fixed colons in quoted strings

Author: dmalan

setup.py

@@ -16,5 +16,5 @@
     package_dir={"": "src"},
     packages=["cs50"],
     url="https://github.com/cs50/python-cs50",
-    version="4.0.3"
+    version="4.0.4"
 )

src/cs50/sql.py

@@ -212,12 +212,26 @@ def execute(self, sql, *args, **kwargs):
                     "value" if len(keys) == 1 else "values",
                     ", ".join(keys)))
 
+        # For SQL statements where a colon is required verbatim, as within an inline string, use a backslash to escape
+        # https://docs.sqlalchemy.org/en/13/core/sqlelement.html?highlight=text#sqlalchemy.sql.expression.text
+        for index, token in enumerate(tokens):
+
+            # In string literal
+            # https://www.sqlite.org/lang_keywords.html
+            if token.ttype == sqlparse.tokens.Literal.String.Single:
+                token.value = re.sub("(^'|\s+):", "\\1\\:", token.value)
+
+            # In identifier
+            # https://www.sqlite.org/lang_keywords.html
+            elif token.ttype == sqlparse.tokens.Literal.String.Symbol:
+                token.value = re.sub("(^\"|\s+):", "\\1\\:", token.value)
+
         # Join tokens into statement
         statement = "".join([str(token) for token in tokens])
 
         # Catch SQLAlchemy warnings
         with warnings.catch_warnings():
-            
+
             # Raise exceptions for warnings
             warnings.simplefilter("error")
 

tests/sqlite.py

@@ -31,6 +31,8 @@
 db.execute("SELECT * FROM Employee WHERE FirstName = :1 AND LastName = :2", ["Andrew", "Adams"])
 db.execute("SELECT * FROM Employee WHERE FirstName = :1 AND LastName = :2", ("Andrew", "Adams"))
 
+db.execute("SELECT * FROM Employee WHERE FirstName = ':Andrew :Adams'")
+
 db.execute("SELECT * FROM Employee WHERE FirstName = :first AND LastName = :last", first="Andrew", last="Adams")
 db.execute("SELECT * FROM Employee WHERE FirstName = :first AND LastName = :last", {"first": "Andrew", "last": "Adams"})