Pyodbc查询字符串引用转义 [英] Pyodbc query string quote escaping
本文介绍了Pyodbc查询字符串引用转义的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用带有此类代码的pyodbc执行查询
I'm trying to execute a query using pyodbc with this kind of code
cursor.execute("SELECT x from y where Name='%s'"%namepar)
该参数可能带有引号,因此为了工作需要逃脱,我该怎么办?我尝试通过在namepar中简单地用 \\替换,但仍然不起作用,我得到了pyodbc.ProgrammingError
The parameter may have a quote and so it needs to be escaped in order to work, how do i do thos? I tried by simply replacing " ' " with " \\' " in namepar and it still doesn't work, I get a pyodbc.ProgrammingError
推荐答案
您可以传递参数,该参数将被转义。
You can pass parameters, and that will be escaped.
cursor.execute("SELECT x from y where Name = ?", (namepar,))
http://www.python.org/dev/peps/pep-0249/#id15
http://code.google.com/p/pyodbc/wiki/Cursor
这篇关于Pyodbc查询字符串引用转义的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文