1. Python / Говнокод #24297

    0

    1. 01
    2. 02
    3. 03
    4. 04
    5. 05
    6. 06
    7. 07
    8. 08
    9. 09
    10. 10
    11. 11
    12. 12
    13. 13
    14. 14
    15. 15
    16. 16
    17. 17
    18. 18
    19. 19
    20. 20
    21. 21
    22. 22
    23. 23
    24. 24
    25. 25
    26. 26
    27. 27
    28. 28
    29. 29
    30. 30
    31. 31
    def sql_select_filter(sql, flt, order=None, limit=None, offset=None, group_by=None, lock=None, withSelectWrapper=True):
        if withSelectWrapper and group_by is None:
            if re.search(r'^\s*select\s+', sql, flags=re.IGNORECASE | re.MULTILINE):
                sql = "SELECT * FROM ( " + sql + " ) as z99 "
            else:
                sql = "SELECT * FROM " + sql + " "
        sql = sql.replace("%", '%%')
    
        where, vals = _make_where_conditions(flt)
    
        if where is not None:
            sql += " WHERE " + where
    
        if group_by is not None and len(group_by):
            sql += " GROUP BY " + ",".join(group_by)
    
        if order is not None and len(order):
            order_fields = []
            for field, direction in order.items():
                order_fields.append(field + " " + direction)
            sql += " ORDER BY " + ",".join(order_fields)
        if limit is not None:
            sql += " LIMIT %s"
            vals.append(limit)
        if offset is not None:
            sql += " OFFSET %s"
            vals.append(offset)
        if lock is not None:
            sql += " FOR " + lock
    
        return sql, vals

    Конструктор SQL запроосов, все очень секурно!

    Запостил: agent-0007, 21 Мая 2018

    Комментарии (19) RSS

    Добавить комментарий