I have to create JSON string from database values and push it back to database again. My Python code is:
json = "{"
for row in cursor_mysql:
#mainkey = row[0]
#name = row[1]
#value = row[2]
mainkey = """" " \n \ / """ #for testing only
name = """ {} " \r \t """ #for testing only
value = """ ' " \ & """ #for testing only
json += """"%s":{"name":"%s","value":"%s"},""" % (re.escape(mainkey), re.escape(name), re开发者_JS百科.escape(value))
json = json[:-1]
json += "}"
#print json
query = """UPDATE table SET json = '%s' WHERE id = '%d' RETURNING id""" % (json, rowId)
cursor_postgres.execute(query)
conn_postgres.commit()
insertId = cursor_postgres.fetchone()[0]
This code works great when there are no malicious characters around. However, it doesn't work when sprinkled with non-alphanumeric values, as in the test cases above.
The bad JSON making it to my db is:
{
"""
\ / ": {
"name": " {} "","value":"'" "
},
"""
\ / ": {
"name": " {} "","value":"'" "
}
}
How to sanitize the string, so that when deserialized the json output is same as input?
import json
data = json.dumps(BIG_STRUCTURE_GOES_HERE)
query = """UPDATE table SET json = %s WHERE id = %s RETURNING id"""
cursor_postgres.execute(query, (data, rowId))
conn_postgres.commit()
http://docs.python.org/library/json.html
http://pypi.python.org/pypi/simplejson/
django.utils.simplejson
Simply use the json library:
import json
mainkey = """" " \n \ / """ #for testing only
name = """ {} " \r \t """ #for testing only
value = """ ' " \ & """ #for testing only
d = {mainkey: {"name": name, "value": value}}
jsonValue = json.dumps(d)
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论