele Varrazzo February 3rd, 2011 @ 09:10 PM
- Tag set to “copy, feature”
You can use mogrify to generate the query safely.
http://initd.org/psycopg/docs/cursor.html#cursor.mogrify
I'd rather avoid complicating further the copy area. The copy methods already have a quite complex interface.
-
Daniele Varrazzo February 15th, 2011 @ 11:29 PM
- State changed from “new” to “invalid”
Closing the ticket for the above motivation. If you feel something better should be done please discuss on the mailing list. Thank you very much.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
<b>WARNING:</b> the informations in this tracker are archived. Please submit new tickets or comments to <a href="https://github.com/psycopg/psycopg2/issues">the new tracker</a>.
<br/>
Psycopg is the most used PostgreSQL adapter for the Python programming language. At the core it fully implements the Python DB API 2.0 specifications. Several extensions allow access to many of the features offered by PostgreSQL.
Daniele Varrazzo
Giles Brown