By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
444,199 Members | 1,191 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 444,199 IT Pros & Developers. It's quick & easy.

Quoting sql queries with the DB-API

P: n/a
I'm used to using the perl DBI and not very familiar with the python
DB-API. I am using PyGreSQL. My question is what is the standard way
to quote strings in sql queries? I didn't see any quoting functions
in the DB-API docs. Is quoting handled internally by the PyGreSQL
module?

Also, is this a good way to use variables in an insert/update
statement, or is there a better way?

sql = "insert into test(a,b) values('%s','%s')" % (a,b)
cursor.execute(sql)
Chris
Jul 18 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
snacktime wrote:
I'm used to using the perl DBI and not very familiar with the python
DB-API. I am using PyGreSQL. My question is what is the standard way
to quote strings in sql queries? I didn't see any quoting functions
in the DB-API docs. Is quoting handled internally by the PyGreSQL
module?

Also, is this a good way to use variables in an insert/update
statement, or is there a better way?

sql = "insert into test(a,b) values('%s','%s')" % (a,b)
cursor.execute(sql)


If you do it like this:

sql = "INSERT INTO test(a, b) VALUES(%s, %s)" # no quotes around the %s
cursor.execute(sql, (a, b))

Then the quoting will be handled automatically for you.
Jul 18 '05 #2

P: n/a
> > Also, is this a good way to use variables in an insert/update
statement, or is there a better way?

sql = "insert into test(a,b) values('%s','%s')" % (a,b)
cursor.execute(sql)


If you do it like this:

sql = "INSERT INTO test(a, b) VALUES(%s, %s)" # no quotes around the %s
cursor.execute(sql, (a, b))

Then the quoting will be handled automatically for you.


Ah makes sense, thanks for the tip that was exactly what I needed.

Chris
Jul 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.