Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n59N9-0002Dn-Tk for pgsql-interfaces@arkaria.postgresql.org; Wed, 05 Jan 2022 16:42:47 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1n59N8-0002e7-Ne for pgsql-interfaces@arkaria.postgresql.org; Wed, 05 Jan 2022 16:42:46 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1n59N8-0002dy-FL for pgsql-interfaces@lists.postgresql.org; Wed, 05 Jan 2022 16:42:46 +0000 Received: from mail-qt1-x831.google.com ([2607:f8b0:4864:20::831]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1n59N5-00027f-Tm for pgsql-interfaces@lists.postgresql.org; Wed, 05 Jan 2022 16:42:45 +0000 Received: by mail-qt1-x831.google.com with SMTP id y17so2106630qtx.9 for ; Wed, 05 Jan 2022 08:42:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=vwzAg9EuR1rpphiUJ8hh1NozbBkudlKKunNYbN+o9jU=; b=myvXb/0HZhP0rmNI6gea8yOj5dCvutyTgAtYbtf/vg+YrSwZu4GrQ6g+OaU8E/1CZT 5oE63jJw6f8D51va7mQMJPGYOCtRFPAErSDNfMaX9c483iO5KPWQqIObdK3vXdJOqW31 hIfwqWhel3Yp7o1Zjczf4xg3fItdiiRHPGy7vIHNFIu6IKSgr8i5JUmws/vFfqj3sb1o fEASgVvL1c5SOUWiqip3+BuPAbHCu0uim/PCU9MEOrSvbA7f18+/MVEuzs/nBR9+EkW7 xtFzoNjfaBL75p6fp242uPEi+WuglCbpeyY/YSYSChKqMbSjDXzgY/YO37m0eiidFh72 PTVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vwzAg9EuR1rpphiUJ8hh1NozbBkudlKKunNYbN+o9jU=; b=KiJ/M2OdITaBrKjQghT4uL9UeXYXnO2YoXJgCRS+hD9m6YtWM7uAvzxSlMYxCaIzpB Olo4LXPZWXLP4eqTR0jOap9Iy0oTwtTTagKdNNDfa6jv010vKKiEmZgaPYN5/Ob5S3mW 0fXBxH20+m/RQBGAhuJwUGMq2+Vw4chh10lG8reYKMcatCpfTcuAoTuZdY3M80iDme6P MQk3I0Z4YLzecTjVYKCFOcCXifnORinUSpa3z3+aVxm81Cm66/8GcFQVj0k5rzQDVBaE LF4w9JmXw2gu9sg4X1fptQDwmY4cBFmH8ok8uQeQtLxhbjvJXcCjNg6DiqQNjnzvJXyo tp3Q== X-Gm-Message-State: AOAM532x3g/YGOBct8FbazPsAEr7xKLLjakqVQMFHHhlSKaipafFKPlw cXTybbmPKjuxbdnI8nlqyU0XEBrAN/55cN8wyr37wVdTunA= X-Google-Smtp-Source: ABdhPJz8ruamGzfFmA7ikIswfJBHxcbFTzrZaxXDHRSE8DXCSavV8/RF/ydduZ1aRldK6FrLAmSdrtllhqknD7fubrY= X-Received: by 2002:a05:622a:ca:: with SMTP id p10mr49068352qtw.89.1641400962272; Wed, 05 Jan 2022 08:42:42 -0800 (PST) MIME-Version: 1.0 From: Les Date: Wed, 5 Jan 2022 17:42:31 +0100 Message-ID: Subject: psycopg3 - parameters cannot be used for DDL commands? To: pgsql-interfaces@lists.postgresql.org Content-Type: multipart/alternative; boundary="0000000000004a514805d4d871c5" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --0000000000004a514805d4d871c5 Content-Type: text/plain; charset="UTF-8" Example: Traceback (most recent call last): File "/usr/sbin/prepare_postgres", line 46, in pg_exec_postgres("ALTER USER postgres WITH PASSWORD %s", [POSTGRES_PASSWORD]) File "/opt/util.py", line 101, in pg_exec_postgres return pg_conn_postgres().execute(*args, **kwargs) File "/usr/local/lib/python3.9/dist-packages/psycopg/connection.py", line 722, in execute raise ex.with_traceback(None) psycopg.errors.SyntaxError: syntax error at or near "$1" LINE 1: ALTER USER postgres WITH PASSWORD $1 ^ PostgreSQL server log: 2022-01-05 17:35:25.831 CET [58] ERROR: syntax error at or near "$1" at character 35 2022-01-05 17:35:25.831 CET [58] STATEMENT: ALTER USER postgres WITH PASSWORD $1 Passwords can also contain special characters. If I can't use parameters to do this, then how should I quote them in a safe way? Thank you, Laszlo --0000000000004a514805d4d871c5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Example:

Traceback (most= recent call last):
=C2=A0 File "/usr/sbin/prepare_postgres"= , line 46, in <module>
=C2=A0 =C2=A0 pg_exec_postgres("ALTER = USER postgres WITH PASSWORD %s", [POSTGRES_PASSWORD])
=C2=A0 File &= quot;/opt/util.py", line 101, in pg_exec_postgres
=C2=A0 =C2=A0 ret= urn pg_conn_postgres().execute(*args, **kwargs)
=C2=A0 File "/usr/l= ocal/lib/python3.9/dist-packages/psycopg/connection.py", line 722, in = execute
=C2=A0 =C2=A0 raise ex.with_traceback(None)
psycopg.errors.Sy= ntaxError: syntax error at or near "$1"
LINE 1: ALTER USER pos= tgres WITH PASSWORD $1
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ^
PostgreSQL server log:

2022-01-05 17:35:25.831 CET [58] ERROR: =C2=A0syntax error at or near = "$1" at character 35
2022-01-05 17:35:25.831 CET [58] STA= TEMENT: =C2=A0ALTER USER postgres WITH PASSWORD $1

Passwords can also contain special characters. If I can't use paramete= rs to do this, then how should I quote them in a safe way?

Thank you,

=C2=A0=C2=A0 Laszlo
=

--0000000000004a514805d4d871c5--