Python Google Ads: Escape user input for GAQL queries
163 views
Skip to first unread message
Alex Mohr
Aug 11, 2021, 7:42:11 PM8/11/21
to AdWords API and Google Ads API Forum
What's the best way to escape user input for use in GAQL queries when searching with the GoogleAdsService with the Python client library?
For example:
search = "Something from user input"
query = f"SELECT campaign.id FROM campaign WHERE campaign.name LIKE '%{search}%'"
google_ads_service.search(customer_id='XXXYYYZZZZ', query=query)
If the user enters quote or backslash characters, the query breaks
Google Ads API Forum Advisor
Aug 12, 2021, 2:51:47 PM8/12/21
to alex...@tradablebits.com, adwor...@googlegroups.com
Hi Alex,
You can get support for the Python Client Library from its issue tracker.
Regards,
ref:_00D1U1174p._5004Q2LmYRT:ref
You can get support for the Python Client Library from its issue tracker.
Regards,
|
||||||
ref:_00D1U1174p._5004Q2LmYRT:ref
Alex Mohr
Aug 13, 2021, 11:47:44 AM8/13/21
to AdWords API and Google Ads API Forum
This seems like an issue with all of the client libraries. How do you build a GAQL query with untrusted user input? is there a query builder interface that sanitizes input?
Google Ads API Forum Advisor
Aug 16, 2021, 9:44:38 PM8/16/21
to alex...@tradablebits.com, adwor...@googlegroups.com
Hello Alex,
Thanks for getting back to us.
You can utilize this Google Ads Query Builder to validate your query. With regard to those escape characters inputted by users, you can use regular expressions to validate user inputs.
As an aside, we suggest that you raise this to the client library owners (issue tracker for Python) as also mentioned by Aryeh.
Regards,
|
||||||
ref:_00D1U1174p._5004Q2LmYRT:ref
Reply all
Reply to author
Forward
0 new messages