def _format_direct(value: typing.Text, context: types.Context):
"The string is short and has no newlines in it."
if len(value) > context.remaining_line_length:
raise StrategyFailureError("Value length is {} which is longer than context max line length of {}".format(len(value), context.remaining_line_length))
result = value.replace("\t", r"\t").replace("\n", r"\n")
return "{quote}{result}{quote}".format(
quote=context.quote,
result=result,
)
def escapeIdentifier(identifier: typing.Text) -> typing.Text:
"""Escapes an SQLite Identifier, e.g. a column name.
This will prevent SQLite injections, and column names being incorrectly
classified as string literal values.
Mixing up the quotes (ie using ' instead of ")
can cause unexpected behaviour,
since SQLite guesses whether something is a column-name or a variable.
Args:
identifier: The identifier that you want to escape, ie the column name.
Returns:
The escaped identifier for using in an SQLite Statement String.
"""
# escapes all " with "" and adds " at the beginning/end
return '"{}"'.format(identifier.replace('"', '""'))
