Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 1.1.9
    • 1.1.10
    • DBAPI 2.0
    • None
    • 3.11

    Description

      In Cursor._substitute_parameters, double quotes are used unconditionally to quote strings. Single quotes should be used instead, preferably via mysql_real_escape_string_quote for compatibility with NO_BACKSLASH_ESCAPES.

      Attachments

        Activity

          georg Georg Richter added a comment -

          Thanks for your report. Can you please provide a short reproducible example?

          georg Georg Richter added a comment - Thanks for your report. Can you please provide a short reproducible example?
          hvenev Hristo Venev added a comment -

          On a database with sql-mode=TRADITIONAL,ANSI_QUOTES,ONLY_FULL_GROUP_BY,PIPES_AS_CONCAT:

          import mariadb
           
          with mariadb.connect() as conn, conn.cursor(binary=False) as cur:
              cur.execute('select ? as x', ('hi',))
              print(cur.fetchall())
          

          Setting binary=True works around the issue, but the default binary=False is broken.

          hvenev Hristo Venev added a comment - On a database with sql-mode=TRADITIONAL,ANSI_QUOTES,ONLY_FULL_GROUP_BY,PIPES_AS_CONCAT: import mariadb   with mariadb.connect() as conn, conn.cursor(binary = False ) as cur: cur.execute( 'select ? as x' , ( 'hi' ,)) print (cur.fetchall()) Setting binary=True works around the issue, but the default binary=False is broken.

          People

            georg Georg Richter
            hvenev Hristo Venev
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.