def do_update(database=None): """Perform databse update.""" # Pick up the database credentials creds = get_db_creds(database) # If we couldn't find corresponding credentials, throw a 404 if not creds: msg = "Unable to find credentials matching {0}." return {"ERROR": msg.format(database)}, 404 # Prepare the database connection app.logger.debug("Connecting to %s database (%s)" % ( database, request.remote_addr)) db = Connection(**creds) # See if we received a query sql = request.form.get('sql') if not sql: sql = request.args.get('sql') if not sql: return {"ERROR": "SQL query missing from request."}, 400 # If the query has a percent sign, we need to excape it if '%' in sql: sql = sql.replace('%', '%%') # Attempt to run the query try: app.logger.info("%s attempting to run \" %s \" against %s database" % ( request.remote_addr, sql, database)) results = db.update(sql) app.logger.info(results) except Exception, e: return {"ERROR": ": ".join(str(i) for i in e.args)}, 422
def do_update(database=None): # Pick up the database credentials # app.logger.warning("%s requesting access to %s database" % ( # request.remote_addr, database)) creds = get_db_creds(database) # If we couldn't find corresponding credentials, throw a 404 if not creds: return {"ERROR": "Unable to find credentials matching %s." % database} abort(404) # Prepare the database connection app.logger.debug("Connecting to %s database (%s)" % ( database, request.remote_addr)) db = Connection(**creds) # See if we received a query sql = request.form.get('sql') if not sql: sql = request.args.get('sql') if not sql: return {"ERROR": "SQL query missing from request."} # If the query has a percent sign, we need to excape it if '%' in sql: sql = sql.replace('%', '%%') # Attempt to run the query try: app.logger.info("%s attempting to run \" %s \" against %s database" % ( request.remote_addr, sql, database)) results = db.update(sql) app.logger.info(results) except Exception, e: return {"ERROR": ": ".join(str(i) for i in e.args)}