def getquoted(self):
# this is the important line: note how every object in the
# list is adapted and then how getquoted() is called on it
qobjs = [str(psycoadapt(o).getquoted()) for o in self._seq]
return '(' + ', '.join(qobjs) + ')'
def getquoted(self):
# this is the important line: note how every object in the
# list is adapted and then how getquoted() is called on it
qobjs = [str(psycoadapt(o).getquoted()) for o in self._seq]
return '(' + ', '.join(qobjs) + ')'
def post(self, convo_id):
json_dict = request.get_json()
clean_sug = psycoadapt( json_dict['suggestion']).getquoted()
if validate_suggestion( clean_sug ) == True:
with get_db() as cur:
cur.execute("""INSERT INTO
suggestions( user_id, convo_id, suggestion )
SELECT %s,%s, %s RETURNING row_to_json(suggestions.*);""" %
( str(current_user.id), str(convo_id), clean_sug) )
cur.connection.commit()
res = cur.fetchone()
res[0]['username'] = current_user.username
return res[0], 201
else:
error_dict = dict()
error_dict['suggestion'] = ["Suggestions must be between 1 and 300 characaters."]
return jsonify(**error_dict)
def post(self):
json_dict = request.get_json()
data, errors = UserSchema().load( json_dict )
if bool(errors) is True:
return jsonify(**errors)
with get_db() as cur:
clean_username = psycoadapt( data['username']).getquoted()
user_exists = UserByName( clean_username )
if user_exists is not None:
error_dict = { 'username': ['Username is already being used.'] }
return jsonify(**error_dict)
password_hash = generate_password_hash( data['password'] )
cur.execute("INSERT INTO users(username, password) SELECT %s, \'%s\';" % (clean_username, password_hash) )
cur.connection.commit()
return '', 201
pass
def getquoted(self):
# this is the important line: note how every object in the
# list is adapted and then how getquoted() is called on it
qobjs = [str(psycoadapt(o).getquoted()) for o in self._seq]
return '(' + ', '.join(qobjs) + ')'
__str__ = getquoted
# add our new adapter class to psycopg list of adapters
register_adapter(tuple, SQL_IN)
register_adapter(float, AsIs)
register_adapter(int, AsIs)
# usually we would call:
#
# conn = psycopg.connect("...")
# curs = conn.cursor()
# curs.execute("SELECT ...", (("this", "is", "the", "tuple"),))
#
# but we have no connection to a database right now, so we just check
# the SQL_IN class by calling psycopg's adapt() directly:
if __name__ == '__main__':
print("Note how the string will be SQL-quoted, but the number will not:")
print(psycoadapt(("this is an 'sql quoted' str\\ing", 1, 2.0)))
pass
def getquoted(self):
# this is the important line: note how every object in the
# list is adapted and then how getquoted() is called on it
qobjs = [str(psycoadapt(o).getquoted()) for o in self._seq]
return '(' + ', '.join(qobjs) + ')'
__str__ = getquoted
# add our new adapter class to psycopg list of adapters
register_adapter(tuple, SQL_IN)
register_adapter(float, AsIs)
register_adapter(int, AsIs)
# usually we would call:
#
# conn = psycopg.connect("...")
# curs = conn.cursor()
# curs.execute("SELECT ...", (("this", "is", "the", "tuple"),))
#
# but we have no connection to a database right now, so we just check
# the SQL_IN class by calling psycopg's adapt() directly:
if __name__ == '__main__':
print "Note how the string will be SQL-quoted, but the number will not:"
print psycoadapt(("this is an 'sql quoted' str\\ing", 1, 2.0))
def _pg_escape_term(term): if term==None: return None return psycoadapt(Searcher._pg_wrap_multiword_term(term)).getquoted()
def escape(self, s):
if isinstance(s, unicode):
s = s.encode('utf-8')
return '%s' % psycoadapt(str(s))
