Mercurial > hg > ChinaGisRestApi

changeset 275:eb8a18f94d2d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix some insufficient quoting and other problems.
author casties
date Thu, 23 Feb 2012 21:13:21 +0100
parents 9b7db308d2e6
children 55bc9972fb1b
files RestDbGisApi.py
diffstat 1 files changed, 12 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/RestDbGisApi.py	Thu Feb 23 08:35:26 2012 +0100
+++ b/RestDbGisApi.py	Thu Feb 23 21:13:21 2012 +0100
@@ -150,11 +150,11 @@
     
     # TODO: move this
     def getAttributeNames(self,schema='public',table=None):   
-        return self.executeSQL("SELECT attname FROM pg_attribute, pg_class WHERE pg_class.oid = attrelid AND attnum>0 AND relname = '%s';"%(table))
+        return self.executeSQL("SELECT attname FROM pg_attribute, pg_class WHERE pg_class.oid = attrelid AND attnum>0 AND relname = %s", (table))
 
     # TODO: move this
     def getAttributeTypes(self,schema='public',table=None):   
-        return self.executeSQL("SELECT field_name, gis_type FROM public.gis_table_meta_rows WHERE table_name = '%s';"%(table))
+        return self.executeSQL("SELECT field_name, gis_type FROM public.gis_table_meta_rows WHERE table_name = %s", (table))
          
     # TODO: move back to inherited version
     def showTable(self,format='XML',schema='public',table=None,REQUEST=None,RESPONSE=None):
@@ -205,7 +205,7 @@
         attrString=""
  #        try:
         for name in attrNames['rows']:
-              logging.debug("name: ", name[0])
+              logging.debug("name: %s"%name[0])
               not_added=True
               if name[0] == "the_geom":                        #FJK: the table column is "the_geom"
                      attrString=attrString+"ST_AsText("+name[0]+"),"
@@ -213,9 +213,9 @@
                      break
               for a_iter in attrTypes['rows']:
                  not_added = True
-                 logging.debug("attrTypes.field_name: ", a_iter[0])
+                 logging.debug("attrTypes.field_name: %s"%a_iter[0])
                  if a_iter[0]==name[0]:            
-                     logging.debug("attrTypes.gis_type: ", a_iter[1])            
+                     logging.debug("attrTypes.gis_type: %s"%a_iter[1])            
                      if a_iter[1] == "the_geom":                        #FJK: the table column is registered in gis_table_meta_rows as type "the_geom"
                          attrString=attrString+"ST_AsText("+name[0]+"),"
                          not_added=False
@@ -224,11 +224,11 @@
                       attrString=attrString+name[0]+","
         attrString=str(attrString).rsplit(",",1)[0] #to remove last ","
         if sortBy:
-            data = self.executeSQL('select %s from "%s"."%s" order by %s'%(attrString,schema,table,sortBy))
+            data = self.executeSQL('select %s from "%s"."%s" order by %%s'%(attrString,sqlName(schema),sqlName(table)),(sortBy,))
         else:
-            data = self.executeSQL('select %s from "%s"."%s"'%(attrString,schema,table))
+            data = self.executeSQL('select %s from "%s"."%s"'%(attrString,sqlName(schema),sqlName(table)))
  #       except:
-            """ table does not exist """
+ #           """ table does not exist """
  #           fields=self.get
   #          self.createEmptyTable(schema, table, fields)
         return data
@@ -245,7 +245,7 @@
         if colorField is None:
             colorField="red"
         # Mapping a set of points from table-based SQL-query:
-        qstr='SELECT * FROM "%s"."%s"'%(schema,table)
+        qstr='SELECT * FROM "%s"."%s"'%(sqlName(schema),sqlName(table))
         idList = None
         if ids is not None:
             qstr += ' WHERE '
@@ -291,16 +291,16 @@
             if len(geocolumn_res['rows'])>0:
                 geocolumn=geocolumn_res['rows'][0][0]
                 try:
-                    geomstr="select astext(st_simplify(transform(%s,4326),0.05)) from %s.%s"%(geocolumn,schema,table) # the string variables have to be added here and not in executeSQL!
+                    geomstr="select astext(st_simplify(transform(%s,4326),0.05)) from %s.%s"%(geocolumn,sqlName(schema),sqlName(table)) # the string variables have to be added here and not in executeSQL!
                     geomdata=self.executeSQL(geomstr)
                     teststr=geomdata.values()[1][0]
                     if (teststr == (u'MULTIPOLYGON EMPTY',)):
-                        geomstr="select astext(st_simplify(transform(%s,4326),0.05)) from %s.%s"%(geocolumn,schema,table) # the string variables have to be added here and not in executeSQL!
+                        geomstr="select astext(st_simplify(transform(%s,4326),0.05)) from %s.%s"%(geocolumn,sqlName(schema),sqlName(table)) # the string variables have to be added here and not in executeSQL!
                         geomdata=self.executeSQL(geomstr)
     
                 except:
                     try:
-                        geomstr="select chgis.astext(chgis.st_simplify(chgis.transform(%s,4326),0.05)) from %s.%s"%(geocolumn,schema,table) # the string variables have to be added here and not in executeSQL!
+                        geomstr="select chgis.astext(chgis.st_simplify(chgis.transform(%s,4326),0.05)) from %s.%s"%(geocolumn,sqlName(schema),sqlName(table)) # the string variables have to be added here and not in executeSQL!
                         geomdata=self.executeSQL(geomstr)                
                     except:
                         geomdata=None