path: root/python-sqlescapy.spec

%global _empty_manifest_terminate_build 0
Name:		python-sqlescapy
Version:	1.0.1
Release:	1
Summary:	Python module to escape SQL special characters and quotes in strings
License:	MIT License
URL:		https://github.com/elouajib/sqlescapy
Source0:	https://mirrors.aliyun.com/pypi/web/packages/43/bb/d5077ee1599474af84393bc000212d2aa29e846e10044c4a5eb0813f2339/sqlescapy-1.0.1.tar.gz
BuildArch:	noarch


%description
Python module to escape SQL special characters and quotes in strings

install:
`pip install sqlescapy`

Assuming `dangerous_input` is a variable coming from a user input, a bad actor can exploit it to start injecting your database.
```python
from sqlescapy import sqlescape

dangerous_input = "JhonWick'"

protected_raw_statement = "\"foo_table\".username='%s'" % sqlescape(dangerous_input)

protected_query = """

SELECT "foo_table".*, "bar_table".*
FROM "foo_table", "bar_table"
WHERE "foo_table".id = "bar_table".id
      AND %s
""" % protected_raw_statement

```




%package -n python3-sqlescapy
Summary:	Python module to escape SQL special characters and quotes in strings
Provides:	python-sqlescapy
BuildRequires:	python3-devel
BuildRequires:	python3-setuptools
BuildRequires:	python3-pip
%description -n python3-sqlescapy
Python module to escape SQL special characters and quotes in strings

install:
`pip install sqlescapy`

Assuming `dangerous_input` is a variable coming from a user input, a bad actor can exploit it to start injecting your database.
```python
from sqlescapy import sqlescape

dangerous_input = "JhonWick'"

protected_raw_statement = "\"foo_table\".username='%s'" % sqlescape(dangerous_input)

protected_query = """

SELECT "foo_table".*, "bar_table".*
FROM "foo_table", "bar_table"
WHERE "foo_table".id = "bar_table".id
      AND %s
""" % protected_raw_statement

```




%package help
Summary:	Development documents and examples for sqlescapy
Provides:	python3-sqlescapy-doc
%description help
Python module to escape SQL special characters and quotes in strings

install:
`pip install sqlescapy`

Assuming `dangerous_input` is a variable coming from a user input, a bad actor can exploit it to start injecting your database.
```python
from sqlescapy import sqlescape

dangerous_input = "JhonWick'"

protected_raw_statement = "\"foo_table\".username='%s'" % sqlescape(dangerous_input)

protected_query = """

SELECT "foo_table".*, "bar_table".*
FROM "foo_table", "bar_table"
WHERE "foo_table".id = "bar_table".id
      AND %s
""" % protected_raw_statement

```




%prep
%autosetup -n sqlescapy-1.0.1

%build
%py3_build

%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
	find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
	find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
	find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
	find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
	find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .

%files -n python3-sqlescapy -f filelist.lst
%dir %{python3_sitelib}/*

%files help -f doclist.lst
%{_docdir}/*

%changelog
* Thu Jun 08 2023 Python_Bot <Python_Bot@openeuler.org> - 1.0.1-1
- Package Spec generated