Quoting sql queries with the DB-API
From: snacktime (snacktime_at_gmail.com)
Date: 01/24/05
- Next message: Peter Hansen: "Re: Set parity of a string"
- Previous message: Peter Hansen: "Re: OT: problems mirroring python-list to c.l.py?"
- Next in thread: Leif K-Brooks: "Re: Quoting sql queries with the DB-API"
- Reply: Leif K-Brooks: "Re: Quoting sql queries with the DB-API"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 23 Jan 2005 16:00:48 -0800 To: python-list@python.org
I'm used to using the perl DBI and not very familiar with the python
DB-API. I am using PyGreSQL. My question is what is the standard way
to quote strings in sql queries? I didn't see any quoting functions
in the DB-API docs. Is quoting handled internally by the PyGreSQL
module?
Also, is this a good way to use variables in an insert/update
statement, or is there a better way?
sql = "insert into test(a,b) values('%s','%s')" % (a,b)
cursor.execute(sql)
Chris
- Next message: Peter Hansen: "Re: Set parity of a string"
- Previous message: Peter Hansen: "Re: OT: problems mirroring python-list to c.l.py?"
- Next in thread: Leif K-Brooks: "Re: Quoting sql queries with the DB-API"
- Reply: Leif K-Brooks: "Re: Quoting sql queries with the DB-API"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
