sanitize – Validation functions for combatting security issues¶
Validation functions for combatting security issues.
- solutions.sanitize.is_ascii(s: str)[source]¶
Return true if all characters in s are ascii characters.
- solutions.sanitize.is_identifier(s: str)[source]¶
Return true if s is an identifier.
This means that s must be a non-empty string of (ascii) letters, digits, and underscore
_
, not starting with a digit.
- solutions.sanitize.quote_mysql_identifier(name: str)[source]¶
Return database object name quoted.
It is possible to use all characters in MySQL names for tables, columns, etc., including backtick, so one must be careful when creating queries with unknown column names.
This method is conservative and raises an exception if name might not be valid for all databases. (One can also quote MySQL identifiers by doubling any backtick characters.)
- solutions.sanitize.quote_mysql_identifier_relaxed(name: str)[source]¶
Return database object name quoted.
The Solutions database contains column names that include spaces (and worse), so this function is necessary until the relevant tables are removed.