API tools faq
paste
Advertisement
AceScottie

sql_dictionarybuilder.py

AceScottie
Jan 7th, 2020
403
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.47 KB | None | 0 0
raw download clone embed print report
  1. def sql_insert(self, table="", uptype="INSERT", sqldict={}, filters={}):
  2.         self.states['Activity'] = 1
  3.         fil=""
  4.         if len(filters) > 0:
  5.             fil += "where "
  6.             for key, value in filters.items():
  7.                 fil += "%s = '%s' and " %(key, value)
  8.             fil = fil[0:-4]
  9.         if uptype == "INSERT":
  10.             cols = [None] * len(sqldict)
  11.             row = [None] * len(sqldict)
  12.             i = 0
  13.             for key, value in sqldict.items():
  14.                 cols[i] = key
  15.                 if value != "NULL" and value != None:
  16.                     row[i] = "'%s'" %self.sf.safe_var(str(value))
  17.                 else:
  18.                     row[i] = "NULL"
  19.                 i+=1
  20.             columns = ''', '''.join(cols)
  21.             data = ', '.join(row)
  22.             query = '''INSERT INTO %s ( %s ) VALUES ( %s ) %s;''' % (table, columns, data, fil)
  23.         elif uptype == "UPDATE":
  24.             updates = ""
  25.             for key, value in sqldict.items():
  26.                 if value != "NULL" and value != None:
  27.                     updates += "%s = '%s', " %(key, self.sf.safe_var(str(value)))
  28.                 else:
  29.                     updates += "%s = NULL, " %key
  30.             if updates != "":
  31.                 updates = updates[0:-2]
  32.             query = '''UPDATE %s SET %s %s;''' % (table, updates, fil)
  33.         elif uptype == "DELETE":
  34.             query = '''DELETE FROM %s %s;''' % (table, fil)
  35.         return query
  36.  
  37. class SafeVars:
  38.     def __init__(self):
  39.         self.strtype = type("test")
  40.         self.inttype = type(0)
  41.         self.datetype = type(datetime.now())
  42.     def safe_var(self, userinput):
  43.         if type(userinput) == self.strtype:
  44.             output = self.safe_string(userinput)
  45.         elif type(userinput) == self.inttype:
  46.             output = self.safe_int(userinput)
  47.         elif type(userinput) == self.datetype:
  48.             output = self.safe_date(userinput)
  49.         else:
  50.             output = userinput
  51.         return output
  52.     def decode_vars(self, userinput):
  53.         if type(userinput) == self.strtype:
  54.             userinput = userinput.encode().decode('unicode-escape')
  55.             #userinput = userinput.encode().decode('unicode-escape')
  56.             output = userinput.encode("latin1").decode("UTF-8")
  57.         elif type(userinput) == self.inttype:
  58.             output = self.safe_int(userinput)
  59.         elif type(userinput) == self.datetype:
  60.             output = self.safe_date(userinput)
  61.         else:
  62.             output = userinput
  63.         return output
  64.     def safe_string(self, userinput):
  65.         output = str(userinput)
  66.         output = output.encode('UTF-8')
  67.         output =  str(output).replace("\\\\", "")[2:-1].replace("\\x", "\\\\x")
  68.         output = output.replace("\\'", "'")
  69.         output = output.replace('"', '\\\\\\"')
  70.         output = output.replace("'", "\\\\\\'")
  71.         return output
  72.     def safe_int(self, userinput):
  73.         output = userinput
  74.  
  75.         return output
  76.     def safe_date(self, userinput):
  77.         return userinput
  78.         pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!