On 05/06/2015 01:56 PM, Ludovic Gasc wrote:
> Hi,
>
> I want to sanitize the name of the schema in a SQL query, because the
> schema name depends on the client.
So you are talking about schema qualifying objects(tables, functions,
etc) in a query, correct?
Using search_path does not work?
>
> The issue is that I can't sanitize the name via the standard way of
> psycopg2, because it adds quotes around schema name.
What is the standard way?
Not sure I understand what quotes have to do with it?
>
> I imagine it's the same issue with a table name. Do you have a
> suggestion to bypass that ?
Can you provide an code example of what you are trying to do?
>
> For now, the most secure way I've found is to test the presence of the
> schema before launch each query, but not really efficient.
>
> Regards.
> --
> Ludovic Gasc (GMLudo)
> http://www.gmludo.eu/
--
Adrian Klaver
adrian.klaver@aklaver.com