Message72729
I tried passing the db name as a parameter with '?', it doesn't always
work. Also, there shouldn't be any SQL injection issues here unless
someone designed their system wrong (if a third party is allowed to pass
the name of a db table into the open/create function, then they can do
much worse than mangle or hide data in a sqlite database).
With regards to isinstance being better than type; it's only better if
you want to support subclasses. When writing the module, I had no
interest in supporting subclasses (though supporting both str and buffer
in 2.x, and bytes and memoryview in 3.x seems reasonable). |
|
Date |
User |
Action |
Args |
2008-09-07 03:34:23 | josiahcarlson | set | recipients:
+ josiahcarlson, skip.montanaro, rhettinger, gregory.p.smith, jcea, pitrou, gregburd |
2008-09-07 03:34:23 | josiahcarlson | set | messageid: <1220758463.44.0.775831399012.issue3783@psf.upfronthosting.co.za> |
2008-09-07 03:34:22 | josiahcarlson | link | issue3783 messages |
2008-09-07 03:34:21 | josiahcarlson | create | |
|