Using strings with ' in them in SQL-queries

Doug Stanfield DOUGS at oceanic.com
Wed May 31 06:39:24 CEST 2000


I do it thus:

----snick----
query = query + "account.account_number LIKE '" + str(value) + "%'"
----snack----

-Doug-

> -----Original Message-----
> From: thomas at cintra.no [mailto:thomas at cintra.no]
> Sent: Tuesday, May 30, 2000 10:28 AM
> To: python-list at python.org
> Subject: Using strings with ' in them in SQL-queries
> 
> 
> Hi,
> 
> I need to insert strings with ' in them in query-strings. I`m using
> the PostgreSQL-database. 
> 
> If I try stuff like this :
> 
> db = _pg.connection(....)
> db.query('insert into test (id, name) value (1, 'fdsfds''fdsf') ')
> 
> That works ok. But the string I need to insert I get from a variable. 
> I cannot seem to use a variable in the query-string. Is there any way
> around this? How can I handle characters in strings that may
> comprimise the requirements of a valid sql-statement??
> 
> Thomas
> 
> 
> -- 
> http://www.python.org/mailman/listinfo/python-list
> 




More information about the Python-list mailing list