[DB-SIG] paramstyles (mysql string length?)

Ian Bicking ianb at colorstudy.com
Thu Apr 20 23:29:37 CEST 2006

Paul DuBois wrote:
> On 4/20/06 13:08, "Dieter Maurer" <dieter at handshake.de> wrote:
>>M.-A. Lemburg wrote at 2006-4-19 20:36 +0200:
>>>Actually, I don't think that parsing SQL is really necessary
>>>at all: in all the years I've used qmark style, I've never come
>>>across a situation where a SQL literal would include a question
>>I do not think this is a good idea. '?' are perfectly legal
>>in string literals and there they conventionally
>>do *NOT* mean "insert a parameter".
> Umm ... thing is, the ? placeholder markers in a SQL string _don't_ occur
> within string literals.  That is, when you construct a SQL statement
> containing placeholder markers, you don't write the placeholders within
> quote marks.  The parameter substitution mechanism adds quotes as necessary
> when it substitutes a data value for a placeholder.

He's referring to something like this:

   def get_androgenous_users(state):
       execute("SELECT * FROM users WHERE state = ? and gender = '?',

Ian Bicking  /  ianb at colorstudy.com  /  http://blog.ianbicking.org

More information about the DB-SIG mailing list