473,385 Members | 1,342 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > mxodbc argv sql query

Join Bytes to post your question to a community of 473,385 software developers and data experts.

mxODBC argv sql query

This can't be the most elegant way to get a command line parameter into
an sql query. It works but I can't explain why. Is there another, more
correct way? Here sys.argv[1] is a topic like "laugher" or "technology"

import mx.ODBC.Windows as odbc
import sys

driv='DRIVER={Microsoft Access Driver (*.mdb)};DBQ=d:/Access
Databases/Quotations2005'

conn = odbc.DriverConnect(driv)
c = conn.cursor()

c.execute ("SELECT Author, Topics.Topic1, Topic2, Quote FROM QUOTES7
WHERE Topics.Topic1 LIKE '%%%s%%'" % sys.argv[1])

rows = c.fetchall()

Dec 12 '05 #1
1 1196
BartlebyScrivener wrote:
This can't be the most elegant way to get a command line parameter into
an sql query. It works but I can't explain why. Is there another, more
correct way? Here sys.argv[1] is a topic like "laugher" or "technology"

import mx.ODBC.Windows as odbc
import sys

driv='DRIVER={Microsoft Access Driver (*.mdb)};DBQ=d:/Access
Databases/Quotations2005'

conn = odbc.DriverConnect(driv)
c = conn.cursor()

c.execute ("SELECT Author, Topics.Topic1, Topic2, Quote FROM QUOTES7
WHERE Topics.Topic1 LIKE '%%%s%%'" % sys.argv[1])

rows = c.fetchall()


Try

c.execute ("""SELECT Author, Topics.Topic1, Topic2, Quote FROM QUOTES7
WHERE Topics.Topic1 LIKE ?""", ("%"+sys.argv[1],)

First, note that mx.ODBC uses paramstyle qmark bydefault. If you look in
the DB API manual you'll see that the cursor execute() method can take a
second argument which is a tuple of data values to replace the parameter
marks in the statement.

The parameterised query is the best way to avoid the potential for "SQL
injection" exploits against your program.

regards
Steve
--
Steve Holden +44 150 684 7255 +1 800 494 3119
Holden Web LLC www.holdenweb.com
PyCon TX 2006 www.python.org/pycon/

Dec 12 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
string " removed from argv input
by: devlanguage | last post by:
Hi, The string " which is part of the argv input is removed. // test input : ./a.out dev "query" // actual output : query output // expected output : "query" output #include...
C / C++
4
mxODBC sql MSAccess
by: BartlebyScrivener | last post by:
Hello, I'm new to python and trying to get records from an MSAccess database using mxODBC. It works, but the output is not formatted the way I want it. Here's the script: import...
Python
1
mxODBC problems
by: Sean Davis | last post by:
I have just installed mxODBC on my x86_64 suse linux machine, where I use unixODBC for connection. Running queries from isql or DataManager works fine for the DSN that I am using. However, under...
Python
0
bartonc
Database Login now uses mxODBC
by: bartonc | last post by:
With one small change to the view/control: self.staticText3 = wx.StaticText(id=wxID_DBCONNECTDIALOGSTATICTEXT3, label='ODBC Data Source Name', name='staticText3',...
Python
3
Understanding mxODBC Insert Error
by: Greg Corradini | last post by:
Hello, I'm trying to perform a simple insert statement into a table called Parcel_Test (see code below). Yet, I get an error message that I've never seen before (see traceback below). I've tried...
Python
0
bartonc
DB Connection Manager now supports mxODBC, win32ODBC and PyODBC
by: bartonc | last post by:
This is a work in progress (current and active). There are some issues to resolve in supporting multiple connection types and I plan to add PySQLite to the mix. The this update is due to my...
Python
2
main - argv lowercase strings
by: Bob Nelson | last post by:
Concerning program startup in a hosted environment, both C90 and C99 require that the implementation provide main's ``argv'' strings in lowercase if the host environment is not capable of supply...
C / C++
0
Re: ANN: eGenix mxODBC - ODBC Database Interface for Python 3.0.2
by: Terry Reedy | last post by:
FYI I initially parsed the subject line as "eGenix mxODBC - ODBC Database Interface" for "Python 3.0.2" and thought, "Wow, already prepared for the future" (6 months to a year) ;-). tjr
Python
0
Re: [egenix-info] Re: ANN: eGenix mxODBC - ODBC Database Interfacefor Python 3.0.2
by: eGenix Team: M.-A. Lemburg | last post by:
On 2008-10-15 20:30, Terry Reedy wrote: It's going to look even better when we release version 4.0 in a year or so ;-) FWIW, we're still waiting for the dust to settle before going for a Py3k...
Python
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!