DDL语句不支持Bind variables

[leon1208]

cx_Oracle官方说明：Bind variables also cannot be used in DDL statements, such as CREATE TABLE or ALTER statements.
恢复至1.9.1的写法
fix #2252

[codecov]

Codecov Report

Patch coverage: 50.00% and no project coverage change.

Comparison is base (5e5c0f8) 75.53% compared to head (85090a9) 75.53%.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #2257   +/-   ##
=======================================
  Coverage   75.53%   75.53%           
=======================================
  Files         107      107           
  Lines       15456    15456           
=======================================
  Hits        11674    11674           
  Misses       3782     3782           

Files Changed	Coverage Δ
sql/engines/oracle.py	50.45% <50.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[LeoQuote]

该更改是为了防止 sql 注入, 你的写法据我所知可能不能防止 sql 注入, 你能确认一下吗?

另外在修改时, 请勿注释, 请直接删除不需要的代码.

[leon1208]

oracle的DDL语句不支持绑定变量，这里要防止sql注入的话，得把db_name和数据库或者schema的清单做一次比对才行

[LeoQuote]

有没有类似转义的方法，可以把内部的特殊字符转义掉呢？

[lanheader]

我也遇到了，这里修改以后就可以了

[LeoQuote]

replaced by #2266