{"id":24645,"library":"sqlescapy","title":"sqlescapy","description":"sqlescapy is a Python library for escaping SQL special characters and quotes in strings. The latest version is 1.0.1, which supports Python >=2.7. It is a lightweight, single-function library with no dependencies. No major changes or breaking changes have been observed; it has been in maintenance mode with infrequent updates.","status":"maintenance","version":"1.0.1","language":"python","source_language":"en","source_url":"https://github.com/elouajib/sqlescapy","tags":["sql","escape","security","database"],"install":[{"cmd":"pip install sqlescapy","lang":"bash","label":"Install sqlescapy"}],"dependencies":[],"imports":[{"note":"The correct function name is 'sqlescape', not 'escape'.","wrong":"from sqlescapy import escape","symbol":"escape","correct":"from sqlescapy import sqlescape"}],"quickstart":{"code":"from sqlescapy import sqlescape\n\n# Escape a string for use in SQL\nsafe_string = sqlescape(\"O'Brien\")\nprint(safe_string)  # Output: O\\'Brien\n\n# Also handles backslashes and other special characters\nprint(sqlescape(\"test\\\\value\"))  # Output: test\\\\value\n","lang":"python","description":"Import sqlescape and use it to escape potentially dangerous characters in SQL string literals."},"warnings":[{"fix":"Use 'from sqlescapy import sqlescape'.","message":"The function is called 'sqlescape', not 'escape'. Many users mistakenly import 'escape' and get an ImportError.","severity":"gotcha","affected_versions":"all"},{"fix":"Use parameterized statements (e.g., with database drivers) as the primary defense against SQL injection.","message":"sqlescapy only escapes single quotes and backslashes. It does NOT prevent all SQL injection; parameterized queries are still recommended.","severity":"gotcha","affected_versions":"all"},{"fix":"Test thoroughly with your specific database character set, or consider using database-specific escaping functions.","message":"The library uses simple string replacement and may not handle all edge cases (e.g., Unicode, multibyte characters).","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-05-01T00:00:00.000Z","next_check":"2026-07-30T00:00:00.000Z","problems":[{"fix":"Use: from sqlescapy import sqlescape","cause":"Incorrect import of 'escape' instead of the correct function name 'sqlescape'.","error":"ImportError: cannot import name 'escape' from 'sqlescapy'"},{"fix":"Import and call sqlescapy.sqlescape().","cause":"Trying to call sqlescapy.escape() when the function is sqlescapy.sqlescape().","error":"AttributeError: module 'sqlescapy' has no attribute 'escape'"}],"ecosystem":"pypi","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}