The Patches for Non-standard SQLs

If you are using MySQL or SQLite, you will need one of the patches here. Just import them.

For MySQL — mosql.mysql

It applies the MySQL-specific stuff to mosql.util.

The usage:

import mosql.mysql

If you want to patch again:

mosql.mysql.patch()

It will replace the functions in mosql.util with its functions.

mosql.mysql.delimit_identifier(s)[source]

It encloses the identifier, s, by ` (back-quote).

mosql.mysql.escape(s)[source]

This function escapes the s into a executable SQL.

>>> print(escape('\0\n\r\\\'\"\x1A\b\t'))
\0\n\r\\\'\"\Z\b\t
>>> tmpl = "select * from person where person_id = '%s';"
>>> evil_value = "' or true; --"
>>> print(tmpl % escape(evil_value))
select * from person where person_id = '\' or true; --';
mosql.mysql.escape_identifier(s)[source]

It escapes the ` (back-quote) in the identifier, s.

mosql.mysql.fast_escape(s)[source]

This function only escapes the \ (backslash) and ' (single-quote).

It is enough for security and correctness, and it is faster 50x than using the escape(), so it is used for replacing the mosql.util.escape() after you import this module.

mosql.mysql.format_param(s='')[source]

This function always returns '%s', so it makes you can use the prepare statement with MySQLdb.

mosql.mysql.patch()[source]

Applies the MySQL-specific functions again.

New in version 0.10.

For SQLite — mosql.sqlite

It applies the SQLite-specific stuff to mosql.util.

The usage:

import mosql.sqlite

If you want to patch again:

mosql.sqlite.patch()

It will replace the functions in mosql.util with its functions.

mosql.sqlite.format_param(s='')[source]

It formats the parameter of prepared statement.

mosql.sqlite.patch()[source]

Applies the SQLite-specific functions again.

New in version 0.10.

mosql.sqlite.stringify_bool(b)[source]

It stringifies the bool.

SQLite does not take TRUE and FALSE literals, only integers, so we return 1 and 0 instead.

Back to Standard — mosql.std

It applies the standard functions to mosql.util.

The usage:

import mosql.std

If you want to patch again:

mosql.std.patch()

It will replace the functions in mosql.util with original standard functions.

New in version 0.10.

mosql.std.patch()[source]

Applies the standard functions again.